On Thu, May 10, 2018 at 12:41:41PM +1200, Ben Caradoc-Davies wrote:
> tl;dr: fontconfig tries to regenerate .uuid files with getrandom (via
> libuuid) in early boot, which hangs because of low pool entropy; the
> plymouth fix is to copy the .uuid files into the initramfs with the DejaVu
> fonts.
One other way to address this problem is to upgrade to util-linux 2.32
(released on March 21, 2018), interstingly, *before* the CVE-2018-1108
patches, whiich landed month later.
The relevant commits from util-linux 2.32:
a9cf659e0508: lib/randutils: Do not block on getrandom()
edc1c90cb972: lib/randutils: don't break on EAGAIN, use usleep()
There's an interesting assertion in the description commit edc1c90cb972:
Note that we do not use random numbers for security sensitive things
like keys or so. It's used for random based UUIDs etc.
... which I'm not entirely sure I agree with --- there may be some
people who are using UUID's for sensitive things. Whether or not they
*should* is an interesting/differnt question. In any case, certainly
it seems that fontconfig's use of UUID isn't security sensitive.
> - Anything else calling libuuid uuid_generate_random or util-linux randutils
> random_get_bytes in early boot will also hang.
Well, not after util-linux 2.32 lands in Debian. :-)
- Ted
