On Wed, 2008-08-06 at 11:08 +0200, Stanislav Meduna wrote:
> Hi,
>
> I and a few other users are seeing sshd failing with
> Couldn't obtain random bytes (error 604389476)
> and other ssl-related application failing randomly
> in user mode linux guests and I suspect a problem
> in openssl that got triggered by some change in UML.
>
> I reviewed the RAND_poll function in rand_unix.c
> (statically, no time for building a debug version now)
> and have following suspicions:
>
> ===
> For Linux:
>
> int r; ... this has random bytes from stack
> ...
>
> if (poll(&pset, 1, usec / 1000) < 0)
> usec = 0;
> else
> try_read = (pset.revents & POLLIN) != 0;
>
> ... Let's say that the poll timed out (i.e. returned 0)
> try_read remains 0, r still has garbage
The r is set to -1 in the else of if(try_read) statement.
> while ((r > 0 || (errno == EINTR || errno == EAGAIN)) &&
>
> ... Let's say that the garbage was negative. We are out of
> the loop and errno has bogus data (successfull/timed out
> poll did not set anything)
errno has garbage value - this should be fixed by initializing errno to
0 before the poll/select calls. But in the worst case it means the code
will wait until it will be able to read some data from the random device
(which was not the intent).
>
> === For other Unices there's additional problem:
>
> If the select select's successfully and immediately, it can
> leave the time not slept unchanged in the time argument
> (which is IMHO fully legal, if it finds the bytes immediately).
> If the read then does not get all the needed bytes, the code
> if (usec == 10*1000)
> usec = 0;
> kicks in and we are out of the loop again.
The problem is not in the RAND_poll() timeouting - this is fully
intentional, the function should timeout after 10ms if the random device
blocks read. The default is to
try /dev/urandom, /dev/random, /dev/srandom in this order. So if you for
example do not have /dev/urandom and have just the blocking /dev/random,
it is perfectly possible that the RAND_poll returns error. The other
possibility is that the /dev/urandom is broken in UML and blocks if not
enough entropy is available.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
User-mode-linux-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
