From: Alden Tondettar <alden.tondettar@gmail.com>
To: Theodore Ts'o <tytso@mit.edu>
Cc: Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] random: Don't overwrite CRNG state in crng_initialize()
Date: Thu, 9 Feb 2017 01:13:22 -0700 [thread overview]
Message-ID: <20170209081322.GA17535@rincewind> (raw)
In-Reply-To: <20170209041931.xgkmysquazppiewx@thunk.org>
On Wed, Feb 08, 2017 at 11:19:31PM -0500, Theodore Ts'o wrote:
> How did you determine when crng_initialize() was being called? On a
> VM generally there are fewer interrupts than on real hardware. On
> KVM, for I see the random: fast_init message being printed 3.6 seconds
> into the boot.
>
> On Google Compute Engine, the fast_init message happens 52 seconds into the
> boot.
>
> So what VM where you using? I'm trying to figure out whether this is
> hypothetical or real problem, and on what systems.
Adding a few printk()s to the latest kernel:
@@ -778,6 +778,8 @@ static void crng_initialize(struct crng_state *crng)
int i;
unsigned long rv;
+ printk("crng_initialize called\n");
+
memcpy(&crng->state[0], "expand 32-byte k", 16);
if (crng == &primary_crng)
_extract_entropy(&input_pool, &crng->state[4],
@@ -1149,6 +1151,9 @@ void add_interrupt_randomness(int irq, int irq_flags)
fast_mix(fast_pool);
add_interrupt_bench(cycles);
+ if (fast_pool->count >= 64)
+ printk("add_interrupt_randomness: fast_pool->count >= 64, dumping entropy");
+
if (!crng_ready()) {
if ((fast_pool->count >= 64) &&
crng_fast_load((char *) fast_pool->pool,
And using:
$ qemu-system-x86_64 --version
QEMU emulator version 2.1.2 (Debian 1:2.1+dfsg-12+deb8u6), Copyright (c) 2003-2008 Fabrice Bellard
$ qemu-system-x86_64 -nographic -enable-kvm -m 1024M -kernel bzImage -append "root=/dev/sda1 loglevel=3 console=ttyS0" hd3
I get:
[ 0.010247] mce: CPU supports 10 MCE banks
[ 0.010317] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[ 0.010318] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[ 0.064002] add_interrupt_randomness: fast_pool->count >= 64, dumping entropy
[ 0.128003] add_interrupt_randomness: fast_pool->count >= 64, dumping entropy
[ 0.160364] Freeing SMP alternatives memory: 36K
[ 0.160428] ftrace: allocating 35771 entries in 140 pages
[ 0.172384] smpboot: Max logical packages: 1
[ 0.173964] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[ 0.184000] add_interrupt_randomness: fast_pool->count >= 64, dumping entropy
[ 0.184000] add_interrupt_randomness: fast_pool->count >= 64, dumping entropy
[ 0.184000] random: fast init done
[ 0.184000] smpboot: CPU0: Intel QEMU Virtual CPU version 2.1.2 (family: 0x6,
model: 0x6, stepping: 0x3)
[ 0.184000] Performance Events: PMU not available due to virtualization, usin
g software events only.
[ 0.184000] crng_initialize called
[ 0.184000] crng_initialize called
[ 0.184000] smp: Bringing up secondary CPUs ...
[ 0.184000] smp: Brought up 1 node, 1 CPU
Sometimes I get three add_interrupt_randomness lines instead of four which
is fine but still cutting things awfully close.
next prev parent reply other threads:[~2017-02-09 8:13 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-09 3:31 [PATCH] random: Don't overwrite CRNG state in crng_initialize() Alden Tondettar
2017-02-09 4:19 ` Theodore Ts'o
2017-02-09 8:13 ` Alden Tondettar [this message]
2017-02-09 17:56 ` Theodore Ts'o
2017-02-09 18:32 ` Theodore Ts'o
2017-02-09 6:47 ` Greg Kroah-Hartman
2017-02-09 9:04 ` Alden Tondettar
2017-02-09 9:23 ` Greg Kroah-Hartman
2017-02-09 9:26 ` Stephan Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170209081322.GA17535@rincewind \
--to=alden.tondettar@gmail.com \
--cc=arnd@arndb.de \
--cc=gregkh@linuxfoundation.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).