Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp5734330ybe; Tue, 17 Sep 2019 12:36:02 -0700 (PDT) X-Google-Smtp-Source: APXvYqz1Xz/ANPK8nUq9nhYm65eVzCKDnQaHLeX7KiHVlJWTLY0Bg+GwCIQkzDszpiG6xvhUP2Cp X-Received: by 2002:a50:e04b:: with SMTP id g11mr6614778edl.302.1568748962456; Tue, 17 Sep 2019 12:36:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568748962; cv=none; d=google.com; s=arc-20160816; b=udyayXBHH5wKy7sJQ69c7WzEcdFoohNFLECkfw2jA3aTol5gi/BfqHejfAbX48dhRJ Ycfc0uXQbOKjELOkiZcxUomGXFBu/8AR1g023YjOOvIt1C6/YLfboW3kYOLQ6zjrqx5X HZfCY0PrOrfHmR1MXz8HI3t/uwO/6zP9nkmPhQt4x7xBnW38rma9LioM3lJCQXTLqvIi VsYFrapl3F+WyzH+O1ownvgnu0uMLYkyCKImlP4yVUW6Nq8EPneiOkrWN50GAQnbm+yu fjIq5kLEYMPToJY4V4xJeDtAlvFh8DoPvop6GNc55ls3OaNlf1/P6zrj58GSndJFz9cO jmyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=/Er0gbtf1RnNHz6mdrzuapZEA6kkymLwTpdFJ1HqQU4=; b=qbo/3Q+UB5pKKwJrl3tgoyMZ/rCxpvjUkLLlRKBHf9AUKsK4vtPI16wm7KrGQZCZ31 wpojCV3wMFPgZYu1mp4r5XQrAETFknRRN3CZwfhQ9KPXbnE9n37k/0KR1ycj9R3fR0GO YQhG38JvDYqU0oaNohY+MgNooQE+Kblt0Zxy9lMBPxJFwoHJ8K193cDrsmk5UMUCgXWb q11FUY5NWN8PxopGfavkr2uL8OAy8zVPT13gLRUllzP8wRA9e+/i+Rvo6JgYp3SUWkOr lTnWErDDWw1hQR9h8g6kxXaadsJiNDZvAHguibef9h8l+8jLSte1hzGiK+jk/XLGUyik Yatg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=HvP+vQgt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w13si1938257edx.361.2019.09.17.12.35.39; Tue, 17 Sep 2019 12:36:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=HvP+vQgt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728169AbfIQSBq (ORCPT + 99 others); Tue, 17 Sep 2019 14:01:46 -0400 Received: from mail-lf1-f44.google.com ([209.85.167.44]:35882 "EHLO mail-lf1-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726118AbfIQSBo (ORCPT ); Tue, 17 Sep 2019 14:01:44 -0400 Received: by mail-lf1-f44.google.com with SMTP id x80so3632485lff.3 for ; Tue, 17 Sep 2019 11:01:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/Er0gbtf1RnNHz6mdrzuapZEA6kkymLwTpdFJ1HqQU4=; b=HvP+vQgteoXL3yfoydiM6Z3RWF/sPvBd8S2iIsbEVja4KJe9Fsest2Y8FdeK6H1KRb qHlLfhbs1hWk+4zLWO+FtJSPwCPMIQ/Fxm7zGy+dSaUlkD+x/SIwFCXNAw6nN/tHknBN iPA8AbPat0lLjP6IRnGfhXLxkVO5dOqs+W19c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/Er0gbtf1RnNHz6mdrzuapZEA6kkymLwTpdFJ1HqQU4=; b=tp+LI2ZS3sLpNMET+skTIWxUTD3oOeqtasfw9AiQQo6iZACI76A+51PWElep8YRD1d 8nrcGGaNP2VMp+ULKKTN8NR33hAdUlPdULxyl9eLYpOvUHcB7WL3fP9KN3VIOBwSjPwF SYewo1sqCMRuf9+XRc7KzHbCjaVc+0IXQzM4F6bBacIWsQNQRKLdcV2c8qPWjoraZFWw IPJOIbvjFb0vWwmtBh6Wy03h3RNU/bGQIfEhlFf4CYZvfO3PnZNew0oFVri84YtlAywU 2i852efqRKSHtu1dVN2Ih8HYDwCmYadTR46ONCrnVPzO5A47mXD/QfYKBoZ0sQwbhgXj B+iQ== X-Gm-Message-State: APjAAAWc0UiV2v9AHKVoMp+a5j1oHH8lHcBiahzzUsJJr1ctMN8puFgr TMVKs5Oi0Txl0m7VQKMCj7Se8HSiMZo= X-Received: by 2002:ac2:5633:: with SMTP id b19mr2768536lff.103.1568743300763; Tue, 17 Sep 2019 11:01:40 -0700 (PDT) Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com. [209.85.167.44]) by smtp.gmail.com with ESMTPSA id 126sm651564lfh.45.2019.09.17.11.01.39 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 17 Sep 2019 11:01:40 -0700 (PDT) Received: by mail-lf1-f44.google.com with SMTP id c195so3604223lfg.9 for ; Tue, 17 Sep 2019 11:01:39 -0700 (PDT) X-Received: by 2002:ac2:5a4c:: with SMTP id r12mr2723201lfn.52.1568743299497; Tue, 17 Sep 2019 11:01:39 -0700 (PDT) MIME-Version: 1.0 References: <20190917052438.GA26923@1wt.eu> <2508489.jOnZlRuxVn@merkaba> <20190917121156.GC6762@mit.edu> <20190917123015.sirlkvy335crozmj@debian-stretch-darwi.lab.linutronix.de> <20190917160844.GC31567@gardel-login> <20190917174219.GD31798@gardel-login> In-Reply-To: <20190917174219.GD31798@gardel-login> From: Linus Torvalds Date: Tue, 17 Sep 2019 11:01:23 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Linux 5.3-rc8 To: Lennart Poettering Cc: "Ahmed S. Darwish" , "Theodore Y. Ts'o" , Willy Tarreau , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , "Alexander E. Patrakov" , zhangjs , linux-ext4@vger.kernel.org, lkml Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 17, 2019 at 10:42 AM Lennart Poettering wrote: > > So I think people nowadays prefer getrandom() over /dev/urandom > primarily because of the noisy logging the kernel does when you use > the latter on a non-initialized pool. If that'd be dropped then I am > pretty sure that the porting from /dev/urandom to getrandom() you see > in various projects (such as gdm/x11) would probably not take place. Sad. So people were actually are perfectly happy with urandom, but you don't want the warning, so you use getrandom() and as a result your boot blocks. What a sad sad reason for a bug. Btw, having a "I really don't care deeply about some long-term secure key" flag would soilve that problem too. We'd happily and silently give you data. The only reason we _do_ that silly printout for /dev/urandom is exactly because /dev/random wasn't useful even for the people who _really_ wanted secure randomness, so they started using /dev/urandom despite the fact that it didn't necessarily have any entropy at all. So this all actually fundamentally goes back to the absolutely horrid and entirely wrong semantics of /dev/random that made it entirely useless for the only thing it was actually designed for. This is also an example of how hard-line "security" people that don't see the shades of gray in between black and white are very much part of the problem. If you have some unreasonable hard requirements, you're going to do the wrong thing in the end. At some point even security people need to realize that reality isn't black-and-white. It's not also keeping us from making any sane progress, I feel, because of that bogus "entropy is sacred", despite the fact that our entropy calculations are actually just random made-up stuff (but "hey, reasonable") to begin with and aren't really black-and-white themselves. > In fact, speaking for systemd: the noisy logging in the kernel is the > primary (actually: only) reason that we prefer using RDRAND (if > available) over /dev/urandom if we need "medium quality" random > numbers, for example to seed hash tables and such. If the log message > wasn't there we wouldn't be tempted to bother with RDRAND and would > just use /dev/urandom like we used to for that. That's also very sad. If we have rdrand, we'll actually mix it into /dev/urandom regardless, so it's again just the whole "people started using urandom for keys because random was broken" that is the cause of this all. I really really detest the whole inflexible "security" mindset. > We can make boot hang in "sane", discoverable way. That is certainly a huge advantage, yes. Right now I suspect that what has happened is that this has probably been going on as some low-level background noise for a while, and people either figured it out and switched away from gdm (example: Christoph), or more likely some unexplained boot problems that people just didn't chase down. So it took basically a random happenstance to make this a kernel issue. But "easily discoverable" would be good. > The reason why I think this should also be logged by the kernel since > people use netconsole and pstore and whatnot and they should see this > there. If systemd with its infrastructure brings this to screen via > plymouth then this wouldn't help people who debug much more low-level. Well, I certainly agree with a kernel message (including a big WARN_ON_ONCE), but you also point out that the last time we added helpful messages to let people know, it had some seriously unintended consequences ;) Linus