From: "Jason A. Donenfeld" Subject: Re: [PATCH v4 04/13] security/keys: ensure RNG is seeded before use Date: Thu, 8 Jun 2017 03:03:38 +0200 Message-ID: References: <20170606174804.31124-1-Jason@zx2c4.com> <20170606174804.31124-5-Jason@zx2c4.com> <20170608003116.zgznzb37ms7wj4vl@thunk.org> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" To: "Theodore Ts'o" , "Jason A. Donenfeld" , Linux Crypto Mailing List , LKML , kernel-hardening@lists.openwall.com, Greg Kroah-Hartman , David Miller , Eric Biggers , David Howells , Mimi Zohar , David Safford Return-path: Received: from frisell.zx2c4.com ([192.95.5.64]:50719 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751203AbdFHBDl (ORCPT ); Wed, 7 Jun 2017 21:03:41 -0400 In-Reply-To: Sender: linux-crypto-owner@vger.kernel.org List-ID: On Thu, Jun 8, 2017 at 2:50 AM, Jason A. Donenfeld wrote: > On Thu, Jun 8, 2017 at 2:31 AM, Theodore Ts'o wrote: >> I'm guessing you changed key_alloc_serial() to return an int back when >> you were thinking that you might use get_random_bytes_wait(), which >> could return -ERESTARTSYS. >> >> Now that you're not doing this, but using get_random_u32() instead, >> there's no point to change the function signature of >> key_alloc_serial() and add an error check in key_alloc() that will >> never fail, right? That's just adding a dead code path. Which the >> compiler can probably optimize away, but why make the code slightly >> harder to read than necessasry? > > Good catch, and thanks for reading these so thoroughly that you caught > the churn artifacts. Do you want me to clean this up and resubmit, or > are you planning on adjusting it in the dev branch? Fixed it up here if you just want to grab this instead: https://git.kernel.org/pub/scm/linux/kernel/git/zx2c4/linux.git/patch/?id=a0361e55bce30ace529ed8b28bd452e3ac0ee91f