On Fri, Sep 28, 2018 at 10:56:07PM +1000, Michael Ellerman wrote: > The problem of low entropy at boot on systems without a good hardware > source is sort of unsolvable. > > As you say it's up to the core kernel/random code, we shouldn't be > trying to do anything tricky in the arch code. > > You don't want your system to take 3 hours to boot because it's waiting > for entropy for the stack canary. > > If we can update the canary later once the entropy pool is setup that > would be ideal.
Yup, I agree with all that. But we should *also* not say "oh, there may be cases where we cannot do the right thing, so just do not even try, ever, anywhere". Segher
