GNU bug report logs - #29725
[PATCH 2/2] services: urandom-seed: Try using a HWRNG to seed the Linux CRNG at boot.

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 29725 in the body.
You can then email your comments to 29725 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: guix-patches <at> gnu.org
Subject: [PATCH 2/2] services: urandom-seed: Try using a HWRNG to seed the
 Linux CRNG at boot.
Date: Fri, 15 Dec 2017 15:18:13 -0500

* gnu/services/base.scm (urandom-seed-shepherd-service): Try to read from
'/dev/hwrng' at boot, as a supplement to any saved random seed.
* doc/guix.texi (Base Services): Document the new feature.
---
 doc/guix.texi         |  4 +++-
 gnu/services/base.scm | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 64f73b38a..e08f264e9 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -10013,7 +10013,9 @@ well as in the @var{groups} field of the @var{operating-system} record.
 
 @deffn {Scheme Procedure} urandom-seed-service
 Save some entropy in @var{%random-seed-file} to seed @file{/dev/urandom}
-when rebooting.
+when rebooting.  This also tries to seed @file{/dev/urandom} from
+@file{/dev/hwrng} while booting, if @file{/dev/hwrng} exists and is
+readable.
 @end deffn
 
 @defvr {Scheme Variable} %random-seed-file
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 291dd6325..be9e8ee36 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -516,6 +516,25 @@ stopped before 'kill' is called."
                           (call-with-output-file "/dev/urandom"
                             (lambda (urandom)
                               (dump-port seed urandom))))))
+
+                    ;; Try writing from /dev/hwrng into /dev/urandom.
+                    ;; It seems that the file '/dev/hwrng' always exists, even
+                    ;; when there is no hardware random number generator
+                    ;; available. So, we handle any errors caused by a failed
+                    ;; read.
+                    (when (file-exists? "/dev/hwrng")
+                      (call-with-input-file "/dev/hwrng"
+                        (lambda (hwrng)
+                          (let ((buf (make-bytevector 512)))
+                            (catch #t
+                              (lambda ()
+                                (get-bytevector-n! hwrng buf 0 512))
+                              ;; Silence is golden...
+                              (lambda _ (const #f)))
+                            (call-with-output-file "/dev/urandom"
+                              (lambda (urandom)
+                                (put-bytevector urandom buf)))))))
+
                     ;; Immediately refresh the seed in case the system doesn't
                     ;; shut down cleanly.
                     (call-with-input-file "/dev/urandom"
-- 
2.15.1

Message #8 received at 29725 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Leo Famulari <leo <at> famulari.name>
Cc: 29725 <at> debbugs.gnu.org
Subject: Re: [bug#29725] [PATCH 2/2] services: urandom-seed: Try using a HWRNG
 to seed the Linux CRNG at boot.
Date: Sun, 17 Dec 2017 16:31:27 +0100

Leo Famulari <leo <at> famulari.name> skribis:

> * gnu/services/base.scm (urandom-seed-shepherd-service): Try to read from
> '/dev/hwrng' at boot, as a supplement to any saved random seed.
> * doc/guix.texi (Base Services): Document the new feature.

Overall LGTM!

> +                    ;; Try writing from /dev/hwrng into /dev/urandom.
> +                    ;; It seems that the file '/dev/hwrng' always exists, even
> +                    ;; when there is no hardware random number generator
> +                    ;; available. So, we handle any errors caused by a failed
> +                    ;; read.
> +                    (when (file-exists? "/dev/hwrng")
> +                      (call-with-input-file "/dev/hwrng"
> +                        (lambda (hwrng)
> +                          (let ((buf (make-bytevector 512)))
> +                            (catch #t
> +                              (lambda ()
> +                                (get-bytevector-n! hwrng buf 0 512))
> +                              ;; Silence is golden...
> +                              (lambda _ (const #f)))
> +                            (call-with-output-file "/dev/urandom"
> +                              (lambda (urandom)
> +                                (put-bytevector urandom buf)))))))

If we fail to read from /dev/hwrng we may end up writing zeros to
/dev/urandom (because ‘buf’ is left uninitialized).

To address that, perhaps this could be formulated like this:

  (let ((buf (catch 'system-error
               (lambda ()
                 (call-with-input-file "/dev/hwrng"
                   (lambda (port)
                     (get-bytevector-n port 512))))
               (const #f))))
    (when buf
      (call-with-output-file "/dev/urandom"
        (lambda (urandom)
          (put-bytevector urandom buf)))))

This also removes the need for the ‘file-exists?’ call.

WDYT?

Thanks,
Ludo’.

Message #11 received at 29725 <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 29725 <at> debbugs.gnu.org
Subject: Re: [bug#29725] [PATCH 2/2] services: urandom-seed: Try using a
 HWRNG to seed the Linux CRNG at boot.
Date: Mon, 18 Dec 2017 00:30:18 -0500

[Message part 1 (text/plain, inline)]

On Sun, Dec 17, 2017 at 04:31:27PM +0100, Ludovic Courtès wrote:
> Leo Famulari <leo <at> famulari.name> skribis:
> If we fail to read from /dev/hwrng we may end up writing zeros to
> /dev/urandom (because ‘buf’ is left uninitialized).

Right, the patch I sent wrote the buffer to urandom unconditionally.
It's sloppy when the buffer is uninitialized but does no harm to the
CRNG.

> To address that, perhaps this could be formulated like this:
> 
>   (let ((buf (catch 'system-error
>                (lambda ()
>                  (call-with-input-file "/dev/hwrng"
>                    (lambda (port)
>                      (get-bytevector-n port 512))))
>                (const #f))))
>     (when buf
>       (call-with-output-file "/dev/urandom"
>         (lambda (urandom)
>           (put-bytevector urandom buf)))))

Overall I like this better.

I tested it and catching system-error seems to work for the case when
/dev/hwrng exists but there is nothing actually there.

I noticed you used get-bytevector-n instead of get-bytevector-n!. The
documentation says that the former reads "octets" while the latter reads
"bytes" [0]. I guess there is no difference in practice in 2017, right?

> This also removes the need for the ‘file-exists?’ call.

I don't know what creates /dev/hwrng or under what conditions. I didn't
see it in (gnu build linux-boot). Can we rely on it to exist for all the
versions of Linux we support?

[signature.asc (application/pgp-signature, inline)]

Message #14 received at 29725 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Leo Famulari <leo <at> famulari.name>
Cc: 29725 <at> debbugs.gnu.org
Subject: Re: [bug#29725] [PATCH 2/2] services: urandom-seed: Try using a HWRNG
 to seed the Linux CRNG at boot.
Date: Mon, 18 Dec 2017 09:06:25 +0100

Hi,

Leo Famulari <leo <at> famulari.name> skribis:

> On Sun, Dec 17, 2017 at 04:31:27PM +0100, Ludovic Courtès wrote:
>> Leo Famulari <leo <at> famulari.name> skribis:
>> If we fail to read from /dev/hwrng we may end up writing zeros to
>> /dev/urandom (because ‘buf’ is left uninitialized).
>
> Right, the patch I sent wrote the buffer to urandom unconditionally.
> It's sloppy when the buffer is uninitialized but does no harm to the
> CRNG.

Oh OK.

>> To address that, perhaps this could be formulated like this:
>> 
>>   (let ((buf (catch 'system-error
>>                (lambda ()
>>                  (call-with-input-file "/dev/hwrng"
>>                    (lambda (port)
>>                      (get-bytevector-n port 512))))
>>                (const #f))))
>>     (when buf
>>       (call-with-output-file "/dev/urandom"
>>         (lambda (urandom)
>>           (put-bytevector urandom buf)))))
>
> Overall I like this better.
>
> I tested it and catching system-error seems to work for the case when
> /dev/hwrng exists but there is nothing actually there.
>
> I noticed you used get-bytevector-n instead of get-bytevector-n!. The
> documentation says that the former reads "octets" while the latter reads
> "bytes" [0]. I guess there is no difference in practice in 2017, right?

There was also no different in 1970 I think.  ;-)  “Octet” is just
slightly more precise, I guess.

>> This also removes the need for the ‘file-exists?’ call.
>
> I don't know what creates /dev/hwrng or under what conditions. I didn't
> see it in (gnu build linux-boot). Can we rely on it to exist for all the
> versions of Linux we support?

I guess it’s created by udev, I don’t know exactly under what
circumstances.  I have it on my GuixSD laptop, even though it doesn’t
have a hardware RNG.

Thanks,
Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.