Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp5691898ybe; Tue, 17 Sep 2019 11:57:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqyn4W60L8RVR8LP4924+mrafwKDcRcHqtjXUOXKBmdPC6VVj+UFqjja8LGbqBs8mpqAH4eg X-Received: by 2002:a17:907:111b:: with SMTP id qu27mr6227863ejb.10.1568746619884; Tue, 17 Sep 2019 11:56:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568746619; cv=none; d=google.com; s=arc-20160816; b=svpWreqlpImfmj6jRgyzyGLVA/295AHCTjfI5xQhz0wBxSHdO2JX3ojrheVK/35gjj C0iQ6pGHkKfu0tG5t9AAma+Yao0oKEOnRpXsK6FYidoG0+olwyzKm1o+cHv9BmPjoRJZ CZPRqwRN8roZop9lh22rR8MhMcP5c8PES5SmQ0T6RJocBqbd/pFdZwj7pq4ai/gFAv3T O9cu3CjB/2rHHgIAOQQyHQF03SYkVDc6wNYq0ZOgG9umazdR7US+IGRqOZLvti0IXS07 P9W8ijM5nn+0iWuIqXpXVO7FSeWIdzQEWC3NeOk/5LyPAvtH6gj+8+6OmNMFppwrtp25 4B8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=rv+1CYtd1rdOH1y/UN1cBL+9JKST4StCNDtT1vE8sLk=; b=N0r+t5eAHd/VtsRkDKEiFkAgojqwRnL9vXpGtSDZlGJc6LBGnya1TH7XSagJCmRki0 X9AdUI9LdBFLwP5j7jnbcjsum02LB40nT/nsn9NX1tyex3KYQAO6inZTKnXBySlayTih TNjztTMcG5VHJzZ+PVpJ6l9qn3YTqIH92cN9n+RWgUr/93t8Yl27/6mp+7H783OpVXML PaBJDxZ/K5iBwcgc/R2Cbgl6tHVpJXlS1HFCX8QdJkxxxtm6ykz5X08yrH5aoIPkZ7/s zMpP5BFUXpdWhwVJI/lwY0nhprV/iMY0Mxb/jT1ySvjwp0cb9xiaAKhU3AHVBsU1ElT0 y8CQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j35si2273436eda.144.2019.09.17.11.56.35; Tue, 17 Sep 2019 11:56:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730821AbfIQRRK (ORCPT + 99 others); Tue, 17 Sep 2019 13:17:10 -0400 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:47156 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727296AbfIQRRK (ORCPT ); Tue, 17 Sep 2019 13:17:10 -0400 Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id x8HHGfPw028025; Tue, 17 Sep 2019 19:16:41 +0200 Date: Tue, 17 Sep 2019 19:16:41 +0200 From: Willy Tarreau To: Matthew Garrett Cc: Linus Torvalds , Martin Steigerwald , "Ahmed S. Darwish" , "Theodore Y. Ts'o" , Vito Caputo , Lennart Poettering , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , "Alexander E. Patrakov" , zhangjs , linux-ext4@vger.kernel.org, lkml Subject: Re: Linux 5.3-rc8 Message-ID: <20190917171641.GC27999@1wt.eu> References: <20190917052438.GA26923@1wt.eu> <2508489.jOnZlRuxVn@merkaba> <20190917163456.alzodstm3hd4yrni@srcf.ucam.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190917163456.alzodstm3hd4yrni@srcf.ucam.org> User-Agent: Mutt/1.6.1 (2016-04-27) Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Tue, Sep 17, 2019 at 05:34:56PM +0100, Matthew Garrett wrote: > On Tue, Sep 17, 2019 at 09:27:44AM -0700, Linus Torvalds wrote: > > > Does anybody believe that 128 bits of randomness is a good basis for a > > long-term secure key? > > Yes, it's exactly what you'd expect for an AES 128 key, which is still > considered to be secure. AES keys are for symmetrical encryption and thus as such are short-lived. We're back to what Linus was saying about the fact that our urandom is already very good for such use cases, it should just not be used to produce long-lived keys (i.e. asymmetrical). However I'm worried regarding this precise patch about the fact that delays will add up. I think that once we've failed to wait for a first process, we've broken any hypothetical trust in terms of random quality so there's no point continuing to wait for future requests. Willy