Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp2423257ybe; Sat, 14 Sep 2019 14:49:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqwP6eicolCJj39wgKzrLa2c0vQx9TlNHxl5hJzApNJU2xugLPCqEz/0xn3udRZ5HIlSDIxN X-Received: by 2002:a50:cfc7:: with SMTP id i7mr45149352edk.89.1568497795721; Sat, 14 Sep 2019 14:49:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568497795; cv=none; d=google.com; s=arc-20160816; b=mYiw2cqp8T6v4/KBAu9t3AtvBkP5/ST2MmmvvytI/dVwlS13J/KSKZbLXs1FWcYw9B q0CZEVnWd7Uw/YGX/YIiw4tkNNMLDFjGpWsToUfAnLktbLFtbPlfUTu9niuByO+0cSFX xy+aWrM25oQv/kakKNYpCGlGp4Kkob7gGQMcJxzJjsCBSBTYRhFt71r+1GvkM3zV62hl xpPxq4gV40MEcVraWpshNUQ3I0dZZszDBERSgH+/jRnH3ktsLql+NZEy5cw5GSds4CC1 pm74DXGLBIlmeEHtySJ9qvHW2wtInGYjU2bTERd4n6CN4TXoXV6iKfYPvfJrpPXOW2/v v6Gw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=v77TEVq8YxFtGIUCNoHv7EuDfTyua7DnFZyI0tu27Ls=; b=A2NPDxrLDwuCAb9P1pn/CqpVJlBPUCQ8BzS3hzD9c9gnAYWoIfVlvMpSfzE4HzqlrQ 15AJgMhOzD+KJSd6B+JxJMCzxh05QQnxMgMfXJP6d1fl+fXjeBx4sGZDXAMApFUfh5zk lf3iMmIHE4oAsQ4QaA8Ibo/FK+HDROSSwHJfVweNybwpa2tSUxxCibVz9DY+iWyK9wpr 47ANISnYHfPAI/6BHOnWDhkZ6Hht2NI6TPovJ4DHlzgPHXkLBTlU+KegQZVyvgQ/APEE 55RtCEGxjs9D3VWYVTy+aVCF0k9becNZdhqIPGqxoBThywrlWwzCN+leHGcrmEwk9Q1X dE4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="VLx/xb2f"; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j12si17691031edn.348.2019.09.14.14.49.25; Sat, 14 Sep 2019 14:49:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="VLx/xb2f"; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726054AbfINRJb (ORCPT + 99 others); Sat, 14 Sep 2019 13:09:31 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:36711 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725795AbfINRJb (ORCPT ); Sat, 14 Sep 2019 13:09:31 -0400 Received: by mail-lj1-f196.google.com with SMTP id v24so2338454ljj.3; Sat, 14 Sep 2019 10:09:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to; bh=v77TEVq8YxFtGIUCNoHv7EuDfTyua7DnFZyI0tu27Ls=; b=VLx/xb2fwph4Xpoh65RoRB0DaKpFf/rfUp4K7qzCAio2/jrnfZ167ONLf0EmNKt5kV 6AojKHR2Jxx17kRk8D+Gnp/nd60bk9463es4eaWU2thIrhpXsqcfXd1jBQJ5yJ3LAFgA Kvlf9ThI2x2qIqz0ehDNHl+xLRvUPuJcBAGWSf6+V6a3oMsG2rplZLkd044wHNwJ17Ro nI8iJJRGvNPxYU5N0fnXl3qVcIoTFt1naucv8IxhzB8nZqvSwwEMemVDZfvWLFySqelz zaw8X+V2cAjKLonxoLJczydAmS4uC1gb6nHCYOGKimwCMfg+i39cpLdi2DuNfGwcnIdG wn9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=v77TEVq8YxFtGIUCNoHv7EuDfTyua7DnFZyI0tu27Ls=; b=Y1f/Olo1baAaVdu2L7Sun08E3cwADr6MVYK1kEFUJLpZFgtS1EqSLMW943ai3AFc1F /P1SSIsLpjMU8TPb62GErHMJo/BLY4CWi2RU/Cvhc//rrQ92nRzEFg4hKpNc6YfB1GFE fD9LTGzIbkthxpl9fAOIVnLRlszLYm7F+4lxguREsrxSnX/PJxRyBjxRMKcZdOvX6apU yaWAOuiY3CwTUcTiW0gF6NxywBt7+Olxb0YxFCVfKHKaWQ6q2raCDEJT8oa0RIqgzYPi 9zVbQFK8ztZFzIPFhszVfIZkSrXEyhfRvfsCB5kEmn6bhGvB90lq4Uco9REJxepJI213 hJYQ== X-Gm-Message-State: APjAAAUqXc9FIqXzc3WlrlizJOf7DUxnlFb+qNijmlWikIQP8I1fKQIl 5mYvtj0eqVa/N2XX3Ll9fdHhWGuXJcNsxw== X-Received: by 2002:a2e:6586:: with SMTP id e6mr31211134ljf.115.1568480967620; Sat, 14 Sep 2019 10:09:27 -0700 (PDT) Received: from ?IPv6:2a02:17d0:4a6:5700::a11? ([2a02:17d0:4a6:5700::a11]) by smtp.googlemail.com with ESMTPSA id f22sm7762790lfa.41.2019.09.14.10.09.26 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 14 Sep 2019 10:09:26 -0700 (PDT) Subject: Re: Linux 5.3-rc8 To: Linus Torvalds Cc: "Ahmed S. Darwish" , "Theodore Y. Ts'o" , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , linux-ext4@vger.kernel.org, Lennart Poettering , lkml References: <20190910173243.GA3992@darwi-home-pc> <20190911160729.GF2740@mit.edu> <20190911173624.GI2740@mit.edu> <20190912034421.GA2085@darwi-home-pc> <20190912082530.GA27365@mit.edu> <20190914150206.GA2270@darwi-home-pc> <214fed0e-6659-def9-b5f8-a9d7a8cb72af@gmail.com> From: "Alexander E. Patrakov" Message-ID: <8c2a47cc-a519-ad94-5d9a-18bb03ba2fd7@gmail.com> Date: Sat, 14 Sep 2019 22:09:23 +0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms060409060605010906010301" Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org This is a cryptographically signed message in MIME format. --------------ms060409060605010906010301 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-PH Content-Transfer-Encoding: quoted-printable 14.09.2019 21:52, Linus Torvalds =D0=BF=D0=B8=D1=88=D0=B5=D1=82: > On Sat, Sep 14, 2019 at 9:35 AM Alexander E. Patrakov > wrote: >> >> Let me repeat: not -EINVAL, please. Please find some other error code,= >> so that the application could sensibly distinguish between this case >> (low quality entropy is in the buffer) and the "kernel is too dumb" ca= se >> (and no entropy is in the buffer). >=20 > I'm not convinced we want applications to see that difference. >=20 > The fact is, every time an application thinks it cares, it has caused > problems. I can just see systemd saying "ok, the kernel didn't block, > so I'll just do >=20 > while (getrandom(x) =3D=3D -ENOENTROPY) > sleep(1); >=20 > instead. Which is still completely buggy garbage. OK, I understand this viewpoint. But then still, -EINVAL is not the=20 answer, because a hypothetical evil version of systemd will use -EINVAL=20 as -ENOENTROPY (with flags =3D=3D 0 and a reasonable buffer size, there i= s=20 simply no other reason for the kernel to return -EINVAL). Yes I=20 understand that this is a complete reverse of my previous argument. > The fact is, we can't guarantee entropy in general. It's probably > there is practice, particularly with user space saving randomness from > last boot etc, but that kind of data may be real entropy, but the > kernel cannot *guarantee* that it is. >=20 > And people don't like us guaranteeing that rdrand/rdseed is "real > entropy" either, since they don't trust the CPU hw either. >=20 > Which means that we're all kinds of screwed. The whole "we guarantee > entropy" model is broken. I agree here. Given that you suggested "to just fill the buffer and=20 return 0" in the previous mail (well, I think you really meant "return=20 buflen", otherwise ENOENTROPY =3D=3D 0 and your previous objection applie= s),=20 let's do just that. As a bonus, it saves applications from the complex=20 dance with retrying via /dev/urandom and finally brings a reliable API=20 (modulo old and broken kernels) to get random numbers (well, as random=20 as possible right now) without needing a file descriptor. --=20 Alexander E. Patrakov --------------ms060409060605010906010301 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: Криптографическая подпись S/MIME MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC C5wwggVNMIIENaADAgECAhArQ2N9hOajPiuqD20bI16wMA0GCSqGSIb3DQEBCwUAMIGCMQsw CQYDVQQGEwJJVDEPMA0GA1UECAwGTWlsYW5vMQ8wDQYDVQQHDAZNaWxhbm8xIzAhBgNVBAoM GkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBB dXRoZW50aWNhdGlvbiBDQSBHMTAeFw0xOTA2MDYwODAxMzVaFw0yMDA2MDYwODAxMzVaMB0x GzAZBgNVBAMMEnBhdHJha292QGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOA0sb1ubDnIK32rbgW3BnjBcx1pYuEFOCU6aPVJ2gU+wtKJgAo9IdVUXG6kC1fF hXjIcZHOgbEqzFjHK1yXlHIUWEv+N8KdmBDOK1UdKQj58d9A4hnH62iEiwQsOR5YT1UyHX4A pfMjsBja7254cixR4jOPzfA4YUD6JTTPioyjDwuYQlhweVyXziKswLtGWfKeDcm3fOlKYxGy hxjWJRamGTreNBVC9uMkF4DHszpUm07agR2U4mnWy7FsjBuRJ++iX0SvuxKWf19HQWgmgIys jBVrArhVzgjOOnbvlklW849wIARF4Y0WAf91DsqPtuR8hu7+9KIVj2qk9BeNXXUCAwEAAaOC AiEwggIdMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfmD8+GynPT3XrpOheQKPs3QpO/Uw SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vY2FjZXJ0LmFjdGFsaXMuaXQv Y2VydHMvYWN0YWxpcy1hdXRjbGlnMTAdBgNVHREEFjAUgRJwYXRyYWtvdkBnbWFpbC5jb20w RwYDVR0gBEAwPjA8BgYrgR8BGAEwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxp cy5pdC9hcmVhLWRvd25sb2FkMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCB6AYD VR0fBIHgMIHdMIGboIGYoIGVhoGSbGRhcDovL2xkYXAwNS5hY3RhbGlzLml0L2NuJTNkQWN0 YWxpcyUyMENsaWVudCUyMEF1dGhlbnRpY2F0aW9uJTIwQ0ElMjBHMSxvJTNkQWN0YWxpcyUy MFMucC5BLi8wMzM1ODUyMDk2NyxjJTNkSVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDti aW5hcnkwPaA7oDmGN2h0dHA6Ly9jcmwwNS5hY3RhbGlzLml0L1JlcG9zaXRvcnkvQVVUSENM LUcxL2dldExhc3RDUkwwHQYDVR0OBBYEFEhX9pz3jwI3+erfsAVB2b4xSsM8MA4GA1UdDwEB /wQEAwIFoDANBgkqhkiG9w0BAQsFAAOCAQEAVbKht9PGiUsUaqiyzJb6blSMNaLwopQr3AsI FvthyqnSqxmSNYDeZsQYPgBnXvMCvHCn07pm1b96Y3XstBt2FWb9dpDr7y+ec3vxFHb3lKGb 3WREB1kEATnBu2++dPcILG58gdzgYde3RAJC3/OyOZhDqKwQA5CnXTHigTzw75iezdLne5pU MjEQoxdqC+sgbrAueaEpMmRsGSKzgIX8eQ3DWwyIL56fYPJP3u4WZmBUKTFhhUWowG62QLtt ZjkiX/j+vjcSRd2app8lYDwQRornZAqrDxy+c4qQJ5FN234p36opwespDCwLN3Z6wPzLvzS+ jAlmV3DF2xuZGMoebzCCBkcwggQvoAMCAQICCCzUitOxHg+JMA0GCSqGSIb3DQEBCwUAMGsx CzAJBgNVBAYTAklUMQ4wDAYDVQQHDAVNaWxhbjEjMCEGA1UECgwaQWN0YWxpcyBTLnAuQS4v MDMzNTg1MjA5NjcxJzAlBgNVBAMMHkFjdGFsaXMgQXV0aGVudGljYXRpb24gUm9vdCBDQTAe Fw0xNTA1MTQwNzE0MTVaFw0zMDA1MTQwNzE0MTVaMIGCMQswCQYDVQQGEwJJVDEPMA0GA1UE CAwGTWlsYW5vMQ8wDQYDVQQHDAZNaWxhbm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAz MzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBBdXRoZW50aWNhdGlvbiBDQSBH MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMD8wYlW2Yji9ARlv80JNasoKTD+ DMr3J6scEe6GPV3k9WxEtgxXM5WX3oiKjS2p25Mqk8cnV2fpMaEvdO9alrGes0vqcUqly7Pk U753RGlseYXR2XCjVhs4cuRYjuBmbxpRSJxRImmPnThKY41r0nl6b3A6Z2MOjPQF7h6OCYYw tz/ziv/+UBV587U2uIlOukaS7Xjk4ArYkQsGTSsfBBXqqn06WL3xG+B/dRO5/mOtY5tHdhPH ydsBk2kksI3PJ0yNgKV7o6HM7pG9pB6sGhj96uVLnnVnJ0WXOuV1ISv2eit9ir60LjT99hf+ TMZLxA5yaVJ57fYjBMbxM599cw0CAwEAAaOCAdUwggHRMEEGCCsGAQUFBwEBBDUwMzAxBggr BgEFBQcwAYYlaHR0cDovL29jc3AwNS5hY3RhbGlzLml0L1ZBL0FVVEgtUk9PVDAdBgNVHQ4E FgQUfmD8+GynPT3XrpOheQKPs3QpO/UwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRS 2Ig6yJ94Zu2J83s4cJTJAgI20DBFBgNVHSAEPjA8MDoGBFUdIAAwMjAwBggrBgEFBQcCARYk aHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVhLWRvd25sb2FkMIHjBgNVHR8EgdswgdgwgZag gZOggZCGgY1sZGFwOi8vbGRhcDA1LmFjdGFsaXMuaXQvY24lM2RBY3RhbGlzJTIwQXV0aGVu dGljYXRpb24lMjBSb290JTIwQ0EsbyUzZEFjdGFsaXMlMjBTLnAuQS4lMmYwMzM1ODUyMDk2 NyxjJTNkSVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5hcnkwPaA7oDmGN2h0dHA6 Ly9jcmwwNS5hY3RhbGlzLml0L1JlcG9zaXRvcnkvQVVUSC1ST09UL2dldExhc3RDUkwwDgYD VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQBNk87VJL5BG0oWWHNfZYny2Xo+WIy8 y8QP5VsWZ7LBS6Qz8kn8zJp3c9xdOkudZbcA3vm5U8HKXc1JdzNmpSh92zq/OeZLvUa+rnnc mvhxkFE9Doag6NitggBPZwXHwDcYn430/F8wqAt3LX/bsd6INVrhPFk3C2SoAjLjUQZibXvQ uFINMN4l6j86vCrkUaGzSqnXT45NxIivkAPhBQgpGtcTi4f+3DxkyTDbWtf9LuaC4l2jgB3g C7f56nmdpGfpYsyvKE7+Ip+WryH93pWt6C+r68KU3Gu02cU1/dHvNOXWUDeKkVT3T26wZVrT aMx+0nS3i63KDfJdhFzutfdBgCWHcp03NhOhMqy1RnAylF/dVZgkka6hKaWe1tOU21kS4uvs D4wM5k6tl0pin2o6u47kyoJJMOxRSQcosWtDXUmaLHUG91ZC6hvBDmDmpmS6h/r+7mtPrpYO xTr4hW3me2EfXkTvNTvBQtbi4LrZchg9vhi44EJ7L53g7GzQFn5KK8vqqgMb1c1+T0mkKdqS edgGiB9TDdYtv4HkUj/N00TKxZMLiDMw4V8ShUL6bKTXNfb3E68s47cD+MatFjUuGFj0uFPv ZlvlNAoJ7IMfXzIiTWy35X+akm+d49wBh54yv6icz2t/cBU1y1weuPBd8NUH/Ue3mXk0SXwk GP3yVDGCA/YwggPyAgEBMIGXMIGCMQswCQYDVQQGEwJJVDEPMA0GA1UECAwGTWlsYW5vMQ8w DQYDVQQHDAZNaWxhbm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSww KgYDVQQDDCNBY3RhbGlzIENsaWVudCBBdXRoZW50aWNhdGlvbiBDQSBHMQIQK0NjfYTmoz4r qg9tGyNesDANBglghkgBZQMEAgEFAKCCAi8wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc BgkqhkiG9w0BCQUxDxcNMTkwOTE0MTcwOTIzWjAvBgkqhkiG9w0BCQQxIgQgQ39UabjL04LI fedIh4FiMev8OHpzdkejZOxLVJ5yjOEwbAYJKoZIhvcNAQkPMV8wXTALBglghkgBZQMEASow CwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIB QDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBqAYJKwYBBAGCNxAEMYGaMIGXMIGCMQswCQYD VQQGEwJJVDEPMA0GA1UECAwGTWlsYW5vMQ8wDQYDVQQHDAZNaWxhbm8xIzAhBgNVBAoMGkFj dGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBBdXRo ZW50aWNhdGlvbiBDQSBHMQIQK0NjfYTmoz4rqg9tGyNesDCBqgYLKoZIhvcNAQkQAgsxgZqg gZcwgYIxCzAJBgNVBAYTAklUMQ8wDQYDVQQIDAZNaWxhbm8xDzANBgNVBAcMBk1pbGFubzEj MCEGA1UECgwaQWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMg Q2xpZW50IEF1dGhlbnRpY2F0aW9uIENBIEcxAhArQ2N9hOajPiuqD20bI16wMA0GCSqGSIb3 DQEBAQUABIIBABu3GgtdCZUCf0M6G0zU73nOSZW6KArXamIAI1xqktna5RBm+9H+IwTgarU/ aH+uxQAiLvO9ENfRWVbvS5EZdeC14MiqB2otlCwfzvtZd3rSufYCoVJz29NkMG53SwNtp4/k ZHh3QQoefqJ2+MkFaEtu5Y/lMc/EgOG+TCrgDoAnvWB4c6Rebrdlphv+0dA1N/UuIvOM6Bxo Ms4O348sMb5H2gPJUwG7vEoZyT8LMegpT7ismkj88WWC6vsDCQaAkwYbrQn325gCyxt+b6eX A+y3T6vnBeCFSwPJGKNfZwrTxXNQyx5K8gQuak0ggbxDrfUMJvkDD+13kvtMU+cl8xAAAAAA AAA= --------------ms060409060605010906010301--