Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753631AbdHQU5M (ORCPT ); Thu, 17 Aug 2017 16:57:12 -0400 Received: from mail-io0-f196.google.com ([209.85.223.196]:32880 "EHLO mail-io0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753570AbdHQU5K (ORCPT ); Thu, 17 Aug 2017 16:57:10 -0400 Message-ID: <1503003427.1514.6.camel@gmail.com> Subject: Re: [PATCHv3 2/2] extract early boot entropy from the passed cmdline From: Daniel Micay To: "Theodore Ts'o" , Laura Abbott Cc: Kees Cook , kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Andrew Morton Date: Thu, 17 Aug 2017 16:57:07 -0400 In-Reply-To: <1502943802.3986.38.camel@gmail.com> References: <20170816231458.2299-1-labbott@redhat.com> <20170816231458.2299-3-labbott@redhat.com> <20170817033148.ownsmbdzk2vhupme@thunk.org> <1502943802.3986.38.camel@gmail.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.24.5 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 450 Lines: 11 > I did say 'external attacker' but it could be made clearer. Er, s/say/mean to imply/ I do think it will have some local value after Android 8 which should start shipping in a few days though. I'll look into having the kernel stash some entropy in pstore soon since that seems like it could be a great improvement. I'm not sure how often / where it should hook into for regularly refreshing it though. Doing it only on powering down isn't ideal.