Mir

Merge lp:~mir-team/mir/lazy-cookie-secret-creation into lp:mir

  1. lazy-cookie-secret-creation
  2. Merge into development-branch
Proposed by Brandon Schaefer
Status: Work in progress
Proposed branch: lp:~mir-team/mir/lazy-cookie-secret-creation
Merge into: lp:mir
Diff against target: 88 lines (+20/-9)
3 files modified
src/cookie/authority.cpp (+18/-7)
tests/acceptance-tests/test_server_startup.cpp (+1/-1)
tests/unit-tests/test_mir_cookie.cpp (+1/-1)
To merge this branch: bzr merge lp:~mir-team/mir/lazy-cookie-secret-creation
Reviewer Review Type Date Requested Status
Daniel van Vugt Disapprove
Mir CI Bot continuous-integration Needs Fixing
Cemil Azizoglu (community) Needs Fixing
Review via email: mp+287372@code.launchpad.net

Commit message

Delay creating the secret so we dont block on /dev/random on boot.

Description of the change

Delay creating the secret so we dont block on /dev/random on boot.

Tested by:

You can check the entropy pool:
watch -n 0.1 cat /proc/sys/kernel/random/entropy_avail

PrePatch (ie. bug)
In a ssh session or tty1 "cat /dev/random" // eats up all the entropy
log into unity8 (Black screen and nothing!)

With this patch:
cat /dev/random again
log into unity8 (while smashing on the keys/mouse to attempt to get the secret created)
login works!

Note there was also discussion to remove create_saving, which we can remove. Just wanted to create this quick fix with out breaking API/ABI of the libcookie. Ill be creating a branch soon to remove that create function + a function that returns the secret.

To post a comment you must log in.
lp:~mir-team/mir/lazy-cookie-secret-creation updated
3347. By Brandon Schaefer

* Enable the regession tests

Revision history for this message
Mir CI Bot (mir-ci-bot) wrote :

PASSED: Continuous integration, rev:3346
https://mir-jenkins.ubuntu.com/job/mir-ci/424/
Executed test runs:
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-mir/231
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-0-fetch/255
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-1-sourcepkg/release=vivid+overlay/247
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-1-sourcepkg/release=xenial/247
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=clang,platform=mesa,release=vivid+overlay/238
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=clang,platform=mesa,release=vivid+overlay/238/artifact/output/*zip*/output.zip
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=gcc,platform=mesa,release=xenial/238
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=gcc,platform=mesa,release=xenial/238/artifact/output/*zip*/output.zip
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=cross-armhf,compiler=gcc,platform=android,release=vivid+overlay/238
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=cross-armhf,compiler=gcc,platform=android,release=vivid+overlay/238/artifact/output/*zip*/output.zip
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=android,release=vivid+overlay/238
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=android,release=vivid+overlay/238/artifact/output/*zip*/output.zip
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=mesa,release=xenial/238
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=mesa,release=xenial/238/artifact/output/*zip*/output.zip

Click here to trigger a rebuild:
https://mir-jenkins.ubuntu.com/job/mir-ci/424/rebuild

review: Approve (continuous-integration)
Reply
Revision history for this message
Cemil Azizoglu (cemil-azizoglu) wrote :

16 + BOOST_THROW_EXCEPTION(std::logic_error("Secret size " + std::to_string(passed_secret.size()) + " is to small, require " +

1. Line too long.
2. s/"to small"/"too small"

review: Needs Fixing
Reply
lp:~mir-team/mir/lazy-cookie-secret-creation updated
3348. By Brandon Schaefer

* Fix throw

Revision history for this message
Mir CI Bot (mir-ci-bot) wrote :

FAILED: Continuous integration, rev:3347
https://mir-jenkins.ubuntu.com/job/mir-ci/425/
Executed test runs:
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-mir/233/console
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-0-fetch/257
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-1-sourcepkg/release=vivid+overlay/249
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-1-sourcepkg/release=xenial/249
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=clang,platform=mesa,release=vivid+overlay/240/console
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=gcc,platform=mesa,release=xenial/240/console
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=cross-armhf,compiler=gcc,platform=android,release=vivid+overlay/240
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=cross-armhf,compiler=gcc,platform=android,release=vivid+overlay/240/artifact/output/*zip*/output.zip
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=android,release=vivid+overlay/240
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=android,release=vivid+overlay/240/artifact/output/*zip*/output.zip
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=mesa,release=xenial/240/console

Click here to trigger a rebuild:
https://mir-jenkins.ubuntu.com/job/mir-ci/425/rebuild

review: Needs Fixing (continuous-integration)
Reply
Revision history for this message
Mir CI Bot (mir-ci-bot) wrote :

FAILED: Continuous integration, rev:3348
https://mir-jenkins.ubuntu.com/job/mir-ci/426/
Executed test runs:
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-mir/234/console
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-0-fetch/258
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-1-sourcepkg/release=vivid+overlay/250
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-1-sourcepkg/release=xenial/250
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=clang,platform=mesa,release=vivid+overlay/241/console
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=amd64,compiler=gcc,platform=mesa,release=xenial/241/console
    SUCCESS: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=cross-armhf,compiler=gcc,platform=android,release=vivid+overlay/241
        deb: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=cross-armhf,compiler=gcc,platform=android,release=vivid+overlay/241/artifact/output/*zip*/output.zip
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=android,release=vivid+overlay/241/console
    FAILURE: https://mir-jenkins.ubuntu.com/job/build-2-binpkg-mir/arch=i386,compiler=gcc,platform=mesa,release=xenial/241/console

Click here to trigger a rebuild:
https://mir-jenkins.ubuntu.com/job/mir-ci/426/rebuild

review: Needs Fixing (continuous-integration)
Reply
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

You're only deferring the problem and not solving it. This branch simply moves the hang/crash to a later location where the regression tests don't cover it any more.

So you need new regression tests to cover the new code here, and to prove that at no stage during executing does Mir hang indefinitely or crash due to lack of entropy.

Needs fixing: No test coverage

also Disapprove: The best you can achieve this with approach is to move the hang+crash to a later location. And that's still not acceptable.

review: Disapprove
Reply

Unmerged revisions

3348. By Brandon Schaefer

* Fix throw

3347. By Brandon Schaefer

* Enable the regession tests

3346. By Brandon Schaefer

* Delay making the secret if no one wants one right away

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'src/cookie/authority.cpp'
--- src/cookie/authority.cpp 2016-01-29 08:18:22 +0000
+++ src/cookie/authority.cpp 2016-02-26 22:51:56 +0000
@@ -123,13 +123,15 @@
123class AuthorityNettle : public mir::cookie::Authority123class AuthorityNettle : public mir::cookie::Authority
124{124{
125public:125public:
126 AuthorityNettle(mir::cookie::Secret const& secret)126 AuthorityNettle() = default;
127
128 explicit AuthorityNettle(mir::cookie::Secret const& passed_secret)
127 {129 {
128 if (secret.size() < minimum_secret_size)130 if (passed_secret.size() < minimum_secret_size)
129 BOOST_THROW_EXCEPTION(std::logic_error("Secret size " + std::to_string(secret.size()) + " is to small, require " +131 BOOST_THROW_EXCEPTION(std::logic_error("Secret size " + std::to_string(passed_secret.size()) +
132 " is too small, require " +
130 std::to_string(minimum_secret_size) + " or greater."));133 std::to_string(minimum_secret_size) + " or greater."));
131134 set_secret(passed_secret);
132 hmac_sha1_set_key(&ctx, secret.size(), secret.data());
133 }135 }
134136
135 virtual ~AuthorityNettle() noexcept = default;137 virtual ~AuthorityNettle() noexcept = default;
@@ -137,6 +139,9 @@
137139
138 std::unique_ptr<mir::cookie::Cookie> make_cookie(uint64_t const& timestamp) override140 std::unique_ptr<mir::cookie::Cookie> make_cookie(uint64_t const& timestamp) override
139 {141 {
142 if (secret.empty())
143 set_secret(get_random_data(optimal_secret_size()));
144
140 return std::make_unique<mir::cookie::HMACCookie>(timestamp, calculate_cookie(timestamp), mir::cookie::Format::hmac_sha_1_8);145 return std::make_unique<mir::cookie::HMACCookie>(timestamp, calculate_cookie(timestamp), mir::cookie::Format::hmac_sha_1_8);
141 }146 }
142147
@@ -183,6 +188,12 @@
183 }188 }
184189
185private:190private:
191 void set_secret(mir::cookie::Secret const& passed_secret)
192 {
193 secret = passed_secret;
194 hmac_sha1_set_key(&ctx, secret.size(), secret.data());
195 }
196
186 std::vector<uint8_t> calculate_cookie(uint64_t const& timestamp)197 std::vector<uint8_t> calculate_cookie(uint64_t const& timestamp)
187 {198 {
188 std::vector<uint8_t> mac(mac_byte_size);199 std::vector<uint8_t> mac(mac_byte_size);
@@ -204,6 +215,7 @@
204 }215 }
205216
206 struct hmac_sha1_ctx ctx;217 struct hmac_sha1_ctx ctx;
218 mir::cookie::Secret secret;
207};219};
208220
209size_t mir::cookie::Authority::optimal_secret_size()221size_t mir::cookie::Authority::optimal_secret_size()
@@ -227,6 +239,5 @@
227239
228std::unique_ptr<mir::cookie::Authority> mir::cookie::Authority::create()240std::unique_ptr<mir::cookie::Authority> mir::cookie::Authority::create()
229{241{
230 auto secret = get_random_data(optimal_secret_size());242 return std::make_unique<AuthorityNettle>();
231 return std::make_unique<AuthorityNettle>(secret);
232}243}
233244
=== modified file 'tests/acceptance-tests/test_server_startup.cpp'
--- tests/acceptance-tests/test_server_startup.cpp 2016-02-26 03:37:46 +0000
+++ tests/acceptance-tests/test_server_startup.cpp 2016-02-26 22:51:56 +0000
@@ -68,7 +68,7 @@
68 });68 });
69}69}
7070
71TEST(ServerStartupReliability, DISABLED_can_start_with_low_entropy)71TEST(ServerStartupReliability, can_start_with_low_entropy)
72{ // Regression test for LP: #1536662 and LP: #154118872{ // Regression test for LP: #1536662 and LP: #1541188
73 using namespace ::testing;73 using namespace ::testing;
7474
7575
=== modified file 'tests/unit-tests/test_mir_cookie.cpp'
--- tests/unit-tests/test_mir_cookie.cpp 2016-02-26 03:37:46 +0000
+++ tests/unit-tests/test_mir_cookie.cpp 2016-02-26 22:51:56 +0000
@@ -119,7 +119,7 @@
119 Ge(mir::cookie::Authority::minimum_secret_size));119 Ge(mir::cookie::Authority::minimum_secret_size));
120}120}
121121
122TEST(MirCookieAuthority, DISABLED_given_low_entropy_does_not_hang_or_crash)122TEST(MirCookieAuthority, given_low_entropy_does_not_hang_or_crash)
123{ // Regression test for LP: #1536662 and LP: #1541188123{ // Regression test for LP: #1536662 and LP: #1541188
124 using namespace testing;124 using namespace testing;
125125

Subscribers

People subscribed via source and target branches