Web lists-archives.com

Re: FYI/RFC: early-rng-init-tools




Sebastian Andrzej Siewior dixit:

>so I have one older box that suffers from that. I installed haveged and
>seemed to went away:

I tried that, after the suggestion to use haveged went up, but…

>As far as I understand, it would reach the "init done" state before
>systemd took over, right?

… this was not true for me. Not before init takes over, anyway (as
haveged does not have any initramfs integration), but we’re talking
about “crng init done” here, not “fast init done”. In my scenario,
haveged was started much too late in the boot to be useful (after
tomcat, even). But then, I use a non-parallel sysvinit startup. It’s
fragile anyway; if you install more daemons, for example, it might
also block before reaching the stage where haveged starts on your
parallel systemd setup suddenly.

>So what is the advantage over using haveged?

haveged tries to use CPU jitter, in a way similar to jytter but
on a much more massive scale, to gather entropy-ish and writes
that to the kernel RNG. It, however, does that all the time, and
not just a little bit. Basically, it’s an attempt to gather entropy,
while early-rng-init-tools just takes what’s there during normal
system runtime (which you have to provide yourself, at the very
least before installing it, but sensibly also normally) and makes
it available to the kernel earlier (this really ought to be done
in the bootloader, even, but this at least improves on what we
currently have).

So, different concept (even though early-rng-init-tools also has
a *small* gather function which, on x86, gathers a few bytes using
the same mechanism… but the majority of randomness comes from the
seed file).

From what I’ve read about haveged, statements from its author, and
looking at the source code (which begs to be customised for the exact
CPU setup your machine has, as if it were a FORTRAN library), I’d
prefer to not use haveged on my systems even if it would help. I’m
the owner of several Simtec EntropyKey sticks and use them and a
entropy distributing scheme over the network (with SSL/SSH) instead
to add runtime entropy to machines lacking local (disk/keyboard/mouse).
But, as I said, that’s just at runtime; early-rng-init-tools isn’t
about that (except it updates the seedfile later durng runtime to
mix in at least some more runtime entropy that the next boot will
be able to use).

bye,
//mirabilos
-- 
“It is inappropriate to require that a time represented as
 seconds since the Epoch precisely represent the number of
 seconds between the referenced time and the Epoch.”
	-- IEEE Std 1003.1b-1993 (POSIX) Section B.2.2.2