From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.5 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 35DD9C4CECD for ; Sun, 15 Sep 2019 19:18:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0E7B221479 for ; Sun, 15 Sep 2019 19:18:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727392AbfIOTSc (ORCPT ); Sun, 15 Sep 2019 15:18:32 -0400 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:45445 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725270AbfIOTSc (ORCPT ); Sun, 15 Sep 2019 15:18:32 -0400 Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id x8FJIEGx023230; Sun, 15 Sep 2019 21:18:14 +0200 Date: Sun, 15 Sep 2019 21:18:14 +0200 From: Willy Tarreau To: Linus Torvalds Cc: "Theodore Y. Ts'o" , "Alexander E. Patrakov" , "Ahmed S. Darwish" , Michael Kerrisk , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , linux-ext4@vger.kernel.org, lkml , Lennart Poettering Subject: Re: [PATCH RFC v2] random: optionally block in getrandom(2) when the CRNG is uninitialized Message-ID: <20190915191814.GB23212@1wt.eu> References: <20190912034421.GA2085@darwi-home-pc> <20190912082530.GA27365@mit.edu> <20190914122500.GA1425@darwi-home-pc> <008f17bc-102b-e762-a17c-e2766d48f515@gmail.com> <20190915052242.GG19710@mit.edu> <20190915183240.GA23155@1wt.eu> <20190915183659.GA23179@1wt.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.6.1 (2016-04-27) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Sep 15, 2019 at 12:08:31PM -0700, Linus Torvalds wrote: > My suggested patch left the /dev/random blocking behavior, because > hopefully people *know* about the problems there. > > And hopefully people understand that getrandom(GRND_RANDOM) has all > the same issues. I think this one doesn't cause any issue to users. It's the only one that should be used for long-lived crypto keys in my opinion. > If you want that behavior, you can still use GRND_RANDOM or > /dev/random, but they are simply not acceptable for boot-time > schenarios. Oh no I definitely don't want this behavior at all for urandom, what I'm saying is that as long as getrandom() will have a lower quality of service than /dev/urandom for non-important randoms, there will be compelling reasons to avoid it. And I think that your bounded wait could actually reconciliate both ends of the users spectrum, those who want excellent randoms to run tetris and those who don't care to always play the same party on every boot because they just want to play. And by making /dev/urandom behave like getrandom() we could actually tell users "both are now exactly the same, you have no valid reason anymore not to use the new API". And it forces us to remain very reasonable in getrandom() so that we don't break old applications that relied on urandom to be fast. Willy