On 08/05/18 14:00, Ben Hutchings wrote:
You keep saying this, but based on my reading of the code I don't see
how reads from /dev/urandom can end up blocking.
Ben, I think you are right. I have picked through the code in detail and
none of the changes affect any substantive logic (except logging). I do
not think urandom_read can ever block. The urandom warning may be from a
previous read before the hang: related, but a red herring.
The *one* substantive change that is affected is getrandom:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/char/random.c#n2007
If something calls getrandom without GRND_NONBLOCK while crng_init==1
(during early boot):
- Before 43838a23a05f ("random: fix crng_ready() test"), this just falls
thorough to urandom_read and everything seems to work (but is not
cryptographically secure).
- After 43838a23a05f ("random: fix crng_ready() test"), this will call
wait_for_random_bytes and hang waiting on mouse wiggles
(cryptographically secure).
But what is calling getrandom without GRND_NONBLOCK? I could find
nothing in the plymouth or systemd/udev codebase. Or is it something
they spawn? I even read the plymouth softwaves.script.
Kind regards,
--
Ben Caradoc-Davies <b...@transient.nz>
Director
Transient Software Limited <https://transient.nz/>
New Zealand
