Skip to content

ubusd_id: use GRND_INSECURE to avoid blocking boot on getrandom()#24

Merged
openwrt-bot merged 1 commit into
openwrt:masterfrom
hauke:ubusd-id-grnd-insecure
Jun 28, 2026
Merged

ubusd_id: use GRND_INSECURE to avoid blocking boot on getrandom()#24
openwrt-bot merged 1 commit into
openwrt:masterfrom
hauke:ubusd-id-grnd-insecure

Conversation

@hauke

@hauke hauke commented Jun 28, 2026

Copy link
Copy Markdown
Member

Commit 4ca0b14 ("ubusd_id: use getrandom(2) unconditionally on Linux") switched ID allocation from non-blocking /dev/urandom reads to getrandom(buf, len, 0). With flags == 0, getrandom() blocks until the kernel CRNG is fully seeded.

ubusd's first ID allocation runs inside procd's "ubus" stage, and procd does not advance past that stage until ubusd is up. urngd, which seeds the entropy pool quickly, is only started by procd after the "ubus" stage. On boards whose CRNG seeds slowly (e.g. Rockchip RK3328: NanoPi R2S / R2S Plus / R4S, Orange Pi R1 Plus LTS) nothing seeds the pool while ubusd waits, so boot stalls for minutes until slow timer/interrupt entropy fills it.

ubus IDs only need to be hard to guess, not cryptographically strong, and were sourced from non-blocking /dev/urandom for years. Use GRND_INSECURE, which returns bytes immediately without waiting for the CRNG, restoring the previous early-boot behaviour while keeping the benefits of getrandom() (no file descriptor, works before /dev/urandom exists). Define GRND_INSECURE for libc headers predating Linux 5.6.

Fixes: #21
Assisted-by: Claude:claude-opus-4-8

Commit 4ca0b14 ("ubusd_id: use getrandom(2) unconditionally on
Linux") switched ID allocation from non-blocking /dev/urandom reads to
getrandom(buf, len, 0). With flags == 0, getrandom() blocks until the
kernel CRNG is fully seeded.

ubusd's first ID allocation runs inside procd's "ubus" stage, and procd
does not advance past that stage until ubusd is up. urngd, which seeds
the entropy pool quickly, is only started by procd after the "ubus"
stage. On boards whose CRNG seeds slowly (e.g. Rockchip RK3328: NanoPi
R2S / R2S Plus / R4S, Orange Pi R1 Plus LTS) nothing seeds the pool
while ubusd waits, so boot stalls for minutes until slow timer/interrupt
entropy fills it.

ubus IDs only need to be hard to guess, not cryptographically strong,
and were sourced from non-blocking /dev/urandom for years. Use
GRND_INSECURE, which returns bytes immediately without waiting for the
CRNG, restoring the previous early-boot behaviour while keeping the
benefits of getrandom() (no file descriptor, works before /dev/urandom
exists). Define GRND_INSECURE for libc headers predating Linux 5.6.

Fixes: openwrt#21
Assisted-by: Claude:claude-opus-4-8
Link: openwrt#24
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
@hauke hauke force-pushed the ubusd-id-grnd-insecure branch from 257d0e9 to 24864e7 Compare June 28, 2026 14:47
@openwrt-bot openwrt-bot merged commit 24864e7 into openwrt:master Jun 28, 2026
10 checks passed
@hauke hauke deleted the ubusd-id-grnd-insecure branch June 28, 2026 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

ubusd_id: blocking getrandom() stalls boot for minutes on different NanoPi devices

2 participants