Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp2769193ybe; Sun, 15 Sep 2019 00:01:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqyrNulX3Hpg0f133Ke+4PbTeaewQNTAw+o8fs3FyLldE3NCnqe6QQmbY1EL1E4WXQc2F8Pu X-Received: by 2002:a50:aa96:: with SMTP id q22mr5581319edc.179.1568530894190; Sun, 15 Sep 2019 00:01:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568530894; cv=none; d=google.com; s=arc-20160816; b=foH4BUMO8P58WevT792MFHTncXdVPY0OB5aBuq+FEFY73g2uv/l+o/w8+3GE/Sa9f8 T/noN5aBRq5JM+yy1QgdWl3gGQodmDxcXP5HZ9QwPLAllv0Q0XgAvgDdr08X/tDBPwAL TZptwvBt5CDXmBEXrE7WS/uq8sztY9dOIjTp2F3PGCLOZ6Ay+ek6LMtX9kPsyYKaMh1j w23Mb/nN4xmCZwx6Ceq7jTbH9DJWzMfdW+gEQxKdzXAuZLm+x5QBogkmHyp5p2g1ULzh aKvaKo89ail/S1Y4W5bNoUnXAPDcnRVl+x2ykhuylFEb1bea7RxGgvrZ/EbhsbbI9hPr B/Lw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=BjpSz/woyn6tzPMlVsdVsNYNFxir+IZ5M57xsg6/5Us=; b=xzNoZbq4gMPJZFlerOltHf/F1aT91UPwB7okcjrECoNpHV4M3NK+fMhjU3QP4yA7Sn mjXQ0Om22qSE4XLCwxCWVxAkSCqpEMmb4Tj8zvzgFD84uBf6cgZZOadTj0gc+m3rfeOA 6PrSFPtc2N7eHR06lI6VYINSeFqxoKyzEJ440DDzaC/xjDi3jusc43nkkZTJRA9vZmC1 kr+jVgg6zCj23GhruvvdBluoIfGMgMCzfae9lXGtKIfxasaL+4CxmUnmGDyQwrxQ8LE8 Jimwg+c1K96YGl+e9+H5X2ZPRcT6LOX4E3kuJsDPpBC1mZSxdX3Etvrvi2tYYaB17CAA UyxQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b23si17407061eja.297.2019.09.15.00.01.09; Sun, 15 Sep 2019 00:01:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725835AbfIOG7r (ORCPT + 99 others); Sun, 15 Sep 2019 02:59:47 -0400 Received: from gardel.0pointer.net ([85.214.157.71]:38278 "EHLO gardel.0pointer.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725788AbfIOG7r (ORCPT ); Sun, 15 Sep 2019 02:59:47 -0400 Received: from gardel-login.0pointer.net (gardel.0pointer.net [IPv6:2a01:238:43ed:c300:10c3:bcf3:3266:da74]) by gardel.0pointer.net (Postfix) with ESMTP id 502B3E81176; Sun, 15 Sep 2019 08:51:43 +0200 (CEST) Received: by gardel-login.0pointer.net (Postfix, from userid 1000) id C5A95160ADC; Sun, 15 Sep 2019 08:51:42 +0200 (CEST) Date: Sun, 15 Sep 2019 08:51:42 +0200 From: Lennart Poettering To: Linus Torvalds Cc: "Ahmed S. Darwish" , "Theodore Y. Ts'o" , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , "Alexander E. Patrakov" , zhangjs , linux-ext4@vger.kernel.org, lkml Subject: Re: Linux 5.3-rc8 Message-ID: <20190915065142.GA29681@gardel-login> References: <20190911160729.GF2740@mit.edu> <20190911173624.GI2740@mit.edu> <20190912034421.GA2085@darwi-home-pc> <20190912082530.GA27365@mit.edu> <20190914150206.GA2270@darwi-home-pc> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Sa, 14.09.19 09:30, Linus Torvalds (torvalds@linux-foundation.org) wrote: > > => src/random-seed/random-seed.c: > > /* > > * Let's make this whole job asynchronous, i.e. let's make > > * ourselves a barrier for proper initialization of the > > * random pool. > > */ > > k = getrandom(buf, buf_size, GRND_NONBLOCK); > > if (k < 0 && errno == EAGAIN && synchronous) { > > log_notice("Kernel entropy pool is not initialized yet, " > > "waiting until it is."); > > > > k = getrandom(buf, buf_size, 0); /* retry synchronously */ > > } > > Yeah, the above is yet another example of completely broken garbage. > > You can't just wait and block at boot. That is simply 100% > unacceptable, and always has been, exactly because that may > potentially mean waiting forever since you didn't do anything that > actually is likely to add any entropy. Oh man. Just spend 5min to understand the situation, before claiming this was garbage or that was garbage. The code above does not block boot. It blocks startup of services that explicit order themselves after the code above. There's only a few services that should do that, and the main system boots up just fine without waiting for this. Primary example for stuff that orders itself after the above, correctly: cryptsetup entries that specify /dev/urandom as password source (i.e. swap space and stuff, that wants a new key on every boot). If we don't wait for the initialized pool for cases like that the password for that swap space is not actually going to be random, and that defeats its purpose. Another example: the storing of an updated random seed file on disk. We should only do that if the seed on disk is actually properly random, i.e. comes from an initialized pool. Hence we wait for the pool to be initialized before reading the seed from the pool, and writing it to disk. I'd argue that doing things like this is not "garbage", like you say, but *necessary* to make this stuff safe and secure. And no, other stuff is not delayed for this (but there are bugs of course, some random services in 3rd party packages that set too agressive deps, but that needs to be fixed there, and not in the kernel). Anyway, I really don't appreciate your tone, and being sucked into messy LKML discussions. I generally stay away from LKML, and gah, you remind me why. Just tone it down, not everything you never bothered to understand is "garbage". And please don't break /dev/urandom again. The above code is the ony way I see how we can make /dev/urandom-derived swap encryption safe, and the only way I can see how we can sanely write a valid random seed to disk after boot. You guys changed semantics on /dev/urandom all the time in the past, don't break API again, thank you very much. Lennart