kern/58548: kernel should incorporate DMI info into entropy pool

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/58548: kernel should incorporate DMI info into entropy pool
From: campbell+netbsd%mumble.net@localhost
Date: Sat, 3 Aug 2024 12:05:01 +0000 (UTC)

>Number:         58548
>Category:       kern
>Synopsis:       kernel should incorporate DMI info into entropy pool
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Aug 03 12:05:01 +0000 2024
>Originator:     Taylor R Campbell
>Release:        current, 10, 9, ...
>Organization:
The NetBSD Randuuidation
>Environment:
>Description:
Utility computing instances don't always provide random seeds, CPU instructions for entropy sources, or firmware access to entropy sources.

But they often do assign a randomly generated system UUID in the SMBIOS DMI info.  Although we have no idea how much entropy might go into this, and although we can't erase it, it will still help to distinguish other samples from multiple boots of the same software on the same hardware in different compute instances.
>How-To-Repeat:
run NetBSD on a utility computing host like OCI A1 instances that don't have random seeds
>Fix:
rnd_add_data the SMBIOS DMI info, or maybe in kern_pmf.c for the platform uuid and stuff

Prev by Date: Re: kern/58543: NPF rule with multiple addresses in "from" disregards source address constraint
Next by Date: Re: kern/58548: kernel should incorporate DMI info into entropy pool
Previous by Thread: PR/57172 CVS commit: src/usr.sbin/syslogd
Next by Thread: Re: kern/58548: kernel should incorporate DMI info into entropy pool
Indexes:

Home | Main Index | Thread Index | Old Index