From: Jens Axboe <axboe@kernel.dk>
To: Mike Snitzer <snitzer@redhat.com>, linux-kernel@vger.kernel.org
Cc: tytso@mit.edu, gmazyland@gmail.com, agk@redhat.com, mpatocka@redhat.com
Subject: Re: [PATCH] block: disable entropy contributions from nonrot devices
Date: Fri, 03 Oct 2014 15:17:56 -0600 [thread overview]
Message-ID: <542F1284.2070702@kernel.dk> (raw)
In-Reply-To: <1412295074-4984-1-git-send-email-snitzer@redhat.com>
On 2014-10-02 18:11, Mike Snitzer wrote:
> Introduce queue_flags_set_nonrot_clear_add_random() and convert all
> block drivers that set QUEUE_FLAG_NONROT over to using it instead.
>
> Historically, all block devices have automatically made entropy
> contributions. But as previously stated in commit e2e1a148 ("block: add
> sysfs knob for turning off disk entropy contributions"):
> - On SSD disks, the completion times aren't as random as they
> are for rotational drives. So it's questionable whether they
> should contribute to the random pool in the first place.
> - Calling add_disk_randomness() has a lot of overhead.
>
> There are more reliable sources for randomness than non-rotational block
> devices. From a security perspective it is better to err on the side of
> caution than to allow entropy contributions from unreliable "random"
> sources.
Don't add a special function for this, just use the flag clear/set
functions for both.
--
Jens Axboe
next prev parent reply other threads:[~2014-10-03 21:18 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-03 0:11 [PATCH] block: disable entropy contributions from nonrot devices Mike Snitzer
2014-10-03 3:26 ` Elliott, Robert (Server Storage)
2014-10-03 21:24 ` Jens Axboe
2014-10-03 21:17 ` Jens Axboe [this message]
2014-10-03 22:58 ` [PATCH v2] block: disable entropy contributions for " Mike Snitzer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=542F1284.2070702@kernel.dk \
--to=axboe@kernel.dk \
--cc=agk@redhat.com \
--cc=gmazyland@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mpatocka@redhat.com \
--cc=snitzer@redhat.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.