From: Linus Torvalds > Sent: 24 June 2023 00:03 > > On Fri, 23 Jun 2023 at 15:55, Ard Biesheuvel <ardb@xxxxxxxxxx> wrote: > > > > With the revert applied, the kernel/EFI stub only consumes the > > variable and deletes it, but never creates it by itself, and so the > > code does nothing if the variable is never created in the first place. > > Right. > > But my *point* was that if we want to create it, we DAMN WELL DO NOT > WANT TO DO SO AT BOOT TIME. > > Boot time is absolutely the worst possible time to do it. > > We'd be much better off doing so at shutdown time, when we at least > have (a) maximal entropy and (b) failures are less critical. Or maybe better - especially for embedded systems which don't often get shut down properly (or any where someone can force a system crash and then get no saved entropy) - after the system has been running long enough to get a reasonable amount of entropy. Also, why delete the entropy during boot? Clearly it is sub-optimal to use it twice, but that has to be better that not using any at all? David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
