[bug#29724] [PATCH 1/2] vm: Pass the host's /dev/urandom to the guest at /dev/hwrng.

[bug#29724] [PATCH 1/2] vm: Pass the host's /dev/urandom to the guest at /dev/hwrng.

[Leo Famulari]

* gnu/build/vm.scm (load-in-linux-vm): Use QEMU's virtio-rng-pci.
* gnu/system/vm.scm (common-qemu-options): Likewise.
---
 gnu/build/vm.scm  | 4 +++-
 gnu/system/vm.scm | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/gnu/build/vm.scm b/gnu/build/vm.scm
index 8f8ca609f..404f32404 100644
--- a/gnu/build/vm.scm
+++ b/gnu/build/vm.scm
@@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
-;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
 ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
 ;;;
@@ -139,6 +139,8 @@ the #:references-graphs parameter of 'derivation'."
   (unless (zero?
            (apply system* qemu "-nographic" "-no-reboot"
                   "-m" (number->string memory-size)
+                  "-object" "rng-random,filename=/dev/urandom,id=guixsd-vm-rng"
+                  "-device" "virtio-rng-pci,rng=guixsd-vm-rng"
                   "-virtfs"
                   (string-append "local,id=store_dev,path="
                                  (%store-directory)
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 6102d465b..4acb9b1cc 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
-;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
 ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
 ;;;
@@ -666,6 +666,8 @@ with '-virtfs' options for the host file systems listed in SHARED-FS."
 
      "-no-reboot"
      "-net nic,model=virtio"
+     "-object" "rng-random,filename=/dev/urandom,id=guixsd-vm-rng"
+     "-device" "virtio-rng-pci,rng=guixsd-vm-rng"
 
      #$@(map virtfs-option shared-fs)
      "-vga std"
-- 
2.15.1

[bug#29725] [PATCH 2/2] services: urandom-seed: Try using a HWRNG to seed the Linux CRNG at boot.

[Leo Famulari]

* gnu/services/base.scm (urandom-seed-shepherd-service): Try to read from
'/dev/hwrng' at boot, as a supplement to any saved random seed.
* doc/guix.texi (Base Services): Document the new feature.
---
 doc/guix.texi         |  4 +++-
 gnu/services/base.scm | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 64f73b38a..e08f264e9 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -10013,7 +10013,9 @@ well as in the @var{groups} field of the @var{operating-system} record.
 
 @deffn {Scheme Procedure} urandom-seed-service
 Save some entropy in @var{%random-seed-file} to seed @file{/dev/urandom}
-when rebooting.
+when rebooting.  This also tries to seed @file{/dev/urandom} from
+@file{/dev/hwrng} while booting, if @file{/dev/hwrng} exists and is
+readable.
 @end deffn
 
 @defvr {Scheme Variable} %random-seed-file
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 291dd6325..be9e8ee36 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -516,6 +516,25 @@ stopped before 'kill' is called."
                           (call-with-output-file "/dev/urandom"
                             (lambda (urandom)
                               (dump-port seed urandom))))))
+
+                    ;; Try writing from /dev/hwrng into /dev/urandom.
+                    ;; It seems that the file '/dev/hwrng' always exists, even
+                    ;; when there is no hardware random number generator
+                    ;; available. So, we handle any errors caused by a failed
+                    ;; read.
+                    (when (file-exists? "/dev/hwrng")
+                      (call-with-input-file "/dev/hwrng"
+                        (lambda (hwrng)
+                          (let ((buf (make-bytevector 512)))
+                            (catch #t
+                              (lambda ()
+                                (get-bytevector-n! hwrng buf 0 512))
+                              ;; Silence is golden...
+                              (lambda _ (const #f)))
+                            (call-with-output-file "/dev/urandom"
+                              (lambda (urandom)
+                                (put-bytevector urandom buf)))))))
+
                     ;; Immediately refresh the seed in case the system doesn't
                     ;; shut down cleanly.
                     (call-with-input-file "/dev/urandom"
-- 
2.15.1

[bug#29724] [PATCH 1/2] vm: Pass the host's /dev/urandom to the guest at /dev/hwrng.

[Ludovic Courtès]

Leo Famulari <leo@famulari.name> skribis:

> * gnu/build/vm.scm (load-in-linux-vm): Use QEMU's virtio-rng-pci.
> * gnu/system/vm.scm (common-qemu-options): Likewise.

LGTM!

[bug#29725] [PATCH 2/2] services: urandom-seed: Try using a HWRNG to seed the Linux CRNG at boot.

[Ludovic Courtès]

Leo Famulari <leo@famulari.name> skribis:

> * gnu/services/base.scm (urandom-seed-shepherd-service): Try to read from
> '/dev/hwrng' at boot, as a supplement to any saved random seed.
> * doc/guix.texi (Base Services): Document the new feature.

Overall LGTM!

> +                    ;; Try writing from /dev/hwrng into /dev/urandom.
> +                    ;; It seems that the file '/dev/hwrng' always exists, even
> +                    ;; when there is no hardware random number generator
> +                    ;; available. So, we handle any errors caused by a failed
> +                    ;; read.
> +                    (when (file-exists? "/dev/hwrng")
> +                      (call-with-input-file "/dev/hwrng"
> +                        (lambda (hwrng)
> +                          (let ((buf (make-bytevector 512)))
> +                            (catch #t
> +                              (lambda ()
> +                                (get-bytevector-n! hwrng buf 0 512))
> +                              ;; Silence is golden...
> +                              (lambda _ (const #f)))
> +                            (call-with-output-file "/dev/urandom"
> +                              (lambda (urandom)
> +                                (put-bytevector urandom buf)))))))

If we fail to read from /dev/hwrng we may end up writing zeros to
/dev/urandom (because ‘buf’ is left uninitialized).

To address that, perhaps this could be formulated like this:

  (let ((buf (catch 'system-error
               (lambda ()
                 (call-with-input-file "/dev/hwrng"
                   (lambda (port)
                     (get-bytevector-n port 512))))
               (const #f))))
    (when buf
      (call-with-output-file "/dev/urandom"
        (lambda (urandom)
          (put-bytevector urandom buf)))))

This also removes the need for the ‘file-exists?’ call.

WDYT?

Thanks,
Ludo’.

[bug#29725] [PATCH 2/2] services: urandom-seed: Try using a HWRNG to seed the Linux CRNG at boot.

[Leo Famulari]

[-- Attachment #1: Type: text/plain, Size: 1468 bytes --]

On Sun, Dec 17, 2017 at 04:31:27PM +0100, Ludovic Courtès wrote:
> Leo Famulari <leo@famulari.name> skribis:
> If we fail to read from /dev/hwrng we may end up writing zeros to
> /dev/urandom (because ‘buf’ is left uninitialized).

Right, the patch I sent wrote the buffer to urandom unconditionally.
It's sloppy when the buffer is uninitialized but does no harm to the
CRNG.

> To address that, perhaps this could be formulated like this:
> 
>   (let ((buf (catch 'system-error
>                (lambda ()
>                  (call-with-input-file "/dev/hwrng"
>                    (lambda (port)
>                      (get-bytevector-n port 512))))
>                (const #f))))
>     (when buf
>       (call-with-output-file "/dev/urandom"
>         (lambda (urandom)
>           (put-bytevector urandom buf)))))

Overall I like this better.

I tested it and catching system-error seems to work for the case when
/dev/hwrng exists but there is nothing actually there.

I noticed you used get-bytevector-n instead of get-bytevector-n!. The
documentation says that the former reads "octets" while the latter reads
"bytes" [0]. I guess there is no difference in practice in 2017, right?

> This also removes the need for the ‘file-exists?’ call.

I don't know what creates /dev/hwrng or under what conditions. I didn't
see it in (gnu build linux-boot). Can we rely on it to exist for all the
versions of Linux we support?

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[bug#29725] [PATCH 2/2] services: urandom-seed: Try using a HWRNG to seed the Linux CRNG at boot.

[Ludovic Courtès]

Hi,

Leo Famulari <leo@famulari.name> skribis:

> On Sun, Dec 17, 2017 at 04:31:27PM +0100, Ludovic Courtès wrote:
>> Leo Famulari <leo@famulari.name> skribis:
>> If we fail to read from /dev/hwrng we may end up writing zeros to
>> /dev/urandom (because ‘buf’ is left uninitialized).
>
> Right, the patch I sent wrote the buffer to urandom unconditionally.
> It's sloppy when the buffer is uninitialized but does no harm to the
> CRNG.

Oh OK.

>> To address that, perhaps this could be formulated like this:
>> 
>>   (let ((buf (catch 'system-error
>>                (lambda ()
>>                  (call-with-input-file "/dev/hwrng"
>>                    (lambda (port)
>>                      (get-bytevector-n port 512))))
>>                (const #f))))
>>     (when buf
>>       (call-with-output-file "/dev/urandom"
>>         (lambda (urandom)
>>           (put-bytevector urandom buf)))))
>
> Overall I like this better.
>
> I tested it and catching system-error seems to work for the case when
> /dev/hwrng exists but there is nothing actually there.
>
> I noticed you used get-bytevector-n instead of get-bytevector-n!. The
> documentation says that the former reads "octets" while the latter reads
> "bytes" [0]. I guess there is no difference in practice in 2017, right?

There was also no different in 1970 I think.  ;-)  “Octet” is just
slightly more precise, I guess.

>> This also removes the need for the ‘file-exists?’ call.
>
> I don't know what creates /dev/hwrng or under what conditions. I didn't
> see it in (gnu build linux-boot). Can we rely on it to exist for all the
> versions of Linux we support?

I guess it’s created by udev, I don’t know exactly under what
circumstances.  I have it on my GuixSD laptop, even though it doesn’t
have a hardware RNG.

Thanks,
Ludo’.