Re: [PATCH v3 05/13] security/keys: ensure RNG is seeded before use

On Tue, Jun 6, 2017 at 12:08 PM, David Howells wrote: > Jason A. Donenfeld wrote: > >> + key->serial = get_random_u32() >> 1; > > If this may sleep, it must be interruptible. That won't sleep. I could have made it get_random_u32_wait(), but we'd

Re: [PATCH v3 05/13] security/keys: ensure RNG is seeded before use

Jason A. Donenfeld wrote: > + key->serial = get_random_u32() >> 1; If this may sleep, it must be interruptible. David

[PATCH v3 05/13] security/keys: ensure RNG is seeded before use

Otherwise, we might use bad random numbers which, particularly in the case of IV generation, could be quite bad. It makes sense to use the synchronous API here, because we're always in process context (as the code is littered with GFP_KERNEL and the like). However, we can't change to using a