bug#31268: 'guix system vm-image' hangs

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#31268: 'guix system vm-image' hangs

From:	Efraim Flashner
Subject:	bug#31268: 'guix system vm-image' hangs
Date:	Tue, 22 May 2018 21:45:52 +0300
User-agent:	Mutt/1.9.5 (2018-04-13)

On Tue, May 22, 2018 at 06:23:35PM +0200, Ludovic Courtès wrote:
> Hello!
> 
> (+Cc: Leo for randomness input.)

<snip>

> 
> Another approach I looked at was to seed the VM’s PRNG from /dev/hwrng,
> which I thought was connected to the host via ‘virtio-rng-pci’, but I
> get ENODEV while trying to read from /dev/hwrng in the guest like this:
> 

> diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
> index b6561dfc7..3bfd6b4ca 100644
> --- a/gnu/system/vm.scm
> +++ b/gnu/system/vm.scm
> @@ -319,6 +319,18 @@ the image."
>  
>             (set-path-environment-variable "PATH" '("bin" "sbin") inputs)
>  
> +           ;; Try writing from /dev/hwrng into /dev/urandom.
> +           ;; It seems that the file /dev/hwrng always exists, even
> +           ;; when there is no hardware random number generator
> +           ;; available. So, we handle a failed read or any other error
> +           ;; reported by the operating system.
> +           (let ((buf (call-with-input-file "/dev/hwrng"
> +                        (lambda (hwrng)
> +                          (get-bytevector-n hwrng 512)))))
> +             (call-with-output-file "/dev/urandom"
> +               (lambda (urandom)
> +                 (put-bytevector urandom buf))))
> +
>             (let* ((graphs     '#$(match inputs
>                                     (((names . _) ...)
>                                      names)))

> 
> Am I missing something, Leo?
> 
> In short, we’re almost done with this bug, now we just need to make sure
> we have a reasonable fix.
> 
> Thanks,
> Ludo’.
> 

I can confirm that on the aarch64 machines I've tested there is a
/dev/hwrng.

Another option for entropy is haveged. http://issihosts.com/haveged/
It's not very actively maintained, but it is used by other distros for
randomness on headless machines.

-- 
Efraim Flashner   <address@hidden>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

bug#31268: 'guix system vm-image' hangs, Clément Lassieur, 2018/05/18
- bug#31268: 'guix system vm-image' hangs, Ludovic Courtès, 2018/05/18
  - bug#31268: 'guix system vm-image' hangs, Clément Lassieur, 2018/05/18
    - bug#31268: 'guix system vm-image' hangs, Ludovic Courtès, 2018/05/18
  - bug#31268: 'guix system vm-image' hangs, Ludovic Courtès, 2018/05/22
    - bug#31268: 'guix system vm-image' hangs, Efraim Flashner <=
    - bug#31268: 'guix system vm-image' hangs, Mark H Weaver, 2018/05/22
    - bug#31268: 'guix system vm-image' hangs, Ludovic Courtès, 2018/05/23
    - bug#31268: 'guix system vm-image' hangs, Ludovic Courtès, 2018/05/23

Prev by Date: bug#31268: 'guix system vm-image' hangs
Next by Date: bug#31268: 'guix system vm-image' hangs
Previous by thread: bug#31268: 'guix system vm-image' hangs
Next by thread: bug#31268: 'guix system vm-image' hangs
Index(es):
- Date
- Thread