[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180502000250.GI10479@thunk.org>
Date: Tue, 1 May 2018 20:02:50 -0400
From: "Theodore Y. Ts'o" <tytso@....edu>
To: Justin Forbes <jmforbes@...uxtx.org>
Cc: Jeremy Cline <jeremy@...ine.org>,
Sultan Alsawaf <sultanxda@...il.com>,
Pavel Machek <pavel@....cz>,
LKML <linux-kernel@...r.kernel.org>, Jann Horn <jannh@...gle.com>
Subject: Re: Linux messages full of `random: get_random_u32 called from`
On Tue, May 01, 2018 at 05:35:56PM -0500, Justin Forbes wrote:
>
> I have not reproduced in GCE myself. We did get some confirmation
> that removing dracut-fips does make the problem less dire (but I
> wouldn't call a 4 minute boot a win, but booting in 4 minutes is
> better than not booting at all). Specifically systemd calls libgcrypt
> before it even opens the log with fips there, and this is before
> virtio-rng modules could even load. Right now though, we are looking
> at pretty much any possible options as the majority of people are
> calling for me to backout the patches completely from rawhide.
FWIW, Debian Testing is using systemd 238, and from what I can tell
it's calling libgcrypt and it has the same (as near as I can tell)
totally pointless hmac nonsense, and it's not a problem that I can
see. Of course, Debian and Fedora may have a different set of
patches....
- Ted
Powered by blists - more mailing lists