UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
767,463 Commits 6 Branches 27 Tags 3.2 GiB
C 97%
Assembly 1.4%
C++ 0.6%
Makefile 0.3%
Shell 0.3%
Other 0.3%
Go to file
Theodore Ts'o 81e69df38e random: mix rdrand with entropy sent in from userspace 
Fedora has integrated the jitter entropy daemon to work around slow
boot problems, especially on VM's that don't support virtio-rng:

    https://bugzilla.redhat.com/show_bug.cgi?id=1572944

It's understandable why they did this, but the Jitter entropy daemon
works fundamentally on the principle: "the CPU microarchitecture is
**so** complicated and we can't figure it out, so it *must* be
random".  Yes, it uses statistical tests to "prove" it is secure, but
AES_ENCRYPT(NSA_KEY, COUNTER++) will also pass statistical tests with
flying colors.

So if RDRAND is available, mix it into entropy submitted from
userspace.  It can't hurt, and if you believe the NSA has backdoored
RDRAND, then they probably have enough details about the Intel
microarchitecture that they can reverse engineer how the Jitter
entropy daemon affects the microarchitecture, and attack its output
stream.  And if RDRAND is in fact an honest DRNG, it will immeasurably
improve on what the Jitter entropy daemon might produce.

This also provides some protection against someone who is able to read
or set the entropy seed file.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Cc: Arnd Bergmann <arnd@arndb.de>
 		2018-07-17 21:32:36 -04:00
Documentation USB fixes for 4.18-rc3 2018-07-01 11:50:16 -07:00
LICENSES LICENSES: Add Linux-OpenIB license text 2018-04-27 16:41:53 -06:00
arch ARM: SoC fixes for 4.18-rc 2018-07-08 14:12:46 -07:00
block for-linus-20180629 2018-06-30 10:47:46 -07:00
certs certs/blacklist: fix const confusion 2018-06-26 09:43:03 -07:00
crypto Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL 2018-06-28 10:40:47 -07:00
drivers random: mix rdrand with entropy sent in from userspace 2018-07-17 21:32:36 -04:00
firmware kbuild: remove all dummy assignments to obj- 2017-11-18 11:46:06 +09:00
fs Bug fixes for ext4; most of which relate to vulnerabilities where a 2018-07-08 11:10:30 -07:00
include Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-07-08 13:26:55 -07:00
init Kbuild fixes for v4.18 2018-06-30 13:05:30 -07:00
ipc ipc: use new return type vm_fault_t 2018-06-15 07:55:25 +09:00
kernel Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-07-08 12:41:23 -07:00
lib Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-07-02 11:18:28 -07:00
mm mm: teach dump_page() to correctly output poisoned struct pages 2018-07-03 17:32:19 -07:00
net net/smc: fix up merge error with poll changes 2018-07-03 09:53:43 -07:00
samples VFIO fixes for v4.18 2018-07-06 12:23:53 -07:00
scripts Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-07-02 11:18:28 -07:00
security selinux/stable-4.18 PR 20180629 2018-06-30 11:15:12 -07:00
sound ALSA: seq: Fix UBSAN warning at SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT ioctl 2018-06-25 11:18:04 +02:00
tools Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-07-08 11:57:40 -07:00
usr kbuild: rename built-in.o to built-in.a 2018-03-26 02:01:19 +09:00
virt KVM: arm64: Prevent KVM_COMPAT from being selected 2018-06-21 17:17:50 +01:00
.clang-format clang-format: add configuration file 2018-04-11 10:28:35 -07:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Kbuild updates for v4.17 (2nd) 2018-04-15 17:21:30 -07:00
.mailmap Merge branch 'asoc-4.17' into asoc-4.18 for compress dependencies 2018-04-26 12:24:28 +01:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS/CREDITS: Drop METAG ARCHITECTURE 2018-03-05 16:34:24 +00:00
Kbuild Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Kconfig kconfig: add basic helper macros to scripts/Kconfig.include 2018-05-29 03:31:19 +09:00
MAINTAINERS dmaengine fixes for v4.18-rc4 2018-07-07 17:29:08 -07:00
Makefile Linux 4.18-rc4 2018-07-08 16:34:02 -07:00
README Docs: Added a pointer to the formatted docs to README 2018-03-21 09:02:53 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.