gce: use getrandom instead of urandom for on node rng #68256
Conversation
k8s-ci-robot
added
release-note-none
k8s-ci-robot
added
approved
cluster/gce/gci/configure-helper.sh
Outdated
| # ARGS: | ||
| # #1: number of secure bytes to generate. We round up to the nearest factor of 32. | ||
| function secure_random { | ||
| local infobits="${1}" |
cluster/gce/gci/configure-helper.sh
Outdated
| function secure_random { | ||
| local infobits="${1}" | ||
| if ((infobits <= 0)); then | ||
| echo "Requested insufficient entropy" 1>&2 |
There was a problem hiding this comment.
nit: everywhere else we just output errors & warnings to stdout
EDIT: realized that would conflict with the return value
There was a problem hiding this comment.
This might be a more informative message: Invalid argument to secure_random: infobits=$infobits
cluster/gce/gci/configure-helper.sh
Outdated
| ) | sha256sum \ | ||
| | head -c 64 \ | ||
| | xxd -r -p | ||
| ); |
cluster/gce/gci/configure-helper.sh
Outdated
| ) | sha256sum \ | ||
| | head -c 64 \ | ||
| | xxd -r -p | ||
| ); |
There was a problem hiding this comment.
I ran this a few times, and sometimes get:
bash: warning: command substitution: ignored null byte in input
I think that might be losing some entropy?
There was a problem hiding this comment.
Good catch, this is fixed by defering the hex decode out of the loop to when we do the base64 encode.
| KUBE_CLUSTER_AUTOSCALER_TOKEN=$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64 | tr -d "=+/" | dd bs=32 count=1 2>/dev/null) | ||
| KUBE_CONTROLLER_MANAGER_TOKEN="$(secure_random 32)" | ||
| KUBE_SCHEDULER_TOKEN="$(secure_random 32)" | ||
| KUBE_CLUSTER_AUTOSCALER_TOKEN="$(secure_random 32)" |
There was a problem hiding this comment.
The output of the new function is longer & has a different format. Is that a problem?
$ for i in $(seq 1 10); do secure_random 32; done
2rh09yQmL2OkCrLBl+NzjFZXfW8p/I1waEcdcInPt74=
V2P0Sx8DbQ2fSHmBlD5TIQ13WnE+krXzSytQdYSavIs=
bash: warning: command substitution: ignored null byte in input
onSYBtYtkZSDiMswwlsZJJyOg07hMnGzq+QBRTlU
bash: warning: command substitution: ignored null byte in input
ujDlqE9CwYkwTVYGhHbYbc9qK4jJg1H2dloz0ghSPA==
lIsXSn4xCUDZm6FMwdsywU25anFsb4da7l6jgfVHl0w=
ZB0ant3bWCDrIo4nomBWSL2T91MNxnSMtIU5U/kRQw==
mcWNml7f0s8/lnI30/6+YscTwPkMcZKQzKwgPF/hh5k=
V5kpzout27rBdxp2tw8MfGcrnmG+J08MaZYBavt40Yg=
ZIbO4M2pQhYW9DMY3kxD4Y8y3rRdGfIVFR50IRwyLmM=
bash: warning: command substitution: ignored null byte in input
n9JL2XTEBra7bNUM6P8d5jbAvmAPa3cIMud9jyxb/Q==
vs
for i in $(seq 1 10); do dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64 | tr -d "=+/" | dd bs=32 count=1 2>/dev/null; echo; done
g4SCrOKRgSZoNbdCK5kRyTXQhyG5FzdP
LPl5C4OGwjaxQgAsU7UKv57nLEGwURsk
qpZ9s0XxJlpbrVv6fpEpiKyKHYZVF4us
k88N0Ap7ElIsDpEzyqPyHozYUJGYwH41
b0FEzZgpO0SYsik6zSwWk4wYKTYLcYng
reLHdWw4griQ8ilXDms7UZkcLhyV0nGD
o5jgSUGTNumsLB0lxaMLs36004wrBX7o
tW5xFRmIzCtZBq5BA1TOhEEVZGhd9OdG
IGSlrmfazSXXAcaElkJqhlz5UlAkgtkr
YX3Hw8QXyCqsraV3hWH0ZyJy9VIu8y7k
There was a problem hiding this comment.
The output changed from 32 characters to 44 characters. 44 characters is the minimum number of bytes required to carry 32 bytes of entropy base64 encoded. I don't think this should be an issue.
There was a problem hiding this comment.
The other difference is the tr -d "=+/" - does it matter?
There was a problem hiding this comment.
It's neither helpful nor harmful. I don't feel strongly about it either way.
mikedanese
force-pushed
the
nourand
branch
2 times, most recently
from
a196c39
to
65b726c
Compare
|
/lgtm |
k8s-ci-robot
added
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mikedanese, tallclair The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
New changes are detected. LGTM label has been removed. |
k8s-ci-robot
removed
the
lgtm
mikedanese
added
the
lgtm
There was a problem hiding this comment.
I would have added a comment at line 65 of configure-helper.sh explaining that sha256sum emits hex digits in ascii, so we need 64 characters, but that's just a matter of personal taste. The question whether this will be obvious to a future reader of the code.
|
New changes are detected. LGTM label has been removed. |
k8s-ci-robot
removed
the
lgtm
In the context, our urandoms where generally safe, however getrandom has built in invariants around entropy pool initialization, making getrandom safe in all contexts. This should protect us from cryptopasta errors or weird entropy issues.
|
/retest |
mikedanese
removed
the
do-not-merge/hold
mikedanese
added
the
lgtm
mikedanese
added
the
priority/critical-urgent
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue (batch tested with PRs 68087, 68256, 64621, 68299, 68296). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md. |
|
@mikedanese: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
In the context, our urandoms where generally safe, however getrandom has
built in invariants around entropy pool initialization, making getrandom
safe in all contexts. This should protect us from cryptopasta errors or
weird entropy issues.