From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=)
Subject: bug#31268: 'guix system vm-image' hangs
Date: Fri, 18 May 2018 18:39:41 +0200
Message-ID: <87a7swrk8i.fsf@gnu.org>
References: <87604en3u5.fsf@gmail.com>
	<20180425223706.22d91e40@centurylink.net> <877eoua9v1.fsf@gmail.com>
	<87r2mxw1ax.fsf@netris.org> <87bme0ydzn.fsf@gnu.org>
	<87y3h4fy8c.fsf@netris.org> <87muwx9h82.fsf@lassieur.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:55928)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fJiQH-00049u-R9
	for bug-guix@gnu.org; Fri, 18 May 2018 12:40:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fJiQE-0005dF-HS
	for bug-guix@gnu.org; Fri, 18 May 2018 12:40:05 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:60354)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1fJiQE-0005d9-E4
	for bug-guix@gnu.org; Fri, 18 May 2018 12:40:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fJiQE-0006mz-6A
	for bug-guix@gnu.org; Fri, 18 May 2018 12:40:02 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.31268.B31268.152666159426074@debbugs.gnu.org>
In-Reply-To: <87muwx9h82.fsf@lassieur.org> ("=?UTF-8?Q?Cl=C3=A9ment?=
	Lassieur"'s message of "Fri, 18 May 2018 16:22:05 +0200")
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur <clement@lassieur.org>
Cc: George myglc2 Clemmer <myglc2@gmail.com>, 31268@debbugs.gnu.org

Hi!

Cl=C3=A9ment Lassieur <clement@lassieur.org> skribis:

> Mark H Weaver <mhw@netris.org> writes:

[...]

>> I suggest doing a git bisect on the 4.16.y branch of the linux-stable
>> git repository, between the 4.16.3 and 4.16.4 tags.
>
> I did it, here is the result:

Impressive, thanks a lot!  Did you have a script to do that or
something?

> cd8d7a5778a4abf76ee8fe8f1bfcf78976029f8d is the first bad commit
> commit cd8d7a5778a4abf76ee8fe8f1bfcf78976029f8d
> Author: Theodore Ts'o <tytso@mit.edu>
> Date:   Wed Apr 11 13:27:52 2018 -0400
>
>     random: fix crng_ready() test
>=20=20=20=20=20
>     commit 43838a23a05fbd13e47d750d3dfd77001536dd33 upstream.
>=20=20=20=20=20
>     The crng_init variable has three states:
>=20=20=20=20=20
>     0: The CRNG is not initialized at all
>     1: The CRNG has a small amount of entropy, hopefully good enough for
>        early-boot, non-cryptographical use cases
>     2: The CRNG is fully initialized and we are sure it is safe for
>        cryptographic use cases.
>=20=20=20=20=20
>     The crng_ready() function should only return true once we are in the
>     last state.  This addresses CVE-2018-1108.

What happens I think is that libparted/fs/r/fat/fat.c:fat_create calls
=E2=80=98generate_random_uint32=E2=80=99, which in turn indirectly calls
=E2=80=98get_random_bytes=E2=80=99 from libuuid (package =E2=80=98e2fsprogs=
=E2=80=99).  And I suppose
that=E2=80=99s where it blocks, even though it=E2=80=99s supposed to be usi=
ng
/dev/urandom, which is not supposed to block.

To be continued=E2=80=A6

Ludo=E2=80=99.