From nobody Wed Mar 09 21:35:21 2022 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0BFC019F8CD2 for ; Wed, 9 Mar 2022 21:35:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KDQTj68J5z3rSk for ; Wed, 9 Mar 2022 21:35:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B38F618912 for ; Wed, 9 Mar 2022 21:35:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 229LZLPv068370 for ; Wed, 9 Mar 2022 21:35:21 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 229LZL59068369 for bugs@FreeBSD.org; Wed, 9 Mar 2022 21:35:21 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 262192] Crashes at boot with kern.random.initial_seeding.bypass_before_seeding=0 in randomdev_wait_until_seeded() Date: Wed, 09 Mar 2022 21:35:21 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: olivier.freebsd@free.fr X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: mfc-stable13? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646861721; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OA+lFfUoSFNXARVijGryK+BwI0PJSTNC7VBiiwYE8ow=; b=DCqhBA4bmBJtcK4aVr238cICD55viZRH/PtZoGxcyZcVFcDHNxqnnT4gJjF8wcyxb1YHSn rgpxcCo0Og2huVsLGnKQL6660egdggtptkyER3/2iQyg1GAWq09skFjZuVHMD7RmHEvIZj EWOFIi4bU6xGKSWoNbLGeSUv7u8xTGJqqYSFAo21fLs1WCuzVr9VkpJDUBtJKiJMma2siC 3pwifDEBOn6mmlAsEke1LHNRS157SGkhNm/6oXhYIFBZTNnrnLabCMnT4sD5CVZMN6F4V4 uA09wjIpFVGwOiXyWMIWyM/0BFF+1rLZTt2B5nM3TvUiUYQqol8q+iJyWNFXvQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646861721; a=rsa-sha256; cv=none; b=DU27ve33WxKfftlxbVPCpakpo9Ly32eg2YuHMV/qasLNmB6Bk3V8vgzMfGLx4YK6vPAr7V s0/DHJU6KSoze71BN4TrY0q9TL0HVI8bpR5RhCLdFewsh06Bj9xXKSMAPj6R0oLPg5j36Z X1JqtoXppXO/AwhKoPileeAwTLT/wtmScpskcRc8JAQWJ92V8in987ANasHcnAcmNy0TBm hbN/uudq+Wq+uDAgPbaFZRRESPp1SP7SnmYupJTB/SueOfRX0+jdNd3mZB4+XpTi81C9sS N2T/8PQ4Jj4H9JDPdewEePcp23gc/4Rugsf3cVHp60VSuhJ8eHIgR7zKV6ImUw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D262192 --- Comment #10 from Olivier Certner --- (In reply to Conrad Meyer from comment #9) Forgot to mention the example of domain init causing a call to arc4rand() I stumbled upon: ip_init =3D> ip_reass, which initializes some hash seed that serves to hash fragments. I suspect the goal here is to make it hard for an attacker to predict which frags end up in which bucket, so that it cannot degrade the hash table's access performance without a more involved attack. Probably this could be avoided by using another, more complex, data structu= re. Maybe simply delaying this seed's init is possible. > If you want to pursue it, identifying the stack(s) blocking on random and > moving them after KICK_SCHEDULER would be a valuable contribution to Free= BSD. I'll try to pursue that indeed, by recompiling a kernel with a deterministic frag seed, and see what other calls to random exist. In the end, it might n= ot be possible to easily push calls to random after KICK_SCHEDULER without more involved changes. We'll see. Don't have much time now, but expect to have a lot in approx two months. Th= en, the ability to boot without an entropy seed file should be one of my main priorities. In the meantime, I'll report about experiments here. Thanks. --=20 You are receiving this mail because: You are the assignee for the bug.=