RE: [PATCH] block: disable entropy contributions from nonrot devices

From: Elliott, Robert (Server Storage)
Date: Thu Oct 02 2014 - 23:28:47 EST

Next message: Ingo Molnar: "Re: [GIT PULL 0/8] perf/core improvements and fixes"
Previous message: Guenter Roeck: "Re: [PATCH v5 4/4] pmbus: ltc2978: add regulator support"
In reply to: Mike Snitzer: "[PATCH] block: disable entropy contributions from nonrot devices"
Next in thread: Jens Axboe: "Re: [PATCH] block: disable entropy contributions from nonrot devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----
> From: linux-kernel-owner@xxxxxxxxxxxxxxx [mailto:linux-kernel-
> owner@xxxxxxxxxxxxxxx] On Behalf Of Mike Snitzer
> Sent: Thursday, 02 October, 2014 7:11 PM
> To: axboe@xxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> Cc: tytso@xxxxxxx; gmazyland@xxxxxxxxx; agk@xxxxxxxxxx; mpatocka@xxxxxxxxxx
> Subject: [PATCH] block: disable entropy contributions from nonrot devices
>
> Introduce queue_flags_set_nonrot_clear_add_random() and convert all
> block drivers that set QUEUE_FLAG_NONROT over to using it instead.
>
> Historically, all block devices have automatically made entropy
> contributions. But as previously stated in commit e2e1a148 ("block: add
> sysfs knob for turning off disk entropy contributions"):
> - On SSD disks, the completion times aren't as random as they
> are for rotational drives. So it's questionable whether they
> should contribute to the random pool in the first place.
> - Calling add_disk_randomness() has a lot of overhead.
>
> There are more reliable sources for randomness than non-rotational block
> devices. From a security perspective it is better to err on the side of
> caution than to allow entropy contributions from unreliable "random"
> sources.

blk-mq defaults to off (QUEUE_FLAG_MQ_DEFAULT does not
include QUEUE_FLAG_ADD_RANDOM).

Even when it's off in block layer completion processing, all interrupts,
storage or not, are forced to contribute during hardirq processing.
I've seen this add 3-12 us latency blips every 64 interrupts (when
the "fast_mix" code runs out of bits).

Example of fast_mix only taking 0.071 us:
(from ftrace function_graph)
8) | handle_irq_event() {
8) | handle_irq_event_percpu() {
8) | do_hpsa_intr_msi [hpsa]() {
8) 0.060 us | SA5_performant_completed [hpsa]();
8) 0.397 us | }
8) 0.071 us | add_interrupt_randomness();
8) 0.071 us | note_interrupt();
8) 1.495 us | }
8) 0.045 us | _raw_spin_lock();
8) 2.165 us | }

Example of the 64th bit taking 3.814 us:
8) | handle_irq_event() {
8) | handle_irq_event_percpu() {
...
8) | add_interrupt_randomness() {
8) | __mix_pool_bytes() {
8) 0.312 us | _mix_pool_bytes();
8) 0.688 us | }
8) | credit_entropy_bits() {
8) | __wake_up() {
8) 0.070 us | _raw_spin_lock_irqsave();
8) 0.050 us | __wake_up_common();
8) 0.056 us | _raw_spin_unlock_irqrestore();
8) 1.448 us | }
8) 0.048 us | kill_fasync();
8) 2.313 us | }
8) 3.814 us | }

---
Rob Elliott HP Server Storage

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [GIT PULL 0/8] perf/core improvements and fixes"
Previous message: Guenter Roeck: "Re: [PATCH v5 4/4] pmbus: ltc2978: add regulator support"
In reply to: Mike Snitzer: "[PATCH] block: disable entropy contributions from nonrot devices"
Next in thread: Jens Axboe: "Re: [PATCH] block: disable entropy contributions from nonrot devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]