On Thu, 2015-06-18 at 11:32 +0200, Hannes Frederic Sowa wrote: > Hello Christoph,
> > There does not seem to be a better way to handle this. We could try > > to make the call to kmalloc and crypto_alloc_cipher during bootup, and > > then generate the random value only on-the-fly (when the first TFO-SYN > > comes in) with net_get_random_once in order to have the better entropy > > that comes with doing the late initialisation of the random value. But > > that's probably net-next material. > > can't we simply move the net_get_random_once to the TCP_FASTOPEN setsockopt > and > sendmsg(MSG_FASTOPEN) path, so those allocations still happen in process > context > but we still defer the extraction of entropy as long as posible? Yes, I do not think this would be hard. This bug is old (3.13) and does not seem very urgent to expedite a revert. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
