[Bug 262192] Crashes at boot with kern.random.initial_seeding.bypass_before_seeding=0 in randomdev_wait_until_seeded()

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 18 Mar 2022 00:06:18 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262192

--- Comment #13 from Olivier Certner <olivier.freebsd@free.fr> ---
This is on a relatively recent 13-STABLE. I'll repeat this process with
CURRENT's GENERIC kernel when possible.

I'm wondering if it is possible, or even desirable, to initialize the seeds
later on. I've not taken the time yet to figure out at which point in the boot
TCP connections may be established, and I'm not sure it's not before
KICK_SCHEDULER. Moreover, splitting the initialization code is a cognitive
burden, so it would be best to avoid it (if possible).

The last two stacks above correspond to random values that are generated each
time a new FS is mounted/a process started. They happen after KICK_SCHEDULER.
However, in my tests, I introduced code to make the kernel panic if, on the
first call to the random dev, seeding doesn't happen within 10s (to catch the
earlier stacks, where anyway no harvesting takes place, so the random calls
block indefinitely). And I got panics indeed for these two stacks as well, so
entropy isn't accumulating "fast enough" (would be interesting to see how long
the calls would block before enough entropy is available; waiting tens of
seconds might be tolerable at boot in some scenarios, but probably not much
more).

If some entropy source could be made available very early, all these
considerations and problems would be avoided.

-- 
You are receiving this mail because:
You are the assignee for the bug.