lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e9a411a2-49e2-4897-4e02-1cf790465cbd@kernel.dk>
Date:   Tue, 12 Feb 2019 09:06:29 -0700
From:   Jens Axboe <axboe@...nel.dk>
To:     James Bottomley <James.Bottomley@...senPartnership.com>,
        linux-scsi <linux-scsi@...r.kernel.org>
Cc:     Xuewei Zhang <xueweiz@...gle.com>, linux-block@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Mikael Pettersson <mikpelinux@...il.com>
Subject: Re: [PATCH] scsi: sd: fix entropy gathering for most rotational disks

On 2/12/19 9:05 AM, James Bottomley wrote:
> The problem is that the default for MQ is not to gather entropy,
> whereas the default for the legacy queue was always to gather it.  The
> original attempt to fix entropy gathering for rotational disks under MQ
> added an else branch in sd_read_block_characteristics(). 
> Unfortunately, the entire check isn't reached if the device has no
> characteristics VPD page.  Since this page was only introduced in SBC-3 
> and its optional anyway, most less expensive rotational disks don't
> have one, meaning they all stopped gathering entropy when we made MQ
> the default.  In a wholly unrelated change, openssl and openssh won't
> function until the random number generator is initialised, meaning lots
> of people have been seeing large delays before they could log into
> systems with default MQ kernels due to this lack of entropy, because it
> now can take tens of minutes to initialise the kernel random number
> generator.
> 
> The fix is to set the non-rotational and add-randomness flags
> unconditionally early on in the disk initialization path, so they can
> be reset only if the device actually reports being non-rotational via
> the VPD page.

Reviewed-by: Jens Axboe <axboe@...nel.dk>

-- 
Jens Axboe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ