lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 30 Nov 2020 10:15:29 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Russell King - ARM Linux admin <linux@...linux.org.uk>
Cc:     Doug Anderson <dianders@...omium.org>,
        Arnd Bergmann <arnd@...nel.org>, SoC Team <soc@...nel.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Ulf Hansson <ulf.hansson@...aro.org>
Subject: Re: [GIT PULL] ARM: SoC fixes for v5.10, part 3

On Mon, Nov 30, 2020 at 10:05 AM Russell King - ARM Linux admin
<linux@...linux.org.uk> wrote:
>
> If you think that /dev/sda for example is always the machine's internal
> HDD, that is wrong.

Yes. See the whole part about

 "Note that it really is only the internal devices that matter. Once you
  start plugging in an external USB hug and random devices, ordering
  clearly won't be reliable.

  So this is not a "everything must be ordered". But people who think
  that that then means "everythinbg can be random" are wrong"

in my email.

And the key word here is:

> I have a HP Pavilion laptop with its internal HDD with a Windows
> installation. Because I didn't want to destroy that in any way, I
> bought an external USB3 SATA enclosure and SSD, and installed Debian
> Stable on there.

.. but it will still generally be stable with the same hardware
configuration, and not fluctuate randomly from boot to boot when the
hardware is the same.

Is it a guarantee? No. External plugged in hardware can change things.
In fact, when you have things like Thunderbolt involved, since it just
looks like PCI, even the PCI probing order won't be the same with or
without the plugged-in device.

But again: avoid randomness. The difference between non-random and
random is that one is predictable and one is not.

Predictability is good. It's not necessariyl always achievable, but
it's very much something we should strive for VERY HARD.

Predictability and reproducibility help debugging enormously. It means
that things like "git bisect" work a lot better. It makes user reports
much more understandable when two users with identical hardware see
identical issues.

Seriously. Anybody who argues against reproducibility is so far out to
lunch that it's not even funny.

You seem to argue on a complete technicality.

            Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ