From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marius Bakke Subject: bug#37501: [core-updates] Entropy starvation during boot Date: Sat, 05 Oct 2019 14:56:49 +0200 Message-ID: <87pnjb73la.fsf@devup.no> References: <87sgolae6l.fsf@devup.no> <87h84qdbmg.fsf@gnu.org> <87y2y0x453.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:55046) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iGjcN-0000cH-Br for bug-guix@gnu.org; Sat, 05 Oct 2019 08:57:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iGjcM-0003Ou-6c for bug-guix@gnu.org; Sat, 05 Oct 2019 08:57:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:35080) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iGjcM-0003On-3i for bug-guix@gnu.org; Sat, 05 Oct 2019 08:57:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1iGjcM-0003KU-1E for bug-guix@gnu.org; Sat, 05 Oct 2019 08:57:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <87y2y0x453.fsf@gnu.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 37501@debbugs.gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ludovic Court=C3=A8s writes: > Ludovic Court=C3=A8s skribis: > >> I read some of these, and our =E2=80=98urandom-seed-service-type=E2=80= =99 has the same >> bug as . Namely, we >> write the previous seed to /dev/urandom but we don=E2=80=99t credit the >> entropy. > > Now that I think about it, =E2=80=98urandom-seed=E2=80=99 normally contri= butes 512 bytes > of entropy, but immediately after it *consumes* 512 bytes of entropy: > > ;; Immediately refresh the seed in case the system doesn't > ;; shut down cleanly. > (call-with-input-file "/dev/urandom" > (lambda (urandom) > (let ((previous-umask (umask #o077)) > (buf (make-bytevector 512))) > (mkdir-p (dirname #$%random-seed-file)) > (get-bytevector-n! urandom buf 0 512) > (call-with-output-file #$%random-seed-file > (lambda (seed) > (put-bytevector seed buf))) > (umask previous-umask)))) > > This comes from commit 71cb237a7d98dafda7dfbb5f3ba7c68463310383 by Leo. > > What about deleting the seed instead of populating it right at boot > time? > > That way, we would actually have entropy available at boot time. In > case of a crash, the system may lack entropy upon reboot, but that=E2=80= =99s > better than always lacking entropy when booting. > > Marius, Leo, WDYT? I tried it, but it did not make any discernible difference in the available entropy right after boot, nor did it aid the CRNG seeding. So I think we should go with Linus' solution for now, as well as your original fix Ludo because it seems to be the right thing to do anyway. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl2YkxEACgkQoqBt8qM6 VPrVxQgAkP2NBvWZ/+KSJ8Mb/Ep7HPhS6I7V4j0RZQvxfLs2mJ64GvtDIaokHOm7 QJSQSvQj2BngE8Pln9S7CbLhXozvDGd8mnQvhV0vmO9udpcLMo5d6yIe8IMYav64 6uYwgmN4wOTIHzT0S+pMJqMRT4ftBj1QcxW00BpeUzqvo9aG+vYibOdzkurIwap2 JsBfHsNgG/JQsYajl9xIckpflPXU9bQdWG9jlRZxwETKp1KWSZd0EVVbuTMC+rKK sr7RiVj1O51d9zEfUsE23BJLB5402mZRcEUA5hOqvEkvJ2iytpoR7/hfHl3EUotT qN/Lz+tHzw3wHeSmCKJLRaPBPVzd3A== =RNUV -----END PGP SIGNATURE----- --=-=-=--