Re: Linux 5.3-rc8

From: Martin Steigerwald
Date: Tue Sep 17 2019 - 17:38:38 EST

Next message: Russell King - ARM Linux admin: "Re: [PATCH] ARM: dts: imx6dl: SolidRun: add phy node with 100Mb/s max-speed"
Previous message: Rafael J. Wysocki: "Re: [PATCH] nvme-pci: Save PCI state before putting drive into deepest state"
In reply to: Ahmed S. Darwish: "Re: Linux 5.3-rc8"
Next in thread: Matthew Garrett: "Re: Linux 5.3-rc8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ahmed S. Darwish - 17.09.19, 22:52:34 CEST:
> On Tue, Sep 17, 2019 at 10:28:47PM +0200, Martin Steigerwald wrote:
> [...]
>
> > I don't have any kernel logs old enough to see whether whether crng
> > init times have been different with Systemd due to asking for
> > randomness for UUID/hashmaps.
>
> Please stop claiming this. It has been pointed out to you, __multiple
> times__, that this makes no difference. For example:
>
> https://lkml.kernel.org/r/20190916024904.GA22035@xxxxxxx
>
> No. getrandom(2) uses the new CRNG, which is either initialized,
> or it's not ... So to the extent that systemd has made systems
> boot faster, you could call that systemd's "fault".
>
> You've claimed this like 3 times before in this thread already, and
> multiple people replied with the same response. If you don't get the
> paragraph above, then please don't continue replying further on this
> thread.

First off, this mail you referenced has not been an answer to a mail of
mine. It does not have my mail address in Cc. So no, it has not been
pointed out directly to me in that mail.

Secondly: Pardon me, but I do not see how asking for entropy early at
boot times or not doing so has *no effect* on the available entropyÂ. And
I do not see the above mail actually saying this. To my knowledge
Sysvinit does not need entropy for itselfÂ. The above mail merely talks
about the blocking on boot. And whether systemd-random-seed would drain
entropy, not whether hashmaps/UUID do. And also not the effect that
asking for entropy early has on the available entropy and on the
*initial* initialization time of the new CRNG. However I did not claim
that Systemd would block booting. *Not at all*.

Thirdly: I disagree with the tone you use in your mail. And for that
alone I feel it may be better for me to let go of this discussion.

My understanding of entropy always has been that only a certain amount
of it can be produced in a certain amount of time. If that is wrongâ
please by all means, please teach me, how it would be.

However I am not even claiming anything. All I wrote above is that I do
not have any measurements. But I'd expect that the more entropy is asked
for early during boot, the longer the initial initialization of the new
CRNG will take. And if someone else relies on this initialization, that
something else would block for a longer time.

I got that it the new crng won't block after that anymore.

[1] https://github.com/systemd/systemd/issues/4167

(I know that it still with /dev/urandom, so if it is using RDRAND now,
this may indeed be different, but would it then deplete entropy the CPU
has available and that by default is fed into the Linux crng as well
(even without trusting it completely)?)

[2] According to

https://daniel-lange.com/archives/152-Openssh-taking-minutes-to-become-available,-booting-takes-half-an-hour-...-because-your-server-waits-for-a-few-bytes-of-randomness.html

sysvinit does not contain a single line of code about entropy or random
numbers.

Daniel even updated his blog post with a hint to this discussion.

Thanks,
--
Martin

Next message: Russell King - ARM Linux admin: "Re: [PATCH] ARM: dts: imx6dl: SolidRun: add phy node with 100Mb/s max-speed"
Previous message: Rafael J. Wysocki: "Re: [PATCH] nvme-pci: Save PCI state before putting drive into deepest state"
In reply to: Ahmed S. Darwish: "Re: Linux 5.3-rc8"
Next in thread: Matthew Garrett: "Re: Linux 5.3-rc8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]