[SOLVED] "uninitialized urandom read" warnings in kernel 5.15.117
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The above messages means that you are using a predictable crypto because of "boot time entropy starvation". There is some information on how to avoid that at https://wiki.debian.org/BoottimeEntropyStarvation
The above messages means that you are using a predictable crypto because of "boot time entropy starvation". There is some information on how to avoid that at https://wiki.debian.org/BoottimeEntropyStarvation
regards Henrik
The volume key is generated at creation time, not open time. I'm not entirely sure what cryptsetup uses those 8 bytes of randomness for, but unless his adversary is a State level TLA Agency it's probably not a big deal that urandom isn't fully initialised.
That said, on my laptop my crng pool is initialised within the first 1/10th of a second of boot, well before udev is started by the initrd, so I'm surprised he's hitting this issue.
I used to see these messages prior to the jitter routines being added in kernel 5.4, but I haven't seen them show up since.
You could try to 'cp /sbin/haveged /boot/initrd-tree/sbin' and add line 'haveged --once' to the script /boot/initrd-tree/init at line 98 after proc, sysfs, devtmpfs have been mounted. Then run a plain 'mkinitrd' without options to build /boot/initrd.gz with otherwise previous initrd content and use it. Do not use the '-c' flag with mkinitrd command because it clears initrd-tree and removes your changes. (If cleared, mkinitrd extracts a new initrd-tree from /usr/share/mkinitrd/initrd-tree.tar.gz where your changes are not yet.)
I have not tested it. So, I would make a copy of the old initrd.gz to a different name and use it as a backup choice in the boot menu of my boot loader.
EDIT: Now I have tested it on my machine which does not have problems with urandom. It booted normally as before.
Last edited by Petri Kaukasoina; 07-11-2023 at 04:41 AM.
I just tested that here. I also added line 'sleep 10' after that haveged line, so I could read the output. During boot it printed 'Writing 512 output to /dev/urandom'.
Maybe not a good idea, but you could try a longer sleep. And during the sleep you could hit the shift and alt keys a lot and move the mouse a lot. Maybe the interrupts generate enough entropy. (Maybe the os does not trust the quality of entropy fed to /dev/*random.)
Last edited by Petri Kaukasoina; 07-12-2023 at 05:34 AM.
If you want to force the initrd to wait until the rng has initialised then you can compile this simple program and add it to the start of your initrd:
Code:
#include <stdio.h>
#include <sys/random.h>
int main()
{
unsigned char r;
puts("Waiting for random number generator to initialise...");
return getentropy(&r, sizeof r);
}
The getentropy() call will not return until the kernel rng has initialised. Depending on how well your system gathers entropy this could introduce a short delay, or in the worst case, where no entropy sources are available at all, block the boot indefinitely. On x86 the kernel gathers entropy from CPU timing jitter and interrupts, other archs may not be so lucky.
If you give this a go, make sure you have an alternate initrd to boot from just in case it doesn't return.
I am marking this thread as "Solved" however I do find it curious that your solution introduced no delay in the boot process and yet `sleep 10` didn't help at all.
Yes, that is a little odd, but then again 'sleep' doesn't really get the kernel to do much, no matter how long it waits. I guess the getentropy() call managed to get the kernel to do just enough work to generate enough entropy to get the job done: kind of like a self-fulfilling prophecy.
Anyway, glad it worked for you.
BTW, dmesg | grep 'crng init done' will show you the exact timings.
P.S. this whole thing makes me wonder if carrying over the /etc/random-seed data from one boot to the next is really of any value any more. The kernel periodically reseeds the chacha20 CSPRNG generators now anyway and /dev/random no longer has an 'entropy pool' as such that it draws from.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.