Opened 6 months ago

Closed 6 months ago

Last modified 4 weeks ago

#24500 closed defect (implemented)

Confusing log message "Can't get entropy from getrandom()"

Reported by: arma Owned by:
Priority: Medium Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-crypto, s8-errors
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor: Sponsor8

Description

A relay operator on #tor shared these log lines:

Dec 01 16:33:00.000 [notice] Tor 0.3.1.8 (git-868c1b2b1eb7225a) opening log file.
Dec 01 16:33:00.515 [warn] Can't get entropy from getrandom().
Dec 01 16:33:00.534 [notice] Tor 0.3.1.8 (git-868c1b2b1eb7225a) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g, Zlib 1.2.8, Liblzma 5.1.0alpha[...]

The middle line is confusing -- why can't we get the entropy from it? Does that mean Tor has failed at something important? What should the relay operator do?

If the relay operator shouldn't do anything, because it's fine, this should be a notice or less. If the relay operator ought to do something, because it's not fine, then we should suggest what to do and/or what the problem is with doing nothing.

Child Tickets

Attachments (1)

0001-Make-errno-error-log-more-useful-for-getrandom.patch (1.9 KB) - added by ffmancera 6 months ago.

Download all attachments as: .zip

Change History (9)

comment:1 Changed 6 months ago by arma

(For context, they say they are on Ubuntu Xenial.)

comment:2 Changed 6 months ago by yawning

The middle line is confusing -- why can't we get the entropy from it?

It's a system call. The usual case for this failing is that the kernel is too old (ENOSYS), but the distribution they are supposedly using has a kernel that is 3.17 or newer.

This should probably log errno, though I am uncertain as to how useful that will be since the code is smart enough to retry on EINTR and EAGAIN.

Does that mean Tor has failed at something important? What should the relay operator do?

Using getrandom() is preferable to reading from /dev/urandom, but there is a fallback path, so it's not fatal, just odd. The relay operator should figure out why getrandom() is failing.

comment:3 Changed 6 months ago by yawning

If you knew that their kernel was ancient, you should have mentioned it when filing the bug...

Ubuntu 16.04 LTS ships with Linux 4.4 (https://wiki.ubuntu.com/XenialXerus/ReleaseNotes#Linux_kernel_4.4).

Per comment:7:ticket:24164

Im running Ubuntu 16.04.3 LTS (GNU/Linux 2.6.32-042stab120.11 x86_64) and I still get the errors on Tor 0.3.2.5-alpha

This is most certainly a ENOSYS, due to their OpenVZ kernel, which is not the kernel shipped by the the version of Ubuntu listed in this bug report.

What should the relay operator do?

Ignore the message. It happens once and only once per launch. The log message could be more informative, and still probably should log errno, but apart from that I think it's fine as is.

I'm personally in favor of leaving this as a warn, as getrandom() support is common place, and falling back to /dev/urandom is objectively a bad thing.

comment:4 Changed 6 months ago by nickm

Milestone: Tor: 0.3.2.x-final

Still deserves a better log message: reporting the ENOSYS would let them know what was wrong with their system.

comment:5 Changed 6 months ago by ffmancera

Status: newneeds_review

Done! I hope everything is fine!

comment:6 Changed 6 months ago by dgoulet

Keywords: tor-crypto added
Status: needs_reviewmerge_ready

lgtm;

comment:7 Changed 6 months ago by nickm

Resolution: implemented
Status: merge_readyclosed

merged to 0.3.2 and master.

FWIW, this isn't "Code simplification and refactoring", because it changes behavior. I've changed it to "minor features" instead.

comment:8 Changed 4 weeks ago by catalyst

Keywords: s8-errors added
Sponsor: Sponsor8
Note: See TracTickets for help on using tickets.