Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp5607247ybe; Tue, 10 Sep 2019 06:22:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqx8iEWE1RZE2b6zSYWHY3YERSO+VlxFgrdraDr2WMpZIjyU98GNQTs7vLWIYeIFAvE2+zG/ X-Received: by 2002:a05:6402:144f:: with SMTP id d15mr3669015edx.189.1568121762371; Tue, 10 Sep 2019 06:22:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568121762; cv=none; d=google.com; s=arc-20160816; b=vSH0Xx3T/R5EP5s8kB5qpnpbi+okFAMptuLZ2kLnrHm0KF/A2nmeS12PDxR9rjgxS5 OC3CT3att5wa4beQdVKRW06YUEhJqxskbjlFWsgzEezAGU3U4eu5YGa1JpGhM8OflIct vRusvvNIF6xoTYP2a2Jw7xsKJZ7XGab7phykiME5gbLvCYWcra9WSlh8YtmgwjWL7R5Z fZO52g5EqwPaNHlNo1m3Qkiy5wjK5JsTxM311ulV60Y4Mc3J1Oh6K7+YlaNPw8P3svgn ia7gk1GbE9gEK9Al+MPAr/1JVqTNruA7qfioeuw43SGNdazfGie2onM9TaWL+Gd+CRG1 AOog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=avMSNAIAc62NAZoYmiKjeJr7od31ksT1XfjAnykFtUc=; b=ph+KDbAx22TOs62eHPOwbCAagOe/TY3GUiU11MLjvrDZHnU4jKzF7JgQRMSXYE54iw qJfz45org1B8gdYVvp6Tv/fDbBEXSHbcePOoTDrQugiTBCf7GmcyiwiUAO1Psn4FOdlg I0/+qjCgTP+movB/M6QmO41iQopAahK/xMPnsDmMU+gnB4d9FnVWqqjIuYQ6RoZZWt4P e6MV21Gv0hEJWEAoWCZ8nIjSWLHOhDLgBMDIhxoilE4FPfMMOyImPvMdZkf7WUp975RK T5wLHNkLyyMrdC4169h/89IJj2NncKUaP5QtaipHAc0dMSlf2BTwLW57Sx6e9Q/RybX2 cJHg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j34si11054467ede.10.2019.09.10.06.22.12; Tue, 10 Sep 2019 06:22:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2393030AbfIJL4x (ORCPT + 99 others); Tue, 10 Sep 2019 07:56:53 -0400 Received: from outgoing-auth-1.mit.edu ([18.9.28.11]:37767 "EHLO outgoing.mit.edu" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2393023AbfIJL4w (ORCPT ); Tue, 10 Sep 2019 07:56:52 -0400 Received: from callcc.thunk.org (38.85.69.148.rev.vodafone.pt [148.69.85.38] (may be forged)) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x8ABua45016670 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Sep 2019 07:56:39 -0400 Received: by callcc.thunk.org (Postfix, from userid 15806) id 97FF742049E; Tue, 10 Sep 2019 07:56:35 -0400 (EDT) Date: Tue, 10 Sep 2019 07:56:35 -0400 From: "Theodore Y. Ts'o" To: "Ahmed S. Darwish" Cc: Andreas Dilger , Linus Torvalds , Jan Kara , zhangjs , linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: Linux 5.3-rc8 Message-ID: <20190910115635.GB2740@mit.edu> References: <20190910042107.GA1517@darwi-home-pc> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190910042107.GA1517@darwi-home-pc> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Tue, Sep 10, 2019 at 06:21:07AM +0200, Ahmed S. Darwish wrote: > > The commit b03755ad6f33 (ext4: make __ext4_get_inode_loc plug), [1] > which was merged in v5.3-rc1, *always* leads to a blocked boot on my > system due to low entropy. > > The hardware is not a VM: it's a Thinkpad E480 (i5-8250U CPU), with > a standard Arch user-space. Hmm, I'm not seeing this on a Dell XPS 13 (model 9380) using a Debian Bullseye (Testing) running a rc4+ kernel. This could be because Debian is simply doing more I/O; or it could be because I don't have some package installed which is trying to reading from /dev/random or calling getrandom(2). Previously, Fedora ran into blocking issues because of some FIPS compliance patches to some userspace daemons. So it's going to be very user space dependent and package dependent. > It seems that batching the directory lookup I/O requests (which are > possibly a lot during boot) is minimizing sources of disk-activity- > induced entropy? [2] [3] > > Can this even be considered a user-space breakage? I'm honestly not > sure. On my modern RDRAND-capable x86, just running rng-tools rngd(8) > early-on fixes the problem. I'm not sure about the status of older > CPUs though. You can probably also fix this problem by adding random.trust_cpu=true to the boot command line, or by enabling CONFIG_RANDOM_TRUST_CPU. This obviously assumes that you trust Intel's implementation of RDRAND, but that's true regardless of whether of whether you use rngd or the kernel config option. As far as whether it's considered user-space breakage; that's though. File system performance improvements can cause a reduced amount of I/O, and that can cause less entropy to be collected, and depending on a complex combination of kernel config options, distribution-specific patches, and what packages are loaded, that could potentially cause boot hangs waiting for entropy. Does that we we're can't make any file system performace improvements? Surely that doesn't seem like the right answer. It would be useful to figure out what process is blocking waiting on entropy, since in general, trying to rely on cryptographic entropy in early boot, especially if it is to generate cryptographic keys, is going to be more dangerous compared to a "just in time" approach to generating crypto keys. So this could also be considered a userspace bug, depending on your point of view... - Ted