On Sun, Jul 14, 2013 at 02:33:05AM +0200, Jiri Kosina wrote: > The problem we have actually encountered was 902c098a ... it's not obvious > how that patch would be fixing any security related issue (strictly > speaking, it could actually create a new security problem). > It's not even closely tight to the rest of the patches in the series > (supposedly some of those patches is fixing some particular CVE ...). > > So I still fail to see a proper explanation why 902c098a itself is > included in the stable tree. The specific reason for these changes was the following research work: https://factorable.net/ In order to deal with this, we needed to sample randomness unconditionally for every single interrupt. Historically, kernel developers had been very hesitant to sample for randomness because of the potential performance hit. As a result, most of the drivers didn't sample for randomness, with the result shown above. The fix was to sample for randomness unconditionally; commit 902c098a was to eliminate the performance impact of always sampling for randomness. Regards, - Ted -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html