[Development] QRandomGenerator and boot times
Sami Nurmenniemi
sami.nurmenniemi at qt.io
Fri Sep 15 09:31:36 CEST 2017
On 14.09.2017 20:02, Thiago Macieira wrote:
> On Thursday, 14 September 2017 08:18:05 PDT Giuseppe D'Angelo wrote:
>> Il 14/09/2017 17:01, Thiago Macieira ha scritto:
>>>> 2. Add "rng-tools" to the image for inputting entropy to the kernel
>>>> - Speeds up initialization of nonblocking pool
>>>> - On devices with HW random generator, this adds real entropy to the
>>>> kernel
>>>> pool - On devices without HW random generator, this adds bad entropy from
>>>> /dev/urandom to the kernel pool
>>> Huh? Adding entropy from /dev/urandom back to /dev/urandom? This is worse
>>> than the "rob Peter to pay Paul" - you want to rob Peter to pay Peter.
>> It's a myth of some crazy tutorials and broken default configurations
>> found on the internet. Don't do that!
>>
>> By the way, it's strange that the entropy is emptied just after boot
>> (which is when there should be plenty of I/O to refill the entropy pool).
> The entropy pool starts empty at boot. How much data is required to fill it
> enough for the kernel's needs will vary from device to device. The faster your
> device and the more I/O it does, the faster that will happen. A HWRNG will
> also help, but it will clearly start with no entropy either, so how soon it
> will work is again dependent on the implementation.
>
> On my Skylake system, which does have a HWRNG, it takes 3.8 seconds after boot
> for the random system on Linux to be up to speed. But that's slow enough that
> several system services have already started:
>
> $ dmesg | grep random:
> [ 3.475259] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475305] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475328] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475612] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475634] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475643] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475655] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475662] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475667] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.475715] random: systemd: uninitialized urandom read (16 bytes read)
> [ 3.837995] random: crng init done
>
Thank you all for your comments. We'll setup the rng-tools which will
feed entropy to the kernel from /dev/hwrng as suggested in the kernel
documentation https://www.kernel.org/doc/Documentation/hw_random.txt.
I think we'll just have to accept blocking for the devices without
hwrng. I don't know if we really support any such devices. If we do and
boot time is essential for those, we'll have to figure out some way
(probably saving entropy over reboot).
More information about the Development
mailing list