Re: regarding the changes to kernel entropy gathering

To: NetBSD-current Users's Discussion List <current-users%netbsd.org@localhost>, NetBSD Kernel Technical Discussion List <tech-kern%NetBSD.org@localhost>, NetBSD/xen Discussion List <port-xen%NetBSD.org@localhost>
Subject: Re: regarding the changes to kernel entropy gathering
From: Lloyd Parkes <lloyd%must-have-coffee.gen.nz@localhost>
Date: Mon, 5 Apr 2021 16:13:55 +1200

With some trepidation, I'm going to dip into this conversation eventhough I haven't read all of. I don't have the mental fortitude forthat. I have two suggestions, one short and one long.

Firstly, we could just have an rc.d script that checks to see if thesystem has /var/db/entropy-file or an rng device, and if not then itprints a warning and then generates some simplistic entropy with "ls -lR/ ; dd if=/dev/urandom of=/dev/random bs=32 count=1 ; sysctl -wkern.entropy.consolidate=1". The system owner has been warned and thesystem proceeds to run.

Secondly we could fix what I see as the biggest problem with the newimplementation that I see right now and that is that it is unreasonablydifficult for people to work out how to make their system go forwardsonce it has stopped. Note that making the system go forwards is easy,it's work out what to do that's hard. We can fix that.

The current implementation prints out a message whenever it blocks aprocess that wants randomness, which immediately makes thisimplementation superior to all others that I have ever seen. The numberof times I've logged into systems that have stalled on boot and madethem finish booting by running "ls -lR /" over the past 20 years are toomany to count. I don't know if I just needed to wait longer for the bootto finish, or if generating entropy was the fix, and I will never know.This is nuts.

We can use the message to point the system administrator to a manualpage that tells them what to do, and by "tells them what to do", I meanin plain simple language, right at the top of the page, without scaringthem.


How about this..

"entropy: pid %d (%s) blocking due to lack of entropy, see entropy(4)"

and then in entropy(4) we can start with something like

"If you are reading this because you have read a kernel message tellingyou that a process is blocking due to a lack of entropy then it isalmost certainly because your hardware doesn't have a reliable source ofrandomness. If you have no particular requirements for cryptographicsecurity on your system, you can generate some entropy and then tell thekernel that this entropy is 'enough' with the commands

    ls -lR /
    dd if=/dev/urandom of=/dev/random bs=32 count=1
    sysctl -w kern.entropy.consolidate=1

If have strong requirements for cryptographic security on your systemthen you should run 'rndctl -S /root/seed' on a system with hardwarerandom number generate (most modern CPUs), copy the seed file over tothis system as /var/db/entropy-file and then run 'rndctl -L/var/db/entropy-file'.

This only needs to be done once since scripts in rc.d will take care ofsaving and restoring system entropy in /var/db/entropy-file across reboots."


We could even do both of these things.

Follow-Ups:
- Re: regarding the changes to kernel entropy gathering
  - From: Greg A. Woods

References:
- regarding the changes to kernel entropy gathering
  - From: Greg A. Woods

Prev by Date: Re: regarding the changes to kernel entropy gathering
Next by Date: Re: regarding the changes to kernel entropy gathering
Previous by Thread: Re: regarding the changes to kernel entropy gathering
Next by Thread: Re: regarding the changes to kernel entropy gathering
Indexes:

Home | Main Index | Thread Index | Old Index