On Thu May 23, 2024 at 12:53 PM EEST, Jarkko Sakkinen wrote: > On Thu May 23, 2024 at 7:49 AM EEST, Herbert Xu wrote: > > On Wed, May 22, 2024 at 03:53:23PM -0700, Linus Torvalds wrote: > > > > > > That said, looking at the code in question, there are other oddities > > > going on. Even the "we found a favorite new rng" case looks rather > > > strange. The thread we use - nice and asynchronous - seems to sleep > > > only if the randomness source is emptied. > > > > > > What if you have a really good source of hw randomness? That looks > > > like a busy loop to me, but hopefully I'm missing something obvious. > > > > Yes that does look strange. So I dug up the original patch at > > > > https://lore.kernel.org/all/20140317165012.GC1763@xxxxxx/ > > > > and therein lies the answer. It's relying on random.c to push back > > when the amount of new entropy exceeds what it needs. IOW we will > > sleep via add_hwgenerator_randomness when random.c decides that > > enough is enough. In fact the rate is much less now compared to > > when the patch was first applied. > > Just throwing something because came to mind, not a serious suggestion. > > In crypto_larval_lookup I see statements like this: > > request_module("crypto-%s", name); > > You could potentially bake up a section/table to vmlinux which would > have entries like: > > "module name", 1/0 > > '1' would mean built-in. Then for early randomness use only stuff > that is built-in. > > Came to mind from arch/x86/realmode for which I baked in a table > for relocation (this was a collaborative work with H. Peter Anvin > in 2012 to make trampoline code relocatable but is still a legit > example to do such shenanigans in a subystem). This could be even parameter in __request_module() itself e.g. int __request_module(bool wait, bool builtin_only, const char *fmt, ...); And would not matter which initcall layer we are running at. BR, Jarkko