From: Greg KH <gregkh@linuxfoundation.org>
To: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Noah Meyerhans <noahm@debian.org>,
stable <stable@vger.kernel.org>
Subject: Re: Please apply 50ee7529ec45 ("random: try to actively add entropy rather than passively wait for it") to 4.19.y
Date: Thu, 30 Jan 2020 15:49:35 +0100 [thread overview]
Message-ID: <20200130144935.GA994030@kroah.com> (raw)
In-Reply-To: <20200130003939.GC303030@mit.edu>
On Wed, Jan 29, 2020 at 07:39:39PM -0500, Theodore Y. Ts'o wrote:
> On Tue, Jan 28, 2020 at 11:59:28AM -0800, Linus Torvalds wrote:
> > On Tue, Jan 28, 2020 at 11:34 AM Noah Meyerhans <noahm@debian.org> wrote:
> > >
> > > Added torvalds and tytso to the CC list. Linus and Ted, what do you
> > > think of the idea of applying 50ee7529ec45 ("random: try to actively add
> > > entropy rather than passively wait for it") to the 4.19.y and 4.14.y
> > > kernels?
> >
> > By now I suspect it's the right thing to do. Nobody has complained
> > about it, and it fixed real issues during boot.
> >
> > Some of those real issues may have ended up being just unnecessary
> > delays rather than complete lockups, but still..
>
> FWIW, at $WORK we backported the patch, but we also added an out of
> tree patch to disable it on non-x86 systems. That's mainly because
> I'm still hesitant about the safety of relying on this on non-x86
> architectures that may have a much simpler micro-archtecture, and
> which don't have RDRAND. But we also have a much more stringent
> (paranoid?) philosophy where if there is a risk that our kernels might
> be penetrated by a nation-state (viz. Operation Aurora), booting
> lockups so we know that we might have a problem that should be
> examined by a human being is actually *preferable*.
Ok, I've applied this to 4.19.y. I'm guessing that anyone who had this
type of problem in 4.14.y has long upgraded their kernels, and that
kernel is pretty much only in already-shipping devices, not "new"
things.
Let's see what breaks :)
thanks,
greg k-h
prev parent reply other threads:[~2020-01-30 14:50 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-27 23:02 Please apply 50ee7529ec45 ("random: try to actively add entropy rather than passively wait for it") to 4.19.y Noah Meyerhans
2020-01-28 7:52 ` Greg KH
2020-01-28 19:34 ` Noah Meyerhans
2020-01-28 19:59 ` Linus Torvalds
2020-01-30 0:39 ` Theodore Y. Ts'o
2020-01-30 14:49 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200130144935.GA994030@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=noahm@debian.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.