Announcement

Collapse
No announcement yet.

Systemd Will Now Use RdRand Directly If The Kernel Can't Deliver Entropy

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    Systemd Will Now Use RdRand Directly If The Kernel Can't Deliver Entropy

    Phoronix: Systemd Will Now Use RdRand Directly If The Kernel Can't Deliver Entropy

    Systemd will now resort to using Intel's RdRand hardware random number generator directly if the Linux kernel is unable to provide the init system with sufficient entropy...

    Systemd Will Now Use RdRand Directly If The Kernel Can't Deliver Entropy - Phoronix
    http://www.phoronix.com/scan.php?page=news_item&px=Systemd-RdRand-Direct
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Originally posted by phoronix View Post
    But with many not trusting hardware random number generators, this support can be disabled by changing the systemd high_quality_required option to false. Under that condition, the kernel is the only source of entropy.
    I barely know anything about systemd. Why should high_quality_required be false if, in a sense, "trusted" = "high quality"? Wouldn't that make it so that a trusted source is not required, and hence enable using RdRand? Or does it refer to quality in terms of bootup performance?
    • Likes 2

    Comment

    • #3
      Originally posted by busukxuan View Post

      I barely know anything about systemd. Why should high_quality_required be false if, in a sense, "trusted" = "high quality"? Wouldn't that make it so that a trusted source is not required, and hence enable using RdRand? Or does it refer to quality in terms of bootup performance?
      I think it refers to quality in terms of their imagination. This entire dilemma is completely pointless, this entire process could be completely removed and absolutely nobody would notice, It is utterly unnecessary.
      • Likes 1

      Comment

      • #4
        Originally posted by busukxuan View Post

        I barely know anything about systemd. Why should high_quality_required be false if, in a sense, "trusted" = "high quality"? Wouldn't that make it so that a trusted source is not required, and hence enable using RdRand? Or does it refer to quality in terms of bootup performance?
        The name makes no sense. Based on Michael's article I would have called it fallback_to_rdrand or fallback_to_cpu_rng or something like that.

        To me high_quality_required implies that it will not use only the trusted and possibly compromised CPU RNG features. high_quality_required == true intuitively should mean that systemd should hang while it waits for an actual secure, high quality source of randomness, provided by the kernel.
        • Likes 2

        Comment

        • #5
          Originally posted by cybertraveler View Post
          To me high_quality_required implies that it will not use only the trusted and possibly compromised CPU RNG features. high_quality_required == true intuitively should mean that systemd should hang while it waits for an actual secure, high quality source of randomness, provided by the kernel.
          Michael's explanation is wrong. This is actually used only if that option is false. From the commit:
          This is only hooked up with 'high_quality_required' is false. If we
          require high quality entropy the kernel is the only source we should
          use.
          • Likes 5

          Comment

          • #6
            Originally posted by Tomin View Post

            Michael's explanation is wrong. This is actually used only if that option is false. From the commit:
            Ah, ok. That makes perfect sense! If I had faith in systemd, then my faith would have been restored!

            Pinging Michael - you might want to verify Tomin's comment and fix the error. Tomin is suggesting that this:

            But with many not trusting hardware random number generators, this support can be disabled by changing the systemd high_quality_required option to false.
            ... should actually be this:

            But with many not trusting hardware random number generators, this support can be disabled by changing the systemd high_quality_required option to true.
            (change in bold)
            • Likes 1

            Comment

            • #7
              Maybe more like "this support is enabled only if high_quality_required option is false." I don't know which is the default. Also the code in the commit seems to do exactly this: rdrand is only used if high_quality_required is false.
              • Likes 1

              Comment

              • #8
                What in the early boot process can not be shunted backwards as the system gains entropy on boot?
                Has systemd become it's own crypto library as well?
                I still think they make retarded design decisions.
                What about low entropy systems like embedded sensor systems with a network?
                • Likes 2

                Comment

                • #9
                  What's the story with trusting or not trusting it? Why is there no clear answer to that?

                  Comment

                  • #10
                    Originally posted by shmerl View Post
                    What's the story with trusting or not trusting it? Why is there no clear answer to that?
                    The point is; RdRand is something that requires trust. IE to rely on it you must trust that Intel have implemented a truly secure RNG in their CPUs. You must trust that Intel have not made a technical mistake that can be exploited ( clears throat ) and that they have not been compromised.

                    Comment

                    Previous 1 2 3 template Next
                    Working...
                    X