On 01/15/2017 03:01 PM, Jason A. Donenfeld wrote:
While the static key stuff is fast, it's not as fast as simply not
having any code to run. So, this patch generates the secret at
boot, rather than at runtime.
Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com>
---
I can imagine this patch not being desirable because:
a) It was done this way in the first place for a reason. (Which?)
See git log:
commit aebda156a570782a86fc4426842152237a19427d
Author: Eric Dumazet <eduma...@google.com>
Date: Mon Apr 29 05:58:52 2013 +0000
net: defer net_secret[] initialization
Instead of feeding net_secret[] at boot time, defer the init
at the point first socket is created.
This permits some platforms to use better entropy sources than
the ones available at boot time.
Signed-off-by: Eric Dumazet <eduma...@google.com>
Signed-off-by: David S. Miller <da...@davemloft.net>
