Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp216770ybe; Wed, 18 Sep 2019 15:52:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqyCgnh/DgkPgnCPvKY/y17GrMyqnUaBDuO5P85s+OtDBY4deNk7kCbT/B3J+mJU4vY0D1Dn X-Received: by 2002:a05:6402:2cb:: with SMTP id b11mr13026798edx.285.1568847137732; Wed, 18 Sep 2019 15:52:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568847137; cv=none; d=google.com; s=arc-20160816; b=SO5sEv3peMQEleurNrTMYSAOosA+VLd2sp0QU5hfZublR3Fk6ICbZGeKiYWUe1PGpq VJgvrp2mhguiRDmgvjihig/SOgnwIAUh04rJxWCSwZDlbYVFW2RgiEDI6RzFgaS8Wx6v AiqzxCjRZl56/of29A+UWXrrDi3/J8bTSeo97oOX6PAEBjPem5mI7Ttk5PCvnkWUsm/Y lBBuRLMVj+4PrYigc7X+Jr+m+N4Nm5CZTrfp4zpfjsKKRHNg+DMy4JplanHHk5pKGYzH wYVKh9gBQS7VVYq2UgbZWl8bZAmRNgfD6bFHxN8gY7mBKwplLl2T8Tp67hsG75dcanxz lS9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=WA83kKskWDi0wSYWEMANppD1TtU2egtENlabxouEkMs=; b=hnpqX20cWe5og/oWcWlpOgH8B8znBLRZZ/laFK9RkLLZM9WvnkJycz6j9jd11ZRWvO PkbGbw9ov/YwnjVzn39A5Iy/RSiA+xevl12wDVXNIb1MPJ7By0O+3q5N/g+QfjuNW1DR OatZ81zl7uRHLyuthkJe1MPPvd+a79VAl4kXzk9KA9YVUjGNcDrmqqZp2KE1dwiuWVUq Nw96o0U7b8/mJdgZRzm0eczIAk2DQ/HtwDhlAI5da2N7AQUrCVPQlmhV/h68j/AzDDir v3KFtS8d8xAfAbJ7dWTVkJEgLuYqEMaA1liO4utfau9fu+f689hWfpDYErkfKmvw/7ea ELLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=D7phgcdk; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h2si4132450edw.29.2019.09.18.15.51.53; Wed, 18 Sep 2019 15:52:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=D7phgcdk; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731004AbfIRU07 (ORCPT + 99 others); Wed, 18 Sep 2019 16:26:59 -0400 Received: from mail-lf1-f67.google.com ([209.85.167.67]:36942 "EHLO mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730667AbfIRU07 (ORCPT ); Wed, 18 Sep 2019 16:26:59 -0400 Received: by mail-lf1-f67.google.com with SMTP id w67so639660lff.4 for ; Wed, 18 Sep 2019 13:26:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WA83kKskWDi0wSYWEMANppD1TtU2egtENlabxouEkMs=; b=D7phgcdky5drAnukp4PGzIPILGleUSxw/Oy6UL6EcAOEXsYTKGPslV2lsSMTxEN+mH M3RqihbNDrPkWyIcw/igYnJ1odNGKJcr97829hJnei6qtbXfJEkFQsRdPHCP5ZG4HipW KeCnm0IJheqNUiL0MQFc74cHjOFPY3i9mSC8g= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WA83kKskWDi0wSYWEMANppD1TtU2egtENlabxouEkMs=; b=RnZ51ko186ExtAzpZbYiHnnjU8b29gLip9wS17nLKRWPeDiWyvkjLBy6dLXaRUE/rS SHzkEw8lN/GdMmsD1qR/tkTG7RZpSlNsf1A2j2vu24EK4SQS67CH8ELgvMU2uRhtLLLr +RCH/Sj6ljwcGttafii/fDjz9uHFg6wyEZqwcP8g7WUo2a1wVH9y9nRgZ2n2ydjftbVV 3B4lvpcbzogIQHOYzLFri0vuArumQEgMhgb1tyhn8VkqfR97t9Vpt2eOIXWsiXhP9xT4 X1bl43anJCbZwi28yAkGt4vRjHL+C+eeBO5c/GNh+0FunM/bNuQitpXxue8XiDyspsoh /m3Q== X-Gm-Message-State: APjAAAW4PTZS32XEkujtxPJ/dVzXTBcyWVgsl2mUWvF1dJoMyJSPj3HV 74Nk7jqibhJHM+He+m7Gkgp69QbEIYY= X-Received: by 2002:a19:117:: with SMTP id 23mr3093850lfb.115.1568838417262; Wed, 18 Sep 2019 13:26:57 -0700 (PDT) Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com. [209.85.167.44]) by smtp.gmail.com with ESMTPSA id c18sm1403492ljd.27.2019.09.18.13.26.55 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 18 Sep 2019 13:26:56 -0700 (PDT) Received: by mail-lf1-f44.google.com with SMTP id y127so657718lfc.0 for ; Wed, 18 Sep 2019 13:26:55 -0700 (PDT) X-Received: by 2002:ac2:5c11:: with SMTP id r17mr3099120lfp.61.1568838415644; Wed, 18 Sep 2019 13:26:55 -0700 (PDT) MIME-Version: 1.0 References: <20190917052438.GA26923@1wt.eu> <2508489.jOnZlRuxVn@merkaba> <20190917121156.GC6762@mit.edu> <20190917123015.sirlkvy335crozmj@debian-stretch-darwi.lab.linutronix.de> <20190917160844.GC31567@gardel-login> <20190917174219.GD31798@gardel-login> <87zhj15qgf.fsf@x220.int.ebiederm.org> <84824f79-2d12-0fd5-5b32-b0360eb075ac@gmail.com> In-Reply-To: <84824f79-2d12-0fd5-5b32-b0360eb075ac@gmail.com> From: Linus Torvalds Date: Wed, 18 Sep 2019 13:26:39 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Linux 5.3-rc8 To: "Alexander E. Patrakov" Cc: "Eric W. Biederman" , Lennart Poettering , "Ahmed S. Darwish" , "Theodore Y. Ts'o" , Willy Tarreau , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , linux-ext4@vger.kernel.org, lkml Content-Type: text/plain; charset="UTF-8" Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Wed, Sep 18, 2019 at 1:15 PM Alexander E. Patrakov wrote: > > No, this is not the solution, if we take seriously not only getrandom > hangs, but also urandom warnings. In some setups (root on LUKS is one of > them) they happen early in the initramfs. Therefore "restoring" entropy > from the previous boot by a script that runs from the main system is too > late. That's why it is suggested to load at least a part of the random > seed in the boot loader, and that has not been commonly implemented. Honestly, I think the bootloader suggestion is naive and silly too. Yes, we now support it. And no, I don't think people will trust that either. And I suspect for good reason: there's really very little reason to believe that bootloaders would be any better than any other part of the system. So right now some people trust bootloaders exactly _because_ there basically is just one or two that do this, and the people who use them are usually the people who wrote them or are at least closely associated with them. That will change, and then people will say "why would I trust that, when we know of bug Xyz". And I guarantee that those bugs _will_ happen, and people will quite reasonably then say "yeah, I don't trust the bootloader". Bootloaders do some questionable things. The most likely thing to actually be somewhat useful is I feel things like the kernel just saving the seed by itself in nvram. There's already an example of this for the EFI random seed thing, but that's used purely for kexec, I think. Adding an EFI variable (or other platform nonvolatile thing), and reading (and writing to it) purely from the kernel ends up being one of those things where you can then say "ok, if we trust the platform AT ALL, we can trust that". Since you can't reasonably do things like add EFI variables to your distro image by mistake. Of course, even then people will say "I don't trust the platform". But at some point you just say "you have trust issues" and move on. Linus