On Mon, Sep 30, 2019 at 08:10:15AM +0200, Borislav Petkov wrote: > On Sun, Sep 29, 2019 at 07:59:19PM -0700, Linus Torvalds wrote: > > All my smoke testing looked fine - I disabled trusting the CPU, I > > increased the required entropy a lot, and to actually trigger the > > lockup issue without the broken user space, I made /dev/urandom do > > that "wait for entropy" thing too. > > Hohum, seems to get rid of the longish delay during boot on my test > boxes here:
Yes; for me too. This makes a huge difference in my ARM emulation environments (where I wasn't using virtio-rng-device). Those VMs were very boot entropy starved -- I was waiting minutes for sshd to start. I doubt running something like dieharder on urandom would actually show any deficiencies, but I've started a test up anyway. I'll yell in a few hours if it actually has something bad to say. :) -- Kees Cook
