From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CA2A2C54EE9
	for <linux-mm@archiver.kernel.org>; Tue, 27 Sep 2022 08:41:10 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 62D2E8E00B9; Tue, 27 Sep 2022 04:41:10 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 5DC138E00AF; Tue, 27 Sep 2022 04:41:10 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 47F008E00B9; Tue, 27 Sep 2022 04:41:10 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id 3957F8E00AF
	for <linux-mm@kvack.org>; Tue, 27 Sep 2022 04:41:10 -0400 (EDT)
Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay04.hostedemail.com (Postfix) with ESMTP id 088C01A0C7F
	for <linux-mm@kvack.org>; Tue, 27 Sep 2022 08:41:10 +0000 (UTC)
X-FDA: 79957220700.27.36EECC5
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
	by imf12.hostedemail.com (Postfix) with ESMTP id 8E1D740009
	for <linux-mm@kvack.org>; Tue, 27 Sep 2022 08:41:09 +0000 (UTC)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id DE0F761726
	for <linux-mm@kvack.org>; Tue, 27 Sep 2022 08:41:08 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0F62EC433C1
	for <linux-mm@kvack.org>; Tue, 27 Sep 2022 08:41:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105;
	t=1664268064;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=IV/Em9oY+NQiUPjmtckttX54KTlCyU8xGN0JLMqvDIc=;
	b=U2RFQizAC2uVi7PeJpBOJhVm8sonI94kcMjpmIb7C+lbxJFAWil0g+O/A0FycoIKy0lXtM
	6tGzi54hJvOMspzhR1YjM3/RFjGIOff6q+8UwTD3o5ErqUraiYhx26mwfv8NWoCEBDBca1
	lXLtqDS1rHPcULbQg37rDsMricNl+lw=
Received: 
	by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 5e73ac7e (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO)
	for <linux-mm@kvack.org>;
	Tue, 27 Sep 2022 08:41:04 +0000 (UTC)
Received: by mail-ua1-f45.google.com with SMTP id p89so3299950uap.12
        for <linux-mm@kvack.org>; Tue, 27 Sep 2022 01:41:04 -0700 (PDT)
X-Gm-Message-State: ACrzQf2iksoj4iBKhPrcUVsh0lV6D2KDhEf7ZeWVBW99YUjFSJNZYw9G
	JnjHA2nwRQWYXJhxNBxubWBMR2x66bfuhyaJqV4=
X-Google-Smtp-Source: AMsMyM4Y7JRr9Bp3JZsLnSgTZEfxIosiNasa58p2BBabUeLL6/OJszW06By24Gtt3fxOa/Q+yiVFeaS0jpV5tLXPSBo=
X-Received: by 2002:a9f:3562:0:b0:3d0:ad99:b875 with SMTP id
 o89-20020a9f3562000000b003d0ad99b875mr1217071uao.102.1664268062673; Tue, 27
 Sep 2022 01:41:02 -0700 (PDT)
MIME-Version: 1.0
References: <20220926213130.1508261-1-Jason@zx2c4.com> <YzKZnkwCi0UwY/4Q@owl.dominikbrodowski.net>
 <CAHmME9oGkjAxvoBvWMBRSjFmKLzOdzfcQAB4q3P869BsySSfNg@mail.gmail.com> <YzK0ntZJvMzFzui0@owl.dominikbrodowski.net>
In-Reply-To: <YzK0ntZJvMzFzui0@owl.dominikbrodowski.net>
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Tue, 27 Sep 2022 10:40:51 +0200
X-Gmail-Original-Message-ID: <CAHmME9q3w1XHyS5QpyW79xK9xjnZmzyBr-Pk3QOsp=mJ_Loauw@mail.gmail.com>
Message-ID: <CAHmME9q3w1XHyS5QpyW79xK9xjnZmzyBr-Pk3QOsp=mJ_Loauw@mail.gmail.com>
Subject: Re: [PATCH v2 1/2] random: split initialization into early step and
 later step
To: Dominik Brodowski <linux@dominikbrodowski.net>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, 
	kasan-dev@googlegroups.com, Kees Cook <keescook@chromium.org>, 
	Andrew Morton <akpm@linux-foundation.org>, stable@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
ARC-Authentication-Results: i=1;
	imf12.hostedemail.com;
	dkim=pass header.d=zx2c4.com header.s=20210105 header.b=U2RFQizA;
	spf=pass (imf12.hostedemail.com: domain of "SRS0=O2ZR=Z6=zx2c4.com=Jason@kernel.org" designates 139.178.84.217 as permitted sender) smtp.mailfrom="SRS0=O2ZR=Z6=zx2c4.com=Jason@kernel.org";
	dmarc=pass (policy=quarantine) header.from=zx2c4.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1664268069; a=rsa-sha256;
	cv=none;
	b=5omi+AgB+C5+2yL/bDR/X3hp9rUg5f0sElSght/rVk1xoNgJ6QG6UBuquQkElTpFta5aQ7
	eLGXF92qrpbjOXRONWmkx9T4rOi04KGOjpd3ApPO/4QLBwsU6skJpnNkNhTO2in6+CA7yD
	nq+eYgDCutTdOHBNI2Pny9XqkenTlPk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1664268069;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=IV/Em9oY+NQiUPjmtckttX54KTlCyU8xGN0JLMqvDIc=;
	b=KFXZcP/ioV02zEdJOJg0/RHtFs/fGkOoXgh9epLtt1SHeQ5ujvSvWgOwksCJXolBu951HJ
	5WeR9vPOlwtSkOGUPMm11HIe6VWd+p2OvzBWrZjLN2Hbmglvgk9ym8PATNmCQVkvyDF7eS
	lvx5X5QrjXguFL1TWeDNENOSJYUs23o=
X-Rspam-User: 
Authentication-Results: imf12.hostedemail.com;
	dkim=pass header.d=zx2c4.com header.s=20210105 header.b=U2RFQizA;
	spf=pass (imf12.hostedemail.com: domain of "SRS0=O2ZR=Z6=zx2c4.com=Jason@kernel.org" designates 139.178.84.217 as permitted sender) smtp.mailfrom="SRS0=O2ZR=Z6=zx2c4.com=Jason@kernel.org";
	dmarc=pass (policy=quarantine) header.from=zx2c4.com
X-Rspamd-Server: rspam01
X-Stat-Signature: ab7e5btadm71wzg46t5s4fsnabyte45o
X-Rspamd-Queue-Id: 8E1D740009
X-HE-Tag: 1664268069-721662
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Tue, Sep 27, 2022 at 10:30 AM Dominik Brodowski
<linux@dominikbrodowski.net> wrote:
>
> Am Tue, Sep 27, 2022 at 10:28:11AM +0200 schrieb Jason A. Donenfeld:
> > On Tue, Sep 27, 2022 at 8:35 AM Dominik Brodowski
> > <linux@dominikbrodowski.net> wrote:
> > > >  #if defined(LATENT_ENTROPY_PLUGIN)
> > > >       static const u8 compiletime_seed[BLAKE2S_BLOCK_SIZE] __initconst __latent_entropy;
> > > > @@ -803,34 +798,46 @@ int __init random_init(const char *command_line)
> > > >                       i += longs;
> > > >                       continue;
> > > >               }
> > > > -             entropy[0] = random_get_entropy();
> > > > -             _mix_pool_bytes(entropy, sizeof(*entropy));
> > > >               arch_bits -= sizeof(*entropy) * 8;
> > > >               ++i;
> > > >       }
> > >
> > >
> > > Previously, random_get_entropy() was mixed into the pool ARRAY_SIZE(entropy)
> > > times.
> > >
> > > > +/*
> > > > + * This is called a little bit after the prior function, and now there is
> > > > + * access to timestamps counters. Interrupts are not yet enabled.
> > > > + */
> > > > +void __init random_init(void)
> > > > +{
> > > > +     unsigned long entropy = random_get_entropy();
> > > > +     ktime_t now = ktime_get_real();
> > > > +
> > > > +     _mix_pool_bytes(utsname(), sizeof(*(utsname())));
> > >
> > > But now, it's only mixed into the pool once. Is this change on purpose?
> >
> > Yea, it is. I don't think it's really doing much of use. Before we did
> > it because it was convenient -- because we simply could. But in
> > reality mostly what we care about is capturing when it gets to that
> > point in the execution. For jitter, the actual jitter function
> > (try_to_generate_entropy()) is better here.
> >
> > However, before feeling too sad about it, remember that
> > extract_entropy() is still filling a block with rdtsc when rdrand
> > fails, the same way as this function was. So it's still in there
> > anyway.
>
> With that explanation on the record (I think it's important to make such
> subtle changes explicit),
>
>         Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net>

I'll augment the commit message to note this too. Thanks for the review.

Jason