Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp1127312ybe; Wed, 11 Sep 2019 09:47:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqzcPQqDsQHFEF0xYcakoRwm+plX2SiVGqsTJpe/SHWjHDmb/fTnwqv8tf50t/B0NJ3cemIp X-Received: by 2002:a05:6402:1685:: with SMTP id a5mr25737607edv.304.1568220438109; Wed, 11 Sep 2019 09:47:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568220438; cv=none; d=google.com; s=arc-20160816; b=USXDkQwc6C/xv95dQiBpNE7oeuMXGh6bkjUe6MY0c/12uR1Md7NG7qicvwVYucqg6j vN0dpLLq6rrUhEii4fcbNjO3JQ1PFi2J5ToZ3etPcgnxuvnO1yqhSeKhNb8eDCHJW1Vw M2szaduspp43EEHRw+v9faLq/dKOBZcGHpjxJ3lkj6LUSdx6zJW6AomFLj3HOCT90sN2 J5QptqIxTkFWYwEfG6kpQOvsjYnXbSqLENTfaIn9829gH0C87y9a4jNaO1GrroC8XSIl UNXJQ22Qfhq4fXIJpOy90ecELcIcYB8VRZK1Nam0NpHV6l3xXHWRrY0xZd9YuPnoHevL VRpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=wf1+jULNUBIRfuJ/ktIVdHO9nr5Te4e7BDdkxRDxruc=; b=SbSyZkZFKhuTnxRgmsM2YHK/4iJQpuKKUWlyYRoOWsTXafypoyEJqV0cdFGbyn4CPo nvGTLjANpXZMxdn9JlCcI6SfvJkgN1BmaC8WbpZeQsEgj2UqEAJwkG7vrNsK1HdVh7I4 iT7SdkNfw7js3HEtEuKSFj0mS8waeA6R5WzCy5hB2ez7epYehXBgEOir0pUDvVfhXLKB h5AyHrz5b489feTJUdAIGsU5cN/2E/D+gWUcoqYhjQN9YQtOJNa8/F5qZCvRJbCUI8TM LlUnh4i9DFr3AGxQGOI/ChjwFpPRVp52UwBEXgdA9zWUpoqnbpZCqasmog+wFU8DvrLN nItA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=NiGsioIW; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id jz14si11310421ejb.32.2019.09.11.09.46.53; Wed, 11 Sep 2019 09:47:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=NiGsioIW; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729196AbfIKQp6 (ORCPT + 99 others); Wed, 11 Sep 2019 12:45:58 -0400 Received: from mail-lj1-f178.google.com ([209.85.208.178]:34892 "EHLO mail-lj1-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728896AbfIKQp5 (ORCPT ); Wed, 11 Sep 2019 12:45:57 -0400 Received: by mail-lj1-f178.google.com with SMTP id q22so16081501ljj.2 for ; Wed, 11 Sep 2019 09:45:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wf1+jULNUBIRfuJ/ktIVdHO9nr5Te4e7BDdkxRDxruc=; b=NiGsioIWb1UrmV45MfrUxasndeSXyXrMUZYdOcd3rJFap5jXHj8y8efpflvu/A89aC +Eb6BGydyvMIPB/pNWEOTC2hB+shmjmGnnFt1qyQ4ahtmT/L1kXFudMp/Tn9yUYjwqW2 ZmmpG2iBfK5s/ihr9utJJ9/iI0iLKcbwFjrTA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wf1+jULNUBIRfuJ/ktIVdHO9nr5Te4e7BDdkxRDxruc=; b=Z/vPLKlW1H3c+K66nWrosVgNaspGAnNs9PmYg4oLrAikfMcLGlFM8q9GLtRQKSG784 0ty+qhH0FkscOj6OTL6yBDpIbBCQZCBRXzYGXNywZG/FzxU8JbR6JDfx0R2D+t9SO7kX Toq+MPv2LSbRhjLCKXplQt3fte5FnIzKoYcQXWb4UcCsdE6ICNYOu9cPJrMVF95cwzuZ E+oOlJMcOOvcNz9gqElC8cqkZYp7h9yM99ow1XDeSABOJhumQxXAK8B36jSS/4lufX8/ z98fAyn3KQE59Ynb56QysQCfpjilyujwU7igzcj8yOgdJMG/HBFQmEElkQnj4lTACFV8 dKUg== X-Gm-Message-State: APjAAAXKF7+ZK/yCS937SSmFwJFQmVeXZw3pyCWGQpi/mDH6ouVAzCkx HXebulGymhmRxDUJ5VjeMlu/8t+kkizmuw== X-Received: by 2002:a2e:504f:: with SMTP id v15mr24250404ljd.67.1568220355560; Wed, 11 Sep 2019 09:45:55 -0700 (PDT) Received: from mail-lj1-f182.google.com (mail-lj1-f182.google.com. [209.85.208.182]) by smtp.gmail.com with ESMTPSA id u26sm5272045lfd.19.2019.09.11.09.45.54 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 11 Sep 2019 09:45:54 -0700 (PDT) Received: by mail-lj1-f182.google.com with SMTP id y23so20643965lje.9 for ; Wed, 11 Sep 2019 09:45:54 -0700 (PDT) X-Received: by 2002:a05:651c:1108:: with SMTP id d8mr16069144ljo.180.1568220354002; Wed, 11 Sep 2019 09:45:54 -0700 (PDT) MIME-Version: 1.0 References: <20190910042107.GA1517@darwi-home-pc> <20190910173243.GA3992@darwi-home-pc> <20190911160729.GF2740@mit.edu> In-Reply-To: <20190911160729.GF2740@mit.edu> From: Linus Torvalds Date: Wed, 11 Sep 2019 17:45:38 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Linux 5.3-rc8 To: "Theodore Y. Ts'o" Cc: "Ahmed S. Darwish" , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , linux-ext4@vger.kernel.org, lkml Content-Type: text/plain; charset="UTF-8" Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Wed, Sep 11, 2019 at 5:07 PM Theodore Y. Ts'o wrote: > > > > Ted, comments? I'd hate to revert the ext4 thing just because it > > happens to expose a bad thing in user space. > > Unfortuantely, I very much doubt this is going to work. That's > because the add_disk_randomness() path is only used for legacy > /dev/random [...] > > Also, because by default, the vast majority of disks have > /sys/block/XXX/queue/add_random set to zero by default. Gaah. I was looking at the input randomness, since I thought that was where the added randomness that Ahmed got things to work with came from. And that then made me just look at the legacy disk randomness (for the obvious disk IO reasons) and I didn't look further. > So the the way we get entropy these days for initializing the CRNG is > via the add_interrupt_randomness() path, where do something really > fast, and we assume that we get enough uncertainity from 8 interrupts > to give us one bit of entropy (64 interrupts to give us a byte of > entropy), and that we need 512 bits of entropy to consider the CRNG > fully initialized. (Yeah, there's a lot of conservatism in those > estimates, and so what we could do is decide to say, cut down the > number of bits needed to initialize the CRNG to be 256 bits, since > that's the size of the CHACHA20 cipher.) So that's 4k interrupts if I counted right, and yeah, maybe Ahmed was just close enough before, and the merging of the inode table IO then took him below that limit. > Ultimately, though, we need to find *some* way to fix userspace's > assumptions that they can always get high quality entropy in early > boot, or we need to get over people's distrust of Intel and RDRAND. Well, even on a PC, sometimes rdrand just isn't there. AMD has screwed it up a few times, and older Intel chips just don't have it. So I'd be inclined to either lower the limit regardless - and perhaps make the "user space asked for randomness much too early" be a big *warning* instead of being a basically fatal hung machine? Linus