search for: drbg

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...de at least 4 (?) non-zero > numbers to each guest. > > Xen does not have a continual source of entropy and the only feasible > way is for the toolstack to provide each guest with a fixed size pool of > random data during guest creation. > Xen could seed a very simple per-guest DRBG at guest startup and then let the rdmsr call read from it. > The fixed size pool could be refilled by the guest if further random > data is needed (e.g., before an in-guest kexec). That gets complicated. Then you need an API to refill it. > >> wrmsr(MSR_COMMONHV_RNG) offers the h...

...de at least 4 (?) non-zero > numbers to each guest. > > Xen does not have a continual source of entropy and the only feasible > way is for the toolstack to provide each guest with a fixed size pool of > random data during guest creation. > Xen could seed a very simple per-guest DRBG at guest startup and then let the rdmsr call read from it. > The fixed size pool could be refilled by the guest if further random > data is needed (e.g., before an in-guest kexec). That gets complicated. Then you need an API to refill it. > >> wrmsr(MSR_COMMONHV_RNG) offers the h...

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...| 2 +- crypto/adiantum.c | 2 +- crypto/ahash.c | 4 +-- crypto/api.c | 2 +- crypto/asymmetric_keys/verify_pefile.c | 4 +-- crypto/deflate.c | 2 +- crypto/drbg.c | 10 +++--- crypto/ecc.c | 8 ++--- crypto/ecdh.c | 2 +- crypto/gcm.c | 2 +- crypto/gf128mul.c | 4 +-- crypto/jitterentropy-kcapi.c...

...in configuring Dovecot's TLS so as to retain forward secrecy, but eliminate all of NIST's elliptic curves. Besides being subject to side channel attacks [1], in some quarters there is a general distrust of NIST's curves and any of their other cryptographic primitives after the Dual EC DRBG debacle. >From what I can tell, the following will prevent the use of NIST's curves (along with other dangerous primitives) in Dovecot, but this is accomplished by simply disabling EECDH entirely. ssl_cipher_list = HIGH:!DSS:!EECDH:!ECDH:!SHA1:!aNULL:!eNULL:@STRENGTH This should still re...

...q garp mrp bridge stp llc vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) cmac bnep intel_rapl snd_hda_codec_hdmi btusb btrtl btbcm x86_pkg_temp_thermal btintel intel_powerclamp bluetooth nls_ascii nls_cp437 coretemp vfat fat kvm_intel jitterentropy_rng kvm snd_hda_codec_realtek snd_hda_codec_generic drbg irqbypass crct10dif_pclmul ansi_cprng crc32_pclmul snd_hda_intel ghash_clmulni_intel joydev ecdh_generic snd_hda_codec intel_cstate snd_hda_core efi_pstore snd_hwdep snd_pcm eeepc_wmi asus_wmi snd_timer intel_uncore mei_me pcc_cpufreq snd sparse_keymap iTCO_wdt mei intel_rapl_perf rfkill efiva...

...mi snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep mei_me dcdbas snd_pcm snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device snd_timer snd soundcore mei shpchp lpc_ich 8250_fintek mac_hid serio_raw binfmt_misc parport_pc ppdev lp parport drbg ansi_cprng dm_crypt hid_generic usbhid hid uas usb_storage nouveau mxm_wmi wmi i2c_algo_bit ttm drm_kms_helper crct10dif_pclmul crc32_pclmul syscopyarea sysfillrect sysimgblt fb_sys_fops aesni_intel aes_x86_64 lrw gf128mul glue_helper e1000e drm ablk_helper cryptd psmouse ahci ptp libahci pps_core...

...rz at gmail.com QA Contact: xorg-team at lists.x.org BUG: unable to handle kernel paging request at ffffc9000327f018 IP: [<ffffffff81533a4d>] reservation_object_wait_timeout_rcu+0x31d/0x510 PGD 13a8a1067 PUD 13a8a2067 PMD 31d16067 PTE 0 Oops: 0000 [#1] PREEMPT SMP Modules linked in: drbg ctr ccm rfcomm bnep binfmt_misc arc4 iwldvm mac80211 iwlwifi uvcvideo cfg80211 snd_hda_codec_hdmi rtsx_usb snd_hda_codec_idt snd_hda_codec_generic btusb videobuf2_vmalloc snd_hda_intel btrtl snd_hda_codec btbcm videobuf2_memops btintel bluetooth videobuf2_v4l2 videobuf2_core v4l2_common snd_hwdep v...

...e stp llc vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) > cmac bnep intel_rapl snd_hda_codec_hdmi btusb btrtl btbcm > x86_pkg_temp_thermal btintel intel_powerclamp bluetooth nls_ascii > nls_cp437 coretemp vfat fat kvm_intel jitterentropy_rng kvm > snd_hda_codec_realtek snd_hda_codec_generic drbg irqbypass > crct10dif_pclmul ansi_cprng crc32_pclmul snd_hda_intel > ghash_clmulni_intel joydev ecdh_generic snd_hda_codec intel_cstate > snd_hda_core efi_pstore snd_hwdep snd_pcm eeepc_wmi asus_wmi snd_timer > intel_uncore mei_me pcc_cpufreq snd sparse_keymap iTCO_wdt mei > intel_ra...

.../dev/random is a legacy interface which dates back to a time when people didn't have as much trust in the cryptographic primitives --- when there was concerns that the NSA might have put a back-door into SHA-1, for example. (As it turns out; we were wrong. NSA put the back door into Dual EC DRBG.) So it uses a strategy of an extremely conservative entropy estimator, and will allow N bytes to be /dev/random pool as the entropy estimator believes that it has gathered at least N bytes of entropy from environmental noise. /dev/urandom uses a different output pool from /dev/random (the random...

.../dev/random is a legacy interface which dates back to a time when people didn't have as much trust in the cryptographic primitives --- when there was concerns that the NSA might have put a back-door into SHA-1, for example. (As it turns out; we were wrong. NSA put the back door into Dual EC DRBG.) So it uses a strategy of an extremely conservative entropy estimator, and will allow N bytes to be /dev/random pool as the entropy estimator believes that it has gathered at least N bytes of entropy from environmental noise. /dev/urandom uses a different output pool from /dev/random (the random...

...patch, since I see a livelock on resume, but not the same console deadlock. Just in case anyone is interested: Jul 13 17:05:59 acer kernel: [24873.945839] NMI watchdog: BUG: soft lockup - CPU#2 stuck for 22s! [kworker/2:1:8370] Jul 13 17:05:59 acer kernel: [24873.946563] Modules linked in: rfcomm drbg ansi_cprng ctr ccm arc4 bnep ath10k_pci ath10k_core snd_hda_codec_hdmi snd_hda_codec_realtek ath snd_hda_co dec_generic snd_hda_intel mac80211 snd_hda_codec binfmt_misc snd_hda_core nls_iso8859_1 snd_hwdep btusb btrtl snd_pcm btbcm rtsx_usb_ms btintel x86_pkg_temp_thermal uvcvideo acer_wmi intel_p...

...in8 or newer. Were there any other ACPI messages (like an infinite loop) preceding this dmesg? Peter > Jul 13 17:05:59 acer kernel: [24873.945839] NMI watchdog: BUG: soft lockup - CPU#2 stuck for 22s! [kworker/2:1:8370] > Jul 13 17:05:59 acer kernel: [24873.946563] Modules linked in: rfcomm drbg ansi_cprng ctr ccm arc4 bnep ath10k_pci ath10k_core snd_hda_codec_hdmi snd_hda_codec_realtek ath snd_hda_co > dec_generic snd_hda_intel mac80211 snd_hda_codec binfmt_misc snd_hda_core nls_iso8859_1 snd_hwdep btusb btrtl snd_pcm btbcm rtsx_usb_ms btintel x86_pkg_temp_thermal uvcvideo acer_wmi &gt...

Am Freitag, 29. Juli 2016, 10:14:07 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 15:12:30 +0200 > > Stephan Mueller <smueller at chronox.de> wrote as excerpted: > > Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: > > > In my opinion, assuming I am not doing something terribly wrong, > > > this constitutes a bug in the kernel's

Am Freitag, 29. Juli 2016, 10:14:07 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 15:12:30 +0200 > > Stephan Mueller <smueller at chronox.de> wrote as excerpted: > > Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: > > > In my opinion, assuming I am not doing something terribly wrong, > > > this constitutes a bug in the kernel's