[debbugs-tracker] bug#29773: closed (urandom-seed-service should run ear

emacs-bug-tracker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debbugs-tracker] bug#29773: closed (urandom-seed-service should run ear

From:	GNU bug Tracking System
Subject:	[debbugs-tracker] bug#29773: closed (urandom-seed-service should run earlier in the boot process)
Date:	Fri, 22 Dec 2017 09:07:01 +0000

Your message dated Fri, 22 Dec 2017 10:06:46 +0100
with message-id <address@hidden>
and subject line Re: bug#29773: urandom-seed-service should run earlier in the 
boot process
has caused the debbugs.gnu.org bug report #29773,
regarding urandom-seed-service should run earlier in the boot process
to be marked as done.

(If you believe you have received this mail in error, please contact
address@hidden)


-- 
29773: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=29773
GNU Bug Tracking System
Contact address@hidden with problems

--- Begin Message --- Subject: urandom-seed-service should run earlier in the boot process Date: Tue, 19 Dec 2017 14:13:48 -0500 User-agent: Mutt/1.9.2 (2017-12-15)

The urandom-seed-service preserves some of the Linux cryptographic
random number generator's (CRNG) pool across reboots so that freshly
booted systems have access to unpredictable psuedorandom numbers. It
also tries to take advantage of whatever is backing /dev/hwrng.

However, the urandom-seed-service may not be started before certain
applications that assume a good source of randomness.

In some cases, the applications require some random data before any
services are started, during activation. For example, our OpenSSH
service generates its host keys during activation. And even if it
generated host keys during the start of the OpenSSH service, that
service does not depend on urandom-seed-service. [0]

In systemd, there is an abstract sysinit "target" that basically serves
as a checkpoint. All the lower-level system initialization is required
before the sysinit.target is met, and the rest of the services depend on
sysinit. The random seeding is part of sysinit. I've reproduced a graph
of this in [1].

In practice, I'm not sure if it matters. I'd appreciate if GuixSD users
could check /var/log/messages for warnings like this one and report
them:

random: application: uninitialized urandom read (16 bytes read) 

And I'd also appreciate any feedback or ideas for improvement in this
area.

[0] See the attached service graph of a bare-bones system with OpenSSH.
[1] from: <https://www.freedesktop.org/software/systemd/man/bootup.html>

local-fs-pre.target
         |
         v
(various mounts and   (various swap   (various cryptsetup
 fsck services...)     devices...)        devices...)       (various low-level  
 (various low-level
         |                  |                  |             services: udevd,   
  API VFS mounts:
         v                  v                  v             tmpfiles, random   
  mqueue, configfs,
  local-fs.target      swap.target     cryptsetup.target    seed, sysctl, ...)  
    debugfs, ...)
         |                  |                  |                    |           
         |
         \__________________|_________________ | 
___________________|____________________/
                                              \|/
                                               v
                                        sysinit.target
                                               |
          
____________________________________/|\________________________________________
         /                  |                  |                    |           
         \
         |                  |                  |                    |           
         |
         v                  v                  |                    v           
         v
     (various           (various               |                (various        
  rescue.service
    timers...)          paths...)              |               sockets...)      
         |
         |                  |                  |                    |           
         v
         v                  v                  |                    v           
   rescue.target
   timers.target      paths.target             |             sockets.target
         |                  |                  |                    |
         v                  \_________________ | ___________________/
                                              \|/
                                               v
                                         basic.target
                                               |
          ____________________________________/|                                
 emergency.service
         /                  |                  |                                
         |
         |                  |                  |                                
         v
         v                  v                  v                                
 emergency.target
     display-        (various system    (various system
 manager.service         services           services)
         |             required for            |
         |            graphical UIs)           v
         |                  |           multi-user.target
         |                  |                  |
         \_________________ | _________________/
                           \|/
                            v
                  graphical.target

signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message --- Subject: Re: bug#29773: urandom-seed-service should run earlier in the boot process Date: Fri, 22 Dec 2017 10:06:46 +0100 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

Hello,

Leo Famulari <address@hidden> skribis:

> On Thu, Dec 21, 2017 at 10:10:29AM +0100, Ludovic Courtès wrote:
>> 
>> The attached patch does the trick, AFAICS:
>> 
>
>> diff --git a/gnu/services/base.scm b/gnu/services/base.scm
>> index acc5c33f5..7fc8f6aa7 100644
>> --- a/gnu/services/base.scm
>> +++ b/gnu/services/base.scm
>> @@ -529,7 +529,10 @@ in KNOWN-MOUNT-POINTS when it is stopped."
>>    (list (shepherd-service
>>           (documentation "Preserve entropy across reboots for /dev/urandom.")
>>           (provision '(urandom-seed))
>> -         (requirement '(file-systems))
>> +
>> +         ;; Depend on udev so that /dev/hwrng is available.
>> +         (requirement '(file-systems udev))
>> +
>>           (start #~(lambda _
>>                      ;; On boot, write random seed into /dev/urandom.
>>                      (when (file-exists? #$%random-seed-file)
>
> Yes, it seems to work for me.

Great, I’ve pushed the whole series.

> I'm unsure if the stop action of urandom-seed-service is being executed
> on shutdown.
>
> I added some print statements and sleep delays to the stop action but
> the system halts faster than I expected and I don't see any writes to
> /var/lib/random-seed.

/var/lib/random-seed is definitely being updated on shutdown on my
system, as can be seen from its mtime.

Thanks,
Ludo’.

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

[debbugs-tracker] bug#29773: closed (urandom-seed-service should run earlier in the boot process), GNU bug Tracking System <=

Prev by Date: [debbugs-tracker] bug#29765: closed ([PATCH 0/3] Check mapped devices upon 'init' and 'reconfigure')
Next by Date: [debbugs-tracker] bug#29770: closed (25.1.50; Wrong interactive argument for semantic-ia-show-variants)
Previous by thread: [debbugs-tracker] bug#29765: closed ([PATCH 0/3] Check mapped devices upon 'init' and 'reconfigure')
Next by thread: [debbugs-tracker] bug#29770: closed (25.1.50; Wrong interactive argument for semantic-ia-show-variants)
Index(es):
- Date
- Thread