Re: [uml-devel] Strange behaviour of hwrng

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Am Freitag, den 21.10.2005, 20:42 +0200 schrieb Blaisorblade:
> On Friday 21 October 2005 20:24, Gerd Stolpmann wrote:
> > Hi list,
> >
> > I recently tested the hwrng driver. In principal, it works, but it
> > sometimes eats up all host CPU time. In particular, I can see that the
> > UML system does a (blocking) read on /dev/hwrng,
> 
> Could you please elaborate on that? Who is doing the read, the rng tools? 

Yes, one of the rngd threads is doing the read:

play:~# strace -p 517
Process 517 attached - interrupt to quit
read(3,  <unfinished ...>

top shows it consumes 12.5% CPU time (on the UML system) although it is
blocking, I guess it is system time accounted for this process. On the
host system, UML consumes more than 70% CPU time.

> Also, are they doing only a single read (in which case, it's we the ones who 
> are looping and we're broken) or they are astonished by our -EAGAIN and keep 
> trying (in which case, they are broken)?

Obviously, they don't get the -EAGAIN, so they are only doing a single
read. (We should see the -EAGAIN with strace if it occurred, shouldn'd
we.)

> Actually, from looking at the code (arch/um/drivers/random.c:rng_dev_read()) 
> it appears that we _do_ loop ourselves, if the read is blocking. Not sure how 
> to handle that.

I think this is the problem.

> We could return maybe -EIO, possibly when a rate limit is exceeded (not 
> trivial to do, though - I must learn using timers first).

Maybe an opportunity...

> > and that the host 
> > system loops while reading from /dev/random which almost always returns
> > -EAGAIN. (Found that out with strace, in the hope the output is
> > correct.)
> 
> Well, if the host hasn't enough entropy, it's reasonable for it to return 
> -EAGAIN.

Of course, it it will do most of the time.

> And we should do the same (the loop is actually executed by the UML code, 
> right?).

If the descriptor is non-blocking.

> However, probably the tools inside UML don't expect a lot to get -EAGAIN from 
> an hardware generator. So possibly they are not ready to handle that well.

Obviously, the real hardware generators block when there is not enough
entropy, and rngd was written for them. I think there are two ways of
fixing the problem:

(1) Change rngd. If it sees -EAGAIN, it sleeps for a moment. This is not
easy, because it has to find out the available bit rate of entropy, in
order to determine a reasonable frequency of polling /dev/hwrng.

(2) Fix /dev/hwrng such that it blocks when it is out of entropy. Looks
like the same problem, only within the kernel.

Gerd

> 
> > Nevertheless rngd seems to work, because when killing with SIGUSR1 it
> > shows some reasonable statistics.
> 
> > My test setup is as follows:
> 
> > - Host system: 2.6.12.6 with SKAS3 v8.2 patch
> > - UML system: 2.6.14-rc5, in SKAS3 mode.
> >   Using rngd from Debian Sarge.
> >   TLS is disabled.
> 
> > Let me know if you need more information.
> 
> > Gerd
> 
-- 
------------------------------------------------------------
Gerd Stolpmann * Viktoriastr. 45 * 64293 Darmstadt * Germany 
ge...@ge...          http://www.gerd-stolpmann.de
Telefon: 06151/153855                  Telefax: 06151/997714
------------------------------------------------------------