From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: Seeding the Linux RNG at first boot Date: Thu, 7 Dec 2017 18:47:49 -0500 Message-ID: <20171207234749.GA22844@jasmine.lan> References: <20171203003126.GA353@jasmine.lan> <20171204184558.GF30970@jasmine.lan> <87wp20ydlj.fsf@fastmail.com> <20171206182711.GB2612@jasmine.lan> <87indickmd.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="2oS5YaxWCcQjTEyO" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:58063) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eN5tx-0001qm-5C for guix-devel@gnu.org; Thu, 07 Dec 2017 18:48:26 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eN5tu-0001HX-2z for guix-devel@gnu.org; Thu, 07 Dec 2017 18:48:25 -0500 Content-Disposition: inline In-Reply-To: <87indickmd.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Ludovic =?iso-8859-1?Q?Court=E8s?= Cc: guix-devel@gnu.org --2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 07, 2017 at 10:07:38PM +0100, Ludovic Court=C3=A8s wrote: > Leo Famulari skribis: > > On the guest side, we would extend urandom-seed-service to also draw on > > /dev/hwrng, which is where virtio-rng-pci makes the data from the host > > available. >=20 > Maybe =E2=80=98virtualized-operating-system=E2=80=99 in (gnu system vm) c= ould > automatically customize =E2=80=98rngd-service-type=E2=80=99 (or add it)? Yes, we could do that, although I don't think it's necessary to run a daemon continuously. It is enough to seed the RNG once. At the same time we handle the random seed, we could also try reading =66rom /dev/hwrng and, if the read is successful, copy some bytes into /dev/urandom. We'd have to try reading and handle failure since we always create /dev/hwrng regardless of whether the Linux kernel module is loaded or not. > > I have an idea for another improvement: to add an argument like > > "--entropy-seed=3D" to `guix system` that could place the value in > > '/var/lib/random-seed', where it would be used on first boot. >=20 > We could do that, though I very much prefer the idea of a =E2=80=9Cbackdo= or=E2=80=9D =C3=A0 > la virtio-rng-pci, because it allows to stick to bit-reproducible images > (well, they=E2=80=99re not bit-reproducible yet I suppose, but let=E2=80= =99s not add to > it.) I think it would be most useful for disk images, for which there is no host. If one always passes the same value to --entropy-seed, it will not negatively affect the reproducibility of the image ;) This would not be something we do for the official release image, but merely an optional tool. --2oS5YaxWCcQjTEyO Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlop0yEACgkQJkb6MLrK fwiYig//QACmkjQ9XQpnNQw09I8rMVIBjvq43HzHU8RxcAqA75vLp5X4CBuWBHau 3AO6FqXoVrSUkOI5SfzlaGpz+CPLp6gPFJZXU2wGRg+qFuNA0vdkcLjanvq0FiGX X5xK8AVvFRB2DjyvGLPRPB19w9pNtvEj7XMndHtubrklqVdU6vithtt/akOIo2P8 rHAzGuNHo5I2adymHnd2Y0FG+K3sFD+qOX3UivF5V6y/bXTaFnOq6jUTIGxstwB7 b1ewX9WQZ/lPa4l4HJb4GiqE6HjqNQK+16Kx4od4jYzkz5mLAnLg+wXOR0LxvzRU PEclSb4e6G9nOfuP05BZYdICJl3dSkFw64X5iUZ6AzLY5TyYkwBCErYGvCdN29Cn ZVPGgl8NC1a6VXGmAd8SGXy9rFj9Ehzb8DgcxcSm0gskRyOY/fEQcTx2w39SyLWA gru04JbqPQBB+gZIfc1jC3R8PXWHRHIW0FwjYT5zqqmXc8PEXoj1qxAhdQ/f645x 8v0YqkAq005Ot28myseqEG60gd3/q6ey8IYOeWK6qVrcGMlvQxdXw7R8wmRsKmp7 D6H4qAnj8qL7mlc2S/UdY7ZkHK4HmH0/BEwbNBfwrBBT+6tOFeL0eDxItVeRMNfO mF4m8ecsyFyrKOGBtoPmKYhBz75K3VihOTDhHNwuzlAltsvcoMY= =Esdc -----END PGP SIGNATURE----- --2oS5YaxWCcQjTEyO--