After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 789208 - gnome keyring daemon stuck in an infinite loop in libgcrypt in FIPS mode
gnome keyring daemon stuck in an infinite loop in libgcrypt in FIPS mode
Status: RESOLVED OBSOLETE
Product: gnome-keyring
Classification: Core
Component: general
3.20.x
Other Linux
: Normal normal
: ---
Assigned To: GNOME keyring maintainer(s)
GNOME keyring maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2017-10-19 15:57 UTC by Vitezslav Cizek
Modified: 2021-06-18 10:40 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Vitezslav Cizek 2017-10-19 15:57:46 UTC
When a user logs in via gdm on a FIPS-enabled system, gnome keyring daemon gets stuck in an infinite loop, which prevents successful login.
Tested with gkd 3.20.0 and libgcrypt 1.8.1.

Here's what happens:

libgcrypt gets initialized by egg_libgcrypt_initialize().
_gcry_rndlinux_gather_random opens /dev/random and stores the file descriptor to a static variable fd_random.

To become a daemon, gnome keyring performs a double fork and later does a descriptor cleanup in redirect_fds_after_fork(), which reopens /dev/null over descriptors 0-2.

Descriptor 2 before redirect_fds_after_fork():
# ls -l  /proc/10049/fd/2
lr-x------ 1 test users 64 19. říj 17.38 /proc/10049/fd/2 -> /dev/random

After:
 # ls -l  /proc/10049/fd/2
lr-x------ 1 test users 64 19. říj 17.38 /proc/10049/fd/2 -> /dev/null

libgcrypt however still believes that descriptor 2 points to the random device, so when _gcry_rndlinux_gather_random() is invoked again, it repeatedly read()s 0 byte blocks from the descriptor, creating an infinite loop.

Backtrace that leads to _gcry_rndlinux_gather_random() after the second fork():

  • #0 _gcry_rndlinux_gather_random
    at rndlinux.c line 315
  • #1 drbg_get_entropy
    at random-drbg.c line 622
  • #2 drbg_seed
    at random-drbg.c line 1361
  • #3 drbg_reseed
    at random-drbg.c line 1680
  • #4 _gcry_rngdrbg_randomize
    at random-drbg.c line 1930
  • #5 _gcry_create_nonce
    at random.c line 504
  • #6 gcry_create_nonce
    at visibility.c line 1364
  • #7 gkm_secret_binary_write
    at pkcs11/secret-store/gkm-secret-binary.c line 596
  • #8 gkm_secret_collection_save
    at pkcs11/secret-store/gkm-secret-collection.c line 913
  • #9 gkm_session_complete_object_creation
    at pkcs11/gkm/gkm-session.c line 877
  • #10 factory_create_collection
    at pkcs11/secret-store/gkm-secret-collection.c line 348
  • #11 gkm_session_create_object_for_factory
    at pkcs11/gkm/gkm-session.c line 777
  • #12 gkm_session_create_object_for_attributes
    at pkcs11/gkm/gkm-session.c line 819
  • #13 gkm_session_C_CreateObject
    at pkcs11/gkm/gkm-session.c line 953
  • #14 gkm_C_CreateObject
    at pkcs11/gkm/gkm-module-ep.h line 471
  • #15 wrap_C_CreateObject
    at pkcs11/wrap-layer/gkm-wrap-layer.c line 741
  • #16 ??
    from /usr/lib64/libgck-1.so.0
  • #17 ??
    from /usr/lib64/libgck-1.so.0
  • #18 gck_session_create_object
    from /usr/lib64/libgck-1.so.0
  • #19 create_login_keyring
    at daemon/login/gkd-login.c line 160
  • #20 unlock_or_create_login
    at daemon/login/gkd-login.c line 214
  • #21 gkd_login_unlock
    at daemon/login/gkd-login.c line 282
  • #22 gkr_daemon_initialize_steps
    at daemon/gkd-main.c line 762
  • #23 gkd_main_complete_initialization
    at daemon/gkd-main.c line 819
  • #24 control_initialize_components
    at daemon/control/gkd-control-server.c line 165
  • #25 control_process
    at daemon/control/gkd-control-server.c line 226
  • #26 control_input
    at daemon/control/gkd-control-server.c line 338
  • #27 g_main_context_dispatch
    from /usr/lib64/libglib-2.0.so.0
  • #28 ??
    from /usr/lib64/libglib-2.0.so.0
  • #29 g_main_loop_run
    from /usr/lib64/libglib-2.0.so.0
  • #30 main
    at daemon/gkd-main.c line 1009

Comment 1 André Klapper 2021-06-18 10:40:51 UTC
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME/gnome-keyring/-/issues/

Thank you for your understanding and your help.