[OpenWrt-Devel] [PATCH] openssl: Fix longer booting times by unblocking getrandom
Petr Štetiar
ynezz at true.cz
Fri Mar 15 12:01:35 EDT 2019
Etienne Champetier <champetier.etienne at gmail.com> [2019-03-15 10:46:09]:
Hi,
> Just a side note, on first boot we save a random seed using getrandom()
> https://github.com/openwrt/openwrt/blob/master/package/base-files/files/etc/init.d/urandom_seed
> https://github.com/openwrt/openwrt/blob/master/package/base-files/files/sbin/urandom_seed
>
> And we restore it in preinit
> https://github.com/openwrt/openwrt/blob/master/package/base-files/files/lib/preinit/81_urandom_seed
Well, it seems like we're writing the /etc/urandom.seed to the /dev/urandom
which doesn't help with initialization of CRNG, just seeding the /dev/urandom.
> So even if kernel PRNG is considered not initialized, in reality it
> is, so starting from second boot we are ~ok
Nope, see bellow.
1st boot:
[ 3.944674] urandom-seed: Seed file not found (/etc/urandom.seed)
[ 75.120166] random: fast init done
[ 140.917418] random: crng init done
2nd boot:
[ 3.938414] urandom-seed: Seeding with /etc/urandom.seed
[ 22.440981] random: fast init done
[ 135.737309] random: crng init done
-- ynezz
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list