Zack's Kernel News
Zack's Kernel News

This month we discuss replacing the random number generator, checking when a process dumps core, fixing filesystem security issues, and adding build dependencies to clean the source tree.
Replacing the Random Number Generator
Stephan Müller ran into difficulties when he tried to do a wholesale replacement of the Linux random number generator (LRNG). A good source of random numbers is crucial for securing running systems against certain kinds of attacks. Stephan felt that the existing RNG code suffered from design flaws that required a full rewrite.
In particular, he said that the old /dev/random
implementation had once been sufficient, but now was having trouble providing good randomness for embedded systems and other newer hardware on the market. Stephan felt that LRNG could work as a simple drop-in replacement for /dev/random
so that user code would never notice the change.
However, regardless of the value of Stephan's implementation, Greg Kroah-Hartman said that making such a big change all at once, to such a crucial piece of the kernel, was not a good idea. He suggested submitting a series of smaller patches that would gradually implement what Stephan had in mind.
[...]
Buy this article as PDF
(incl. VAT)