[crux-devel] entropy-saver.c to seed real entropy

Steffen Nurpmeso steffen at sdaoden.eu
Wed Jun 12 19:52:58 UTC 2019


In short: Linux uses a diverse random system, with an internal
pool that is not exposed and the ones which are fed by that one
which actually serve user requests.
One lengthy examination has been produced by the German BSI: [1]

The problem occurred to me once AlpineLinux switched from
kernel 4.14 to 4.19: i had hanging boots of half an hour and such
on the server VM, as the RNG would not unlock; even on a CoreDuo
laptop i saw this:

  [   15.706636] random: dnsmasq: uninitialized urandom read (128 bytes read)
  [  183.806112] random: crng init done

But likely only because i hit a key...  I looked around and saw
other people with the same problem using the haveged daemon, which
is kind of strange as it can generate thousands of bits of hard
randomness in a second.Anyway, shortly before Christmas on the
LUGA (Linux User Austria) ML that came up again via a Debian user,
and that made me write an entropy saver.

Because, the thing is, that "writing data to urandom" does no(t)
(longer) do anything to /proc/sys/kernel/random/entropy_avail, but
that is the value which control locking state of the RNG.
As far as i know there is no way to make that happen via the
shell.  Modern CPUs may offer things, and it may be that on some
CPUs Linux offers random.trust_cpu, yet i have no system where
that is true.  My 8th generation i5 has RDRAND and RDSEED, but
still the entropy-saver as attached helps here.

What it does is just the same as is done to urandom seed, so
i have in /etc/rc

  # Load random seed
  /bin/cat /var/lib/urandom/seed > /dev/urandom
  /sbin/entropy-saver load /var/lib/urandom/entropy

and in /etc/rc.shutdown

  # Save random seed
  /bin/dd if=/dev/urandom of=/var/lib/urandom/seed count=1 2> /dev/null
  /sbin/entropy-saver save /var/lib/urandom/entropy

So just in case someone sees boot hangs, that will help to unlock
the RNG, by not wasting prescious entropy collected during uptime.
It has been posted to LUGA and openssl-users in the past, a little
bit of feedback i had and is in.

  [1] https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/LinuxRNG/LinuxRNG_EN.pdf?__blob=publicationFile&v=7

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: entropy-saver.c
Type: text/x-csrc
Size: 8606 bytes
Desc: not available
URL: <https://lists.crux.nu/pipermail/crux-devel/attachments/20190612/fa5b4be1/attachment-0001.bin>


More information about the crux-devel mailing list