Re: Linux 5.3-rc8

[Alexander E. Patrakov]

17.09.2019 22:32, Willy Tarreau ÐÐÑÐÑ:
> On Tue, Sep 17, 2019 at 07:30:36PM +0200, Lennart Poettering wrote:
> > On Di, 17.09.19 21:58, Alexander E. Patrakov (patrakov@xxxxxxxxx) wrote:
> >
> > > I am worried that the getrandom delays will be serialized, because processes
> > > sometimes run one after another. If there are enough chained/dependent
> > > processes that ask for randomness before it is ready, the end result is
> > > still a too-big delay, essentially a failed boot.
> > >
> > > In other words: your approach of adding delays only makes sense for heavily
> > > parallelized boot, which may not be the case, especially for embedded
> > > systems that don't like systemd.
> >
> > As mentioned elsewhere: once the pool is initialized it's
> > initialized. This means any pending getrandom() on the whole system
> > will unblock at the same time, and from the on all getrandom()s will
> > be non-blocking.
>
> He means that all process will experience this delay until there's enough
> entropy.
>
> Willy

Indeed, my wording was not clear enough. Linus' patch has a 5-second 
timeout for small entropy requests, after which they get converted to 
the equivalent of urandom. However, in the following shell script:

#!/bin/sh
p1
p2

if both p1 and p2 ask for a small amount of entropy before crng is fully 
initialized, and do nothing that produces more entropy, the total delay 
will be 10 seconds.

--
Alexander E. Patrakov