Ludovic Courtès <> skribis:

> I read some of these, and our ‘urandom-seed-service-type’ has the same
> bug as <>.  Namely, we
> write the previous seed to /dev/urandom but we don’t credit the
> entropy.

Now that I think about it, ‘urandom-seed’ normally contributes 512 bytes
of entropy, but immediately after it *consumes* 512 bytes of entropy:

          ;; Immediately refresh the seed in case the system doesn't
          ;; shut down cleanly.
          (call-with-input-file "/dev/urandom"
            (lambda (urandom)
              (let ((previous-umask (umask #o077))
                    (buf (make-bytevector 512)))
                (mkdir-p (dirname #$%random-seed-file))
                (get-bytevector-n! urandom buf 0 512)
                (call-with-output-file #$%random-seed-file
                  (lambda (seed)
                    (put-bytevector seed buf)))
                (umask previous-umask))))

This comes from commit 71cb237a7d98dafda7dfbb5f3ba7c68463310383 by Leo.

What about deleting the seed instead of populating it right at boot

That way, we would actually have entropy available at boot time.  In
case of a crash, the system may lack entropy upon reboot, but that’s
better than always lacking entropy when booting.

Marius, Leo, WDYT?

(If we wanted to go fancy, we could spawn a separate process that will
attempt to refill the seed minutes after the system has booted.)


Reply via email to