[Pkg-sysvinit-devel] /etc/init.d/urandom

Fri Jul 1 16:26:34 UTC 2011

Hi,

I’ve just stumbled upon the following comment:

     49         # Hm, why is the saved pool re-created at boot? [pere 2009-09-03]

After talking to pere in IRC he suggested I mail the answer here:

When you carry a random seed from shutdown to the next startup,
the system will run for a while. If the system then crashes and
you do _not_ rewrite the seed after reading it, the next boot
will be a repeat of the previous, random-seedfile wise (there
are, of course, other factors to the generated entropy, but more
variety is always good). This should be avoided, that’s why a new
seedfile is created _both_ on shutdown and just after the old one
has been contributed into the kernel pool on startup.

From reading the script, I wonder about the order of lines 43/44:

     39                 set -- $(LC_ALL=C ls -l "$SAVEDFILE")
     40                 SAVEDSIZE="$5"
     41                 if [ "$SAVEDSIZE" -gt "$POOLSIZE" ]
     42                 then
     43                         [ -w /proc/sys/kernel/random/poolsize ] && echo $POOLSIZE > /proc/sys/kernel/random/poolsize
     44                         POOLSIZE=$SAVEDSIZE
     45                 fi

Is there any place POOLSIZE can be configured, other than
these two?

     17 POOLSIZE=512
     18 [ -f /proc/sys/kernel/random/poolsize ] && POOLSIZE="$(cat /proc/sys/kernel/random/poolsize)"

I do not see any configuration file for it. If the order of
the lines 43/44 is correct, there is no need to write $POOLSIZE
back to the kernel, since it cannot differ. If you want to swap
lines 43 and 44, to make the poolsize the same as the size of
the seedfile, things WILL break if the seedfile is not a power
of two. (I have been known, although on BSD, to append stuff to
the seedfile for it to be picked up the next time on occasion,
although that may not be the best practice, it would bring all
kinds of problems.)

The poolsize sysctl is not documented in linux/Documentation/
but the current practice is almost certainly wrong, because
linux-m68k/drivers/char/random.c says:

static int sysctl_poolsize = INPUT_POOL_WORDS * 32;

This means that the size is in bit, not bytes.

Finally, it appears that the sysctl is read-only, or rather,
can be written to but the changed value will never be used
by the random device driver backend… any writes would be
pointless thus.

I’d be willing to clean up the init script a bit (also, add
reading the seedfile at shutdown before writing it, in case
someone wrote stuff there during the system runtime), if you
want. My qualification is that I worked on the random subsy-
stem in MirBSD (which contains of a kernel device by tytso,
similar to Linux’, plus start/shutdown scripts, plus an aRC4
based additional pool, plus (in MirBSD) another pool where
non-root processes can contribute entropy) for a few years
and have read quite a bit on the topic.

Please do Cc me on replies, I’m not subscribed to this list.

Thanks,
//mirabilos
-- 
FWIW, I'm quite impressed with mksh interactively. I thought it was much
*much* more bare bones. But it turns out it beats the living hell out of
ksh93 in that respect. I'd even consider it for my daily use if I hadn't
wasted half my life on my zsh setup. :-) -- Frank Terbeck in #!/bin/mksh