NetBSD Problem Report #55917
From www@netbsd.org Sun Jan 10 18:40:45 2021
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 622E61A9217
for <gnats-bugs@gnats.NetBSD.org>; Sun, 10 Jan 2021 18:40:45 +0000 (UTC)
Message-Id: <20210110184044.039921A9245@mollari.NetBSD.org>
Date: Sun, 10 Jan 2021 18:40:43 +0000 (UTC)
From: schaecsn@gmx.net
Reply-To: schaecsn@gmx.net
To: gnats-bugs@NetBSD.org
Subject: /etc/rc.d/cgd stalls on encrypted swap partitions
X-Send-Pr-Version: www-1.0
>Number: 55917
>Category: bin
>Synopsis: /etc/rc.d/cgd stalls on encrypted swap partitions
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: doc-bug
>Submitter-Id: net
>Arrival-Date: Sun Jan 10 18:45:00 +0000 2021
>Last-Modified: Sun Jan 10 23:40:01 +0000 2021
>Originator: Stefan Schaeckeler
>Release: NetBSD 9.1
>Organization:
>Environment:
NetBSD XXX 9.1_STABLE NetBSD 9.1_STABLE (GENERIC) #2: Sun Jan 3 11:19:52 PST 2021 root@dell.wonderland.de:/usr/obj/sys/arch/amd64/compile/GENERIC amd6
>Description:
/etc/rc.d/cgd stalls in cgdconfig -C on encrypted swap partitions when following /wiki.netbsd.org/guide/cgd/
The stall happens only during boot. When invoking /etc/rc.d/cgd after completion of the boot process, cgdconfig does not stall. See cgdconfig(8) for an explanation:
urandomkey The method simply reads /dev/urandom and uses the
resulting bits as the key. This is similar to the
randomkey method, but it guarantees that cgdconfig
will not stall waiting for hard-random bits (useful
when configuring a cgd for swap at boot time).
>How-To-Repeat:
>Fix:
Please replace randomkey with urandomkey in section "Using a random-key cgd for swap".
>Audit-Trail:
From: Taylor R Campbell <riastradh@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: schaecsn@gmx.net
Subject: Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions
Date: Sun, 10 Jan 2021 19:14:39 +0000
> Date: Sun, 10 Jan 2021 18:40:43 +0000 (UTC)
> From: schaecsn@gmx.net
>=20
> /etc/rc.d/cgd stalls in cgdconfig -C on encrypted swap partitions
> when following /wiki.netbsd.org/guide/cgd/
Side note: that's an old version of the guide; the one that is
maintained is <https://www.NetBSD.org/docs/guide/en/chap-cgd.html>.
I'm not really sure why we have a snapshot of the guide in the wiki;
we should maybe get rid of it and make it redirect.
> The stall happens only during boot. When invoking /etc/rc.d/cgd
> after completion of the boot process, cgdconfig does not stall. See
> cgdconfig(8) for an explanation:
>=20
> urandomkey The method simply reads /dev/urandom and uses the
> resulting bits as the key. This is similar to the
> randomkey method, but it guarantees that cgdconfig
> will not stall waiting for hard-random bits (usef=
ul
> when configuring a cgd for swap at boot time).
>=20
> Please replace randomkey with urandomkey in section "Using a
> random-key cgd for swap".
If randomkey stalls at boot when you try to configure cgd, that
indicates that you probably don't have enough entropy to safely
generate an unpredictable key.
So if you switched it to urandomkey on a machine where it hangs with
randomkey, the encrypted swap wouldn't actually provide much security.
That said, in netbsd-current (which will become NetBSD 10), there is a
much better approach: setting vm.swap_encrypt=3D1 with sysctl; we will
probably turn it on by default on some architectures too.
From: Stefan Schaeckeler <schaecsn@gmx.net>
To: riastradh@NetBSD.org
Cc: gnats-bugs@NetBSD.org
Subject: Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions
Date: Sun, 10 Jan 2021 15:39:37 -0800 (PST)
Hello Taylor,
> If randomkey stalls at boot when you try to configure cgd, that
> indicates that you probably don't have enough entropy to safely
> generate an unpredictable key.
This is my entropy right before the call to cgdconfig in /etc/rc.d/cgd:
- - - snip - - -
rndctl -slv
Source Bits Type Flags
cd0 0 disk estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
sd1 0 disk estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
ums0 0 tty estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
uhid1 0 tty estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
uhid0 0 tty estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
ukbd0 0 tty estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
sd0 55 disk estimate, collect, v, t, dt
Dt samples = 43
Dt bits = 43
Dv samples = 43
Dv bits = 21
wd0 592 disk estimate, collect, v, t, dt
Dt samples = 324
Dt bits = 324
Dv samples = 324
Dv bits = 206
cpu3 0 vm estimate, collect, v, t, dv
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
cpu2 1 vm estimate, collect, v, t, dv
Dt samples = 1
Dt bits = 1
Dv samples = 1
Dv bits = 1
cpu1 0 vm estimate, collect, v, t, dv
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
cpu0 7 vm estimate, collect, v, t, dv
Dt samples = 7
Dt bits = 7
Dv samples = 7
Dv bits = 7
coretemp1-cpu1 0 env estimate, collect, v, t, dv, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
coretemp0-cpu0 0 env estimate, collect, v, t, dv, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
re0 0 net v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
system-power 0 power estimate, collect, v, t, dt
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
autoconf 163 ??? estimate, collect, t, dt
Dt samples = 83
Dt bits = 83
Dv samples = 83
Dv bits = 0
printf 0 ??? collect
Dt samples = 0
Dt bits = 0
Dv samples = 0
Dv bits = 0
callout 133 skew estimate, collect, v, dv
Dt samples = 67
Dt bits = 67
Dv samples = 67
Dv bits = 67
704 bits mixed into pool
0 bits currently stored in pool (max 4096)
0 bits of entropy discarded due to full pool
704 hard-random bits generated
4416 pseudo-random bits generated
- - - snip - - -
I get most of the entropy, but not enough, from my boot disk wd0.
How are other systems able to generate more entropy right at the start of the boot process in /etc/rc.d/cgd?
Stefan
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.