From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: bug#29773: urandom-seed-service should run earlier in the boot process Date: Wed, 20 Dec 2017 18:07:51 -0500 Message-ID: <20171220230751.GA18857@jasmine.lan> References: <20171219191348.GA19177@jasmine.lan> <87tvwlzop3.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="tKW2IUtsqtDRztdT" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:42403) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eRnT2-0002cw-Qw for bug-guix@gnu.org; Wed, 20 Dec 2017 18:08:05 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eRnT0-0002cO-5M for bug-guix@gnu.org; Wed, 20 Dec 2017 18:08:04 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:36249) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eRnT0-0002c2-0U for bug-guix@gnu.org; Wed, 20 Dec 2017 18:08:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eRnSz-0005hE-Mn for bug-guix@gnu.org; Wed, 20 Dec 2017 18:08:01 -0500 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <87tvwlzop3.fsf@gnu.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 29773@debbugs.gnu.org --tKW2IUtsqtDRztdT Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 20, 2017 at 11:19:36AM +0100, Ludovic Court=C3=A8s wrote: > There=E2=80=99s a =E2=80=98user-processes=E2=80=99 service that serves a = similar purpose. >=20 > With the attached patches =E2=80=98urandom-seed=E2=80=99 becomes a depend= ency of > =E2=80=98user-processes=E2=80=99, meaning that daemons & co. start after > =E2=80=98urandom-seed=E2=80=99. >=20 > WDYT? In general, I think it's a good approach. Currently, the urandom-seed-service seems to non-deterministically but typically start after the udev-service, so that /dev/hwrng is always set up by udev before the urandom-seed-service tries to use it. With these patches, that's not the case. This breaks the hwrng seeding feature added in 9a56cf2b5b (services: urandom-seed: Try using a HWRNG to seed the Linux CRNG at boot). I'll try rearranging the service dependency graph. > > Leo Famulari skribis: > > In practice, I'm not sure if it matters. I'd appreciate if GuixSD users > > could check /var/log/messages for warnings like this one and report > > them: > > > > random: application: uninitialized urandom read (16 bytes read)=20 >=20 > I don=E2=80=99t have any of these. I guess this is most likely to happen= when > running =E2=80=98ssh-keygen=E2=80=99 on startup, which isn=E2=80=99t the = case on my machine. Watching a fresh system boot repeatedly, I noticed that the host keys always seem to be generated immediately after Linux reports "random: crng init done". To me, this suggests that OpenSSH is using the getrandom() syscall. If so, any GuixSD host keys created with glibc >=3D 2.25 and OpenSSH >=3D 7.2 should be unpredictable. But I'm not sure if that's what's happening or not. > +(define (user-processes-shepherd-service requirements) > + "Return the 'user-processes' Shepherd service with dependencies on > +REQUIREMENTS (a list of service names). > + > +This is a synchronization point used to make sure user processes and dae= mons > +get started only after crucial initial services have been started---file > +system mounts, etc. This is similar to 'target' in systemd." To clarify, user-processes may be similar to the sysinit target in systemd. Systemd targets are sort of like run-levels, and there are several of them, such as the multi-user target, the graphical target, etc. --tKW2IUtsqtDRztdT Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlo67UQACgkQJkb6MLrK fwh6axAAtP5RZChiH5oEVlfYg6boD9GmalkodpLFys4RF6HxB4JyTmZmHyvVmh56 HtqkoXCypXqHB9ZzZwi4Atc/i7/VidCqoYLNRJmNaUEbqlPpkGVMZWYp/i9qUcxG o6CnYWWIexSlgWREjCXpu5nD/YEABeqWhltDwz2aMU3iIMDFIRx/ci3aVdwdoBeW pgJ65Giq5gdndlYj1Iz8NTSDO+VBSktxCl2IccbH92Gx9BSuZ0/JtmT+hQKOzpF4 GYB1+XDvNXZfcXnigHK0hyMumJf9FLGqLyB9i1DoQUjpqODMHOyVfr3zrCU8y0Yy AkA9nybw3ET0/XLjuG7WJfk1rPcfleyqvd06Hlu1RJcwPomfsTLxiK/WZj7JZYx0 z79XQk7MfFHHNywgoGi8hPDzf9KFyfGi0wPU/U0LWL6PEMBlBb08SW697Rrso+y7 NT+tDTc4qXAttcZAtOirqI/blUzXCYnyWzk+G1XhlEYAGSTiOwJ2R5MGnoxT9YNJ djhAB9zRVtgp4aAnj4me4GUI1A6NfWTAY+C9BGKhzdLdsfsbp17fcGF68fdXrQ3t bREQEyJAIAPFxc7EyiACg37/p1pKJE3CWo9qSeoRgiLMFDUf+o2ZHVPX/h7SYFSl VfIJTzNp2yAyNbWOQ5bm/ftiBPxyZabHnDah3vwHwm9XGwGY4O8= =ShZV -----END PGP SIGNATURE----- --tKW2IUtsqtDRztdT--