lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6a690b23-abd8-0966-28fd-caff128b887d@molgen.mpg.de>
Date:   Tue, 3 Jul 2018 09:37:53 +0200
From:   Paul Menzel <pmenzel@...gen.mpg.de>
To:     Arnd Bergmann <arnd@...db.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-kernel@...r.kernel.org
Subject: Hints on decreasing boot time regarding RNG?

Dear Linux folks,


Benchmarking the Linux 4.18-rc3+ boot time on the ASRock E350M1 with 
Debian Sid/unstable, I added debug statements to the function 
`crng_fast_load()` `drivers/char/random.c` to get the Linux kernel time 
stamps. (No idea how to do that with Ftrace.)

> diff --git a/drivers/char/random.c b/drivers/char/random.c
> index cd888d4ee605..c2d45c6db2bb 100644
> --- a/drivers/char/random.c
> +++ b/drivers/char/random.c
> @@ -841,6 +841,8 @@ static int crng_fast_load(const char *cp, size_t len)
>         unsigned long flags;
>         char *p;
>  
> +       pr_notice("random: 1\n");
> +
>         if (!spin_trylock_irqsave(&primary_crng.lock, flags))
>                 return 0;
>         if (crng_init != 0) {
> @@ -848,11 +850,14 @@ static int crng_fast_load(const char *cp, size_t len)
>                 return 0;
>         }
>         p = (unsigned char *) &primary_crng.state[4];
> +       pr_notice("random: 2\n");
>         while (len > 0 && crng_init_cnt < CRNG_INIT_CNT_THRESH) {
>                 p[crng_init_cnt % CHACHA20_KEY_SIZE] ^= *cp;
>                 cp++; crng_init_cnt++; len--;
>         }
> +       pr_notice("random: 3\n");
>         spin_unlock_irqrestore(&primary_crng.lock, flags);
> +       pr_notice("random: 4\n");
>         if (crng_init_cnt >= CRNG_INIT_CNT_THRESH) {
>                 invalidate_batched_entropy();
>                 crng_init = 1;

In my environment I get the results below.

> [    0.007551] Freeing SMP alternatives memory: 32K
> [    0.008000] random: 1
> [    0.008000] random: 2
> [    0.008000] random: 3
> [    0.008000] random: 4
> [    0.008000] smpboot: CPU0: AMD E-350D APU with Radeon(tm) HD Graphics (family: 0x14, model: 0x2, stepping: 0x0)

> [    1.687197] random: 1
> [    1.687202] random: 2
> [    1.687203] random: 3
> [    1.687204] random: 4
> [    1.710068] random: 1
> [    1.710072] random: 2
> [    1.710073] random: 3
> [    1.710074] random: 4
> [    2.114496] random: 1
> [    2.114502] random: 2
> [    2.114504] random: 3
> [    2.114505] random: 4
> [    2.114510] random: fast init done
> [    2.136307] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
> [    2.280576] random: systemd-bootcha: uninitialized urandom read (16 bytes read)
> [    2.447925] systemd[1]: systemd 239 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid)

So, the function is called four times, and the execution time is very 
fast. I was first thinking, it took half a second, but assume my initrd 
environment uses the time up there.

Please find the full log and configuration attached. Do you see any 
optimization potential in my configuration? For example use a different 
RNG or only call the method once?


Kind regards,

Paul

View attachment "20180703–linux_4.18-rc3+–random-debug.txt" of type "text/plain" (122116 bytes)

View attachment "20180703–linux-config–random-debug.txt" of type "text/plain" (125850 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ