Bug 111910 - pseudo random generation is not secure
Summary: pseudo random generation is not secure
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel
Version: 3.0
Hardware: s390
OS: Linux
high
high
Target Milestone: ---
Assignee: Pete Zaitcev
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks: 107562
TreeView+ depends on / blocked
 
Reported: 2003-12-11 15:23 UTC by Ingolf Salm
Modified: 2007-11-30 22:06 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-01-16 15:25:24 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Ingolf Salm 2003-12-11 15:23:49 UTC 
Description of problem:
symptom: z90crypt_read returns predictable numbers
problem: each call to z90crypt_read requires additional entropy
solution: in s390_ksyms, externalize the function urandom_read in 
z90main, replace the current pseudo-random number generation code 
with a call to urandom-read
Comment 1 Pete Zaitcev 2004-01-13 04:50:36 UTC 
We do NOT allow z90crypt_read at all. This is not applicable to RHEL 3.
I would like Ingolf to confirm in case I misunderstand something in the
report description, so I am not closing this but only NEEDINFO-ing
while he investigates.
Comment 4 Bob Johnson 2004-01-15 20:37:12 UTC 
Ingolf,
Need some more info from you by end of business on 1/16/04 if possible.
Comment 5 Ingolf Salm 2004-01-16 14:18:27 UTC 
Bob,
This problem is fixed in z90crypt that you have in Update 1. We can 
close this bugzilla, if you provide hw crypto support in U1.
Comment 6 Pete Zaitcev 2004-01-16 15:25:24 UTC 
I suppose we can skip the MODIFIED state and close.
Consider this modified in 2.4.21-7.EL for tracking.
Closing.
Comment 7 Ernie Petrides 2005-10-06 01:45:01 UTC 
This was fixed in RHEL3 U1.
Note You need to log in before you can comment on or make changes to this bug.