Ludovic Courtès <> writes:

> Ludovic Courtès <> skribis:
>> I read some of these, and our ‘urandom-seed-service-type’ has the same
>> bug as <>.  Namely, we
>> write the previous seed to /dev/urandom but we don’t credit the
>> entropy.
> Now that I think about it, ‘urandom-seed’ normally contributes 512 bytes
> of entropy, but immediately after it *consumes* 512 bytes of entropy:
>           ;; Immediately refresh the seed in case the system doesn't
>           ;; shut down cleanly.
>           (call-with-input-file "/dev/urandom"
>             (lambda (urandom)
>               (let ((previous-umask (umask #o077))
>                     (buf (make-bytevector 512)))
>                 (mkdir-p (dirname #$%random-seed-file))
>                 (get-bytevector-n! urandom buf 0 512)
>                 (call-with-output-file #$%random-seed-file
>                   (lambda (seed)
>                     (put-bytevector seed buf)))
>                 (umask previous-umask))))
> This comes from commit 71cb237a7d98dafda7dfbb5f3ba7c68463310383 by Leo.
> What about deleting the seed instead of populating it right at boot
> time?
> That way, we would actually have entropy available at boot time.  In
> case of a crash, the system may lack entropy upon reboot, but that’s
> better than always lacking entropy when booting.
> Marius, Leo, WDYT?

I tried it, but it did not make any discernible difference in the
available entropy right after boot, nor did it aid the CRNG seeding.

So I think we should go with Linus' solution for now, as well as your
original fix Ludo because it seems to be the right thing to do anyway.

Attachment: signature.asc
Description: PGP signature

Reply via email to