Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp6423386ybn; Sun, 29 Sep 2019 20:03:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqyt2Vw1FLV4vxjALp07t+Ihxm0arCkTy5CSXIWSKQMgt3CJz/JZFRXYavrC1XxY+l0UUQU8 X-Received: by 2002:aa7:c495:: with SMTP id m21mr17656658edq.287.1569812622602; Sun, 29 Sep 2019 20:03:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569812622; cv=none; d=google.com; s=arc-20160816; b=oCLeg1FH9I0kSngcLqxTGpoUQ0+7xQ9+jbUFj6h3oSBT+I3/uxef4enMGPMvHHu3mA WnCqWTWoZnIespMrlbUp7t7hAwqiwCGrxFFUO3KYakCDpPMnigQwZlpoiRtcIds0edTl /6OAZzAend/uESQrIqapFgD1xQXKGxa7x3XF4SZWwexN15ZflTGuPjkzGBkbPUK9M9wK ilGw+exfhmBYYtp6XJ3gYWQ+RyYHw7Szym0kNS/R5h8kFl1sqzlKtTMXTlKmYkmdVV1M i4CqAEncJmc2PQB8q2gBi/dZTfcCnfwTD2z1gVpALkMHdxrgQGRaKIUtDlgKQ+fxyUEy GvjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=P8sBoP646L1OEWcvnWkJGgkenZ+dxhfC8IlHdOgrXJk=; b=qMoyeI8H5XrNrpPtMR1xPrpsRPwsI8ehn2XVNm4ynIAmhIxL7YLLnzjopsnF0m6/sZ tX1Gq0iDJSZswkskQYcK8MXGRfXaD5eSol++YO+0vt8gd7Z4EGcvNcrROg8R4ELDV9UG KxavjiUZi6G/L9Nw1b+LLfxGwHc53hcsr0sTsIupQXT5FRlsQc/bpeqeAvJ5KyuqNOJx zxBG3MaBrSCtsLmc18nvvboYk0I4P1lT5loHmD6Z66x4ZDwHWjg0z2n+VBiZ24nP03eB FSbvCQ8GJnjdRzUxa4bXB1am7fOIquxg1v6VXewG0zP43BiY4thWBBdTDdMDUq1oDQ/U cv7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Q6O+OiLB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id si9si6581707ejb.97.2019.09.29.20.03.05; Sun, 29 Sep 2019 20:03:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Q6O+OiLB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729404AbfI3C7j (ORCPT + 99 others); Sun, 29 Sep 2019 22:59:39 -0400 Received: from mail-lf1-f65.google.com ([209.85.167.65]:46097 "EHLO mail-lf1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729141AbfI3C7j (ORCPT ); Sun, 29 Sep 2019 22:59:39 -0400 Received: by mail-lf1-f65.google.com with SMTP id t8so5783154lfc.13 for ; Sun, 29 Sep 2019 19:59:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=P8sBoP646L1OEWcvnWkJGgkenZ+dxhfC8IlHdOgrXJk=; b=Q6O+OiLBGvkUpVfSHAOaI856ArlcP9Ce7NvnGxWdYO5zwayQO/aRldolp2suqmlATi hPK7V/N3Bf2jevq0x3LUQe83o7ZVBaUYhlpcY6VttoyD3M/og5J0Pr2s6S92MmFz/VoW FoONXg9Y5/CBZjNaUOFcsm4fHC7qeNiQz3iaU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=P8sBoP646L1OEWcvnWkJGgkenZ+dxhfC8IlHdOgrXJk=; b=qkAbiSeP25MO44z+QEy3MFwzIYcic/xX6022VjgwDSqld1PxjNJv3Rv12MWascWL8j Pm8q8nlRURC1pU6ANPsYn4CcpjGDpchcXgFP+QVBtH3pYpIFkWd4AINe/vGIUT4xzq1o HxDywvRoUnsJzno2bHBICSVFRx1u6nY8wWNNg6XfSe+NHYAm+C9o/rfBB4kGclmc6bZZ ymzl7H4xXewxINdG7wlqKXDGnEqDlcsQpUOUwmRZtGr1uKfUCWCv4JdIeW7MeY3yC2eV ZyB8K0U/mWZJUG9tt+OTnXfiKCac8Q3JhWb0EbUvut76kpvqV8lpupkHiWyD8aZHlCDE 8zjw== X-Gm-Message-State: APjAAAVt7nuTMKw2xLbNMptOFCqeGN/yY6p22XzO1iXbt2wz4p5Et1xL 2eLFQJ97pbGw4LwU5QP4kWJWGeLZyfI= X-Received: by 2002:ac2:4552:: with SMTP id j18mr1180299lfm.120.1569812376962; Sun, 29 Sep 2019 19:59:36 -0700 (PDT) Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com. [209.85.208.176]) by smtp.gmail.com with ESMTPSA id z72sm2755149ljb.98.2019.09.29.19.59.36 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 29 Sep 2019 19:59:36 -0700 (PDT) Received: by mail-lj1-f176.google.com with SMTP id m13so7746769ljj.11 for ; Sun, 29 Sep 2019 19:59:36 -0700 (PDT) X-Received: by 2002:a2e:2c02:: with SMTP id s2mr10635284ljs.156.1569812375672; Sun, 29 Sep 2019 19:59:35 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Sun, 29 Sep 2019 19:59:19 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: x86/random: Speculation to the rescue To: Thomas Gleixner , "Ahmed S. Darwish" Cc: LKML , "Theodore Ts'o" , Nicholas Mc Guire , "the arch/x86 maintainers" , Andy Lutomirski , Kees Cook Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Sep 29, 2019 at 6:16 PM Linus Torvalds wrote: > > But I've committed that patch and the revert of the ext4 revert to a > local branch, I'll do some basic testing of it (which honestly on my > machines are kind of pointless, since all of them support rdrand), but > assuming it passes the basic smoke tests - and I expect it to - I'll > merge it for rc1. All my smoke testing looked fine - I disabled trusting the CPU, I increased the required entropy a lot, and to actually trigger the lockup issue without the broken user space, I made /dev/urandom do that "wait for entropy" thing too. It all looked sane to me, and the urandom part also had the side effect of then silencing all the "reading urandom without entropy" warning cases as expected. So it's merged. Note that what I merged did _not_ contain the urandom changes, that was purely for my testing. But it might well be a reasonable thing to do at some point. Of course, whether this jitter-entropy approach is reasonable in the first place ends up likely being debated, but it does seem to be the simplest way forward. Linus