Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp3984796imm; Thu, 17 May 2018 19:34:20 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqOqFkMaDwTJwh9UVlNlTDcHUJMYzKyD4pxLVn1iFK6InSLi1/Ehb47F3iRBx01wEynNAUC X-Received: by 2002:a17:902:5ac1:: with SMTP id g1-v6mr7607127plm.43.1526610860825; Thu, 17 May 2018 19:34:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526610860; cv=none; d=google.com; s=arc-20160816; b=0jJQyrdWyhLMuIFN0GePdiu4VA0jFQF0GoXH1rD7Te1FMIs8GJKqPs0xw7dTYwbXvt 54ucYFNM8RH5tKl/T7rckGRPZGUr60/ss0skv132d3f0OhV2PmphWAdIXaywHe+pp2mu +3ui1ranPAJTfR1si9GUnqUci0Q0gbQNA9HZtRPe52ad1BTve0KCV5AJPUX7/+nAu8Ro UIClDdtdSINUbHV9AXmnaMKjt3JuPwfHvfxYPpi+UTr93xvc8i6lXuCaMgG5hDIrrMc6 LCV6qCDRM4IbEda+Up3EAyo+xv8wcp+6rt2iu6/3BypzO7J9YraWKBikY8hXEXB5sGSb PDJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=Tmmef2boz+Ujb+ePWWzpHxoBAU5uGxVNd797rNcqN94=; b=KIgFtFZ/7ErHql9LKA+SCTUdIJFwwv6+hdVTY9ZH6vUW5cMoZlpy2Gfok82ctMCl33 K/Tp6uuFP1jBX3JvskB7n9TYJgtv0miF6Xa50yi+RtcudzFDyXBgmXRKvJ3gCwOzXbj1 qjWyQHhYzhBwwdFS5e17x4mC5eme6J1CBqFzbnE64c/Kivd6D5olVI4bqIitPcebttP7 TGVwEMkj8VjNZV1ToVWOrQe8dom0bzLFp1tvRReoRV807VsGXcYDBp0x/ZqdqJMWbW4V HW4fOeQluX2kPK368fc6zJMUn/Xb54uQAhKiTRlxcAcnK+fQLhSNFzCYxa4D8nsIXaG1 uVaA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@thunk.org header.s=ef5046eb header.b=rZYc5Z3U; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o2-v6si6043441plk.527.2018.05.17.19.34.06; Thu, 17 May 2018 19:34:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@thunk.org header.s=ef5046eb header.b=rZYc5Z3U; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752165AbeERCcQ (ORCPT + 99 others); Thu, 17 May 2018 22:32:16 -0400 Received: from imap.thunk.org ([74.207.234.97]:49926 "EHLO imap.thunk.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751815AbeERCcO (ORCPT ); Thu, 17 May 2018 22:32:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=thunk.org; s=ef5046eb; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Tmmef2boz+Ujb+ePWWzpHxoBAU5uGxVNd797rNcqN94=; b=rZYc5Z3U4dGc5SVfnxxgrqZxnY PvoYEbzA3Mz7ny5yv+rl/lBi5HPymkPgxmLLRLkbJJtjOyu05pXNl/RsZagMH/N3438KjZ99Mds45 BsT6Nm2Jrwq537a+szZ6PYwtfjJxyggLYEXPtP23Owl/ofcPmuxmxWGfGdTf0U3kHrVA=; Received: from root (helo=callcc.thunk.org) by imap.thunk.org with local-esmtp (Exim 4.89) (envelope-from ) id 1fJVBi-00035l-KJ; Fri, 18 May 2018 02:32:10 +0000 Received: by callcc.thunk.org (Postfix, from userid 15806) id 857E17A5997; Thu, 17 May 2018 22:32:09 -0400 (EDT) Date: Thu, 17 May 2018 22:32:09 -0400 From: "Theodore Y. Ts'o" To: Trent Piepho Cc: "sultanxda@gmail.com" , "jannh@google.com" , "linux-kernel@vger.kernel.org" Subject: Re: Linux messages full of `random: get_random_u32 called from` Message-ID: <20180518023209.GD15263@thunk.org> Mail-Followup-To: "Theodore Y. Ts'o" , Trent Piepho , "sultanxda@gmail.com" , "jannh@google.com" , "linux-kernel@vger.kernel.org" References: <20180427201036.GL5965@thunk.org> <1526606822.30073.64.camel@impinj.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1526606822.30073.64.camel@impinj.com> User-Agent: Mutt/1.9.5 (2018-04-13) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 18, 2018 at 01:27:03AM +0000, Trent Piepho wrote: > > I've hit this on an embedded system. mke2fs hangs trying to format a > persistent writable filesystem, which is where the random seed to > initialize the kernel entropy pool would be stored, because it wants 16 > bytes of non-cryptographic random data for a filesystem UUID, and util- > linux libuuid calls getrandom(16, 0) - no GRND_RANDOM flag - and this > hangs for over four minutes. This is fixed in util-linux 2.32. It ships with the following commits: commit edc1c90cb972fdca1f66be5a8e2b0706bd2a4949 Author: Karel Zak Date: Tue Mar 20 14:17:24 2018 +0100 lib/randutils: don't break on EAGAIN, use usleep() The current code uses lose_counter to make more attempts to read random numbers. It seems better to wait a moment between attempts to avoid busy loop (we do the same in all-io.h). The worst case is 1 second delay for all random_get_bytes() on systems with uninitialized entropy pool -- for example you call sfdisk (MBR Id or GPT UUIDs) on very first boot, etc. In this case it will use libc rand() as a fallback solution. Note that we do not use random numbers for security sensitive things like keys or so. It's used for random based UUIDs etc. Addresses: https://github.com/karelzak/util-linux/pull/603 Signed-off-by: Karel Zak commit a9cf659e0508c1f56813a7d74c64f67bbc962538 Author: Carlo Caione Date: Mon Mar 19 10:31:07 2018 +0000 lib/randutils: Do not block on getrandom() In Endless we have hit a problem when using 'sfdisk' on the really first boot to automatically expand the rootfs partition. On this platform 'sfdisk' is blocking on getrandom() because not enough random bytes are available. This is an ARM platform without a hwrng. We fix this passing GRND_NONBLOCK to getrandom(). 'sfdisk' will use the best entropy it has available and fallback only as necessary. Signed-off-by: Carlo Caione Interestingly, these commits in util-linux landed *before* the patches to address CVE-2018-1108 appeared in the kernel in April 2019. This was because the issue of libuuid was blocking on a handful of embedded systems even for we made this change in Linux's random driver. (It just made this problem more likely to be visbile on a larger number of systems; but it was always there.) - Ted