OS-8280 Add /proc/sys/kernel/random/uuid to LX brands #361
Conversation
There was a problem hiding this comment.
As an interested third party, I have a couple of comments on this, and thanks for doing it!
Since there are now two places in this file which generate a random UUID, and the other place doesn't generate a valid UUID, how about making a new function that generates a valid type 4 UUID, then use that function for both this and random/boot_id ? Real linux does generate valid type 4 UUIDs for boot_id so it would be nice if we did the same.
| @@ -4995,6 +5000,34 @@ lxpr_read_sys_kernel_rand_entavl(lxpr_node_t *lxpnp, lxpr_uiobuf_t *uiobuf) | |||
| lxpr_uiobuf_printf(uiobuf, "%d\n", swrand_stats.ss_entEst); | |||
| } | |||
|
|
|||
| /* ARGSUSED */ | |||
There was a problem hiding this comment.
This line is no-longer necessary, it can be removed if you wish.
| r[6] = 0x40 | (r[6] & 0x0f); | ||
| r[8] = 0x80 | (r[8] & 0x3f); |
There was a problem hiding this comment.
How about adding comments here to make it obvious what these lines do?
| r[6] = 0x40 | (r[6] & 0x0f); | |
| r[8] = 0x80 | (r[8] & 0x3f); | |
| /* Set UUID version to 4 (random) */ | |
| r[6] = 0x40 | (r[6] & 0x0f); | |
| /* Set UUID variant to 1 */ | |
| r[8] = 0x80 | (r[8] & 0x3f); |
|
Don't know why I didn't see these comments earlier, anyway, will address them tomorrow. |
| lxpr_gen_uuid(char *uuid, size_t size) | ||
| { | ||
| uint8_t r[16]; | ||
| (void) random_get_bytes(r, sizeof (r)); |
There was a problem hiding this comment.
random_get_bytes() can possibly fail if there is insufficient entropy, returning EAGAIN (I wonder if that's why the original implementation called random_get_bytes() several times for each component @jjelinek ?)
In that case, the UUID is going to be built from whatever was on the stack.
I think we should rather just fall back to random_get_pseudo_bytes() so it's at least a bit more random.
| (void) random_get_bytes(r, sizeof (r)); | |
| if (random_get_bytes(r, sizeof (r)) != 0) | |
| (void) random_get_pseudo_bytes(r, sizeof (r)); |
There was a problem hiding this comment.
Thanks for the feedback, falsely assumed it wouldn't fail as the original code didn't check the return value either.
|
Can you leave any notes about how you tested this? I'd like to pull this in, but I can't w/o knowing how you tested this (so we can repeat it internally). The code looks good and I'll mark it as a +1 for review, but we can't grant integration approval without testing notes. |
So far I've only done manual tests being all new to SmartOS and it's ecosystem. What I've done is to ensure that the output is valid version 4 variant 1 UUIDs using online validators, and verified that boot_id does not change. I've also been able to run sup using this, which is what started this in the first place. The code is yet to be stress tested. While reading up on testing in the SmartOS project I noticed the lx-tests repository so will create a PR which add simple functional tests there. Any specific tests other than writing functional tests in lx-tests you would want me to do @danmcd? |
|
Honestly, for this, you probably don't need to worry about stress-tests. I was more concerned with was it any different from expectations (i.e. would a Linux user not be surprised by a difference) and it seems it hasn't. You also regression-tested boot_id, which is also good. @citrus-it told me via chat he's done your tests on his own integration of this into OmniOS, so I'd like him to report here, and I'll turn this into an OS ticket as well. |
danmcd
changed the title
|
OS ticket filed: https://smartos.org/bugview/OS-8280 |
|
Have some simple tests prepared now, https://github.com/pekdon/lx-tests/tree/procfs-random-tests, but I guess those should wait until this is merged. |
The only thing that would be nice to know that is that it gracefully falls back into using pseudorandom code on low entropy situations I guess, hard to device such a test however. |
|
I integrated this into OmniOS and did some basic testing - booting an LX zone and reading from the new I also check that the Re the cstyle, it is just the indentation of the continuation lines to |
| char uuid[LX_BOOTID_LEN]; | ||
|
|
||
| ASSERT(lxpnp->lxpr_type == LXPR_SYS_KERNEL_RAND_UUID); | ||
| ASSERT(zone->zone_brand == &lx_brand); |
There was a problem hiding this comment.
In smartos lx proc can be found at /system/lxproc in a native zone. I don't see the sys dir under that path, but I do see it in an lx zone. I just want to confirm someone in a native zone cant use this path to trigger this assert. I would like to verify that we don't mount sys in native.
There was a problem hiding this comment.
I guess this answers my question :)
|
Unless @pekdon wants to fix that last UUID-length nit, I'm willing to IA this given the testing it's got. |
Add /proc/sys/kernel/random/uuid that generates a random UUID on each read. It is used by software such as xapian. Updated /proc/sys/kernel/random/boot_id to use the same UUID code to return a valid UUID instead of a bogus one dropping the use of LX_BOOTID_LEN in favour of UUID_PRINTABLE_STRING_LENGTH.
/proc/sys/kernel/random/uuid generates a random UUID on each read and is used by software such as xapian.