Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp2412784ybe; Sat, 14 Sep 2019 14:33:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqxPSPsKkn3yLqFkaXra9uIMcHH3y8/acV5ooZIpzALFBn1Bnu5qh8il66cVfNYi7Qqg5EqJ X-Received: by 2002:a17:906:5393:: with SMTP id g19mr35375533ejo.256.1568496784654; Sat, 14 Sep 2019 14:33:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568496784; cv=none; d=google.com; s=arc-20160816; b=GLOmBP/rs9VtcpFJgYSSpVdqftv9hr0LDAB6ojXpqz/ifxSxqoyHdlvfh+qRQhMEJT zTpuWj8g8Emftilzv/5gvQv0gyrEYL2G5C42jvuNYwH4FreXDwtQqmtTdclr75MWFJDD 0XhOrHEoln+flC5D6B13keOcvZmdmx04ZQS0VATxvghTHj7tX42SXfdCUNoafBUnSwIl uQWpV37DgTBHE0zmdaOyYE1YkOAQlVnCCFawgWYcY4/WrTvJnvzTC7/CBQE7cXsAzZfC 08bsdfjB/NXqYFYrsGMi+AAs9w03a4CfnjL57iY+3yff/130X1YPH+ceBxNeqmD9bYGT U7QA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=QLIo6vFI0bpmCXFO87whfx1RKUoffbAynCeevQqzVaY=; b=NCjEHHPNePqOW2a/ztyh1rZhJ6g/lObQtrNGbRtdo0OFO/gfctGG350RqO3ZJCiV0q 8oKs+tfTKpR7SXq+XwtDlXnGg9V2BuCBkDoZ2RhvkmemRSdWOaUMtnS9KVDVUdLT5Ch0 SiiJ5b4c47MFde92dXgUb1H8Xjiwii5YMCE5oOlFmeG3BkhaNBDdzLnXVOCkRlJQWGVy copcFw3G+QzIKlb/zUOUwqjkQZuSVLLT6wqt8QKzgBjCyZQ4SUcydvKHj56q1whLh0yQ +nWCN8CdFIKYDtsW4hiEse8bwpjJ+8+rqh7k7FijqbwFFHoIihOyvm72+oIpfNvc0SMV YJzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=ELbD4LRy; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f45si19211753eda.345.2019.09.14.14.32.39; Sat, 14 Sep 2019 14:33:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=ELbD4LRy; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727407AbfINQxJ (ORCPT + 99 others); Sat, 14 Sep 2019 12:53:09 -0400 Received: from mail-lf1-f67.google.com ([209.85.167.67]:40938 "EHLO mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725805AbfINQxJ (ORCPT ); Sat, 14 Sep 2019 12:53:09 -0400 Received: by mail-lf1-f67.google.com with SMTP id d17so6491304lfa.7 for ; Sat, 14 Sep 2019 09:53:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=QLIo6vFI0bpmCXFO87whfx1RKUoffbAynCeevQqzVaY=; b=ELbD4LRyFSnkAfSPCSVXoyh3un74MVZCrn++kf+mNF8nH8v/FPyJ3yuLu+pNYRJ9Jm zd5rpNwKA1AWkc4nMxoDraDB/EG2Z8O2lJDEPT2dz4ZuWB+7c9jdPlZGfkKpysD4rZN0 mM0oEqg+F6vSDXePBv81AnnhmKfV64W/yfUZ0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=QLIo6vFI0bpmCXFO87whfx1RKUoffbAynCeevQqzVaY=; b=YkOJVBIxirXkKxK/OFj/RziBVVkAGwplADxhxdjjl7g+zp8OfFRRTz1NIk3jdTcukn jRGpqFBhVBI7flJZPAhi4JULQznGgzM74YcywpIei1hMn20V4OvoeK0MkG2qA0qDuFdP MLLkkxaACeziO+1M+23DgsQj+ABZUV19huD/XaMc8TPNWy0BpacLI+MdhQtgOXkV71r9 mUAYnKrJJi27GbKlC/YDWwIZu5qv52s3h93lQcnAcOr6zOQSC9TgqvRV1/fBUlbzKFvD Uo/Ubz6VCcT62pYMS9w9+yOj/liYGyjXtdxCQUP0Bkg9FfjB0Du63iO+Sq5nZt0noC9g CQrw== X-Gm-Message-State: APjAAAXyZwWyl5493LP1oPOcsJrvF07KQqTESbxRKRpPG8wu6bMRC8Cs j0owRL+SBRvlYA/dRiEDNm+/zsriIj8= X-Received: by 2002:a19:3fd1:: with SMTP id m200mr33944338lfa.18.1568479986231; Sat, 14 Sep 2019 09:53:06 -0700 (PDT) Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com. [209.85.208.170]) by smtp.gmail.com with ESMTPSA id g27sm6510647lja.33.2019.09.14.09.53.05 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 14 Sep 2019 09:53:05 -0700 (PDT) Received: by mail-lj1-f170.google.com with SMTP id c22so2126190ljj.4 for ; Sat, 14 Sep 2019 09:53:05 -0700 (PDT) X-Received: by 2002:a2e:814d:: with SMTP id t13mr33898456ljg.72.1568479984957; Sat, 14 Sep 2019 09:53:04 -0700 (PDT) MIME-Version: 1.0 References: <20190910173243.GA3992@darwi-home-pc> <20190911160729.GF2740@mit.edu> <20190911173624.GI2740@mit.edu> <20190912034421.GA2085@darwi-home-pc> <20190912082530.GA27365@mit.edu> <20190914150206.GA2270@darwi-home-pc> <214fed0e-6659-def9-b5f8-a9d7a8cb72af@gmail.com> In-Reply-To: <214fed0e-6659-def9-b5f8-a9d7a8cb72af@gmail.com> From: Linus Torvalds Date: Sat, 14 Sep 2019 09:52:49 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Linux 5.3-rc8 To: "Alexander E. Patrakov" Cc: "Ahmed S. Darwish" , "Theodore Y. Ts'o" , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , linux-ext4@vger.kernel.org, Lennart Poettering , lkml Content-Type: text/plain; charset="UTF-8" Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Sat, Sep 14, 2019 at 9:35 AM Alexander E. Patrakov wrote: > > Let me repeat: not -EINVAL, please. Please find some other error code, > so that the application could sensibly distinguish between this case > (low quality entropy is in the buffer) and the "kernel is too dumb" case > (and no entropy is in the buffer). I'm not convinced we want applications to see that difference. The fact is, every time an application thinks it cares, it has caused problems. I can just see systemd saying "ok, the kernel didn't block, so I'll just do while (getrandom(x) == -ENOENTROPY) sleep(1); instead. Which is still completely buggy garbage. The fact is, we can't guarantee entropy in general. It's probably there is practice, particularly with user space saving randomness from last boot etc, but that kind of data may be real entropy, but the kernel cannot *guarantee* that it is. And people don't like us guaranteeing that rdrand/rdseed is "real entropy" either, since they don't trust the CPU hw either. Which means that we're all kinds of screwed. The whole "we guarantee entropy" model is broken. Linus