[systemd-devel] Why we need to read/save random seed?

[cee1]

2015-06-17 22:03 GMT+08:00 Lennart Poettering <lennart at poettering.net>:
> On Wed, 17.06.15 20:21, cee1 (fykcee1 at gmail.com) wrote:
>>
>> What I means is:
>> 1. Load a saved seed to /dev/urandom.
>> 2. The service read /dev/random, which will block until kernel thinks
>> there's enough entropy - then the Random Number should be good?
>> 3. Save the random number returned in step 2 on disk.
>
> Blocking at boot for this doesn't really sound like an option. But the
> kernel does not provide us with any nice notifications about when the
> RNG pool is complete. If we want to do this kind of polishing, then
> that'd be great, but we'd need sane notifiers for that, blocking
> syscalls are not an option.

That don't mean blocking boot, but a service, let's say
systemd-random-seed.service:
1. systemd-random-seed.service loads a seed from disk to /dev/urandom
2. systemd-random-seed.service tells systemd "I'm ready" (sd_notify())
3. Instead of quitting immediately, systemd-random-seed.service tries
to read /dev/random, and it blocks ...
4. systemd-random-seed.service at last gets a 'good random number',
and saves it on disk

This can save a seed as soon as possible, as suggested in the article
http://www.2uo.de/myths-about-urandom/:
"""
On Linux it isn't too bad, because Linux distributions save some
random numbers when booting up the system (but after they have
gathered some entropy, since the startup script doesn't run
immediately after switching on the machine) into a seed file that is
read next time the machine is booting.

Obviously that isn't as good as if you let the shutdown scripts write
out the seed, because in that case there would have been much more
time to gather entropy. The advantage is obviously that this does not
depend on a proper shutdown with execution of the shutdown scripts (in
case the computer crashes, for example).
"""



-- 
Regards,

- cee1