Project

General

Profile

Actions

Bug #3215

open

NFD crash with "open /dev/urandom operation failed" when reaching ulimit

Added by Alex Afanasyev about 9 years ago. Updated over 8 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Management
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
3.00 h

Description

Snippet to reproduce:

// g++ -o x -std=c++0x x.cpp $(pkg-config --cflags --libs libndn-cxx)
#include <boost/asio.hpp>
#include <ndn-cxx/face.hpp>
#include <ndn-cxx/security/key-chain.hpp>

using namespace ndn;

int main() {
  boost::asio::io_service io;
  KeyChain keyChain;
  std::vector<unique_ptr<Face>> faces;
  for (int i = 0; i < 1200; ++i) {
    faces.emplace_back(new Face(nullptr, io, keyChain));
    faces.back()->processEvents(time::milliseconds(100));
    std::cout << i << std::endl;
  }

  sleep(600);

  return 0;
}

Steps to reproduce:

  1. open a console with root privileges (sudo -i), execute ulimit -u 1024 followed by nfd (not nfd-start)
  2. open another console without root privileges, execute ulimit -u and confirm the output is greater than 10000, then execute the compiled snippet

Expected: NFD does not crash; the snippet may crash

Actual: NFD crashes with FATAL: [NFD] OS_Rng: open /dev/urandom operation failed with error 24, and snippet stops after printing "995"

Actions #1

Updated by Junxiao Shi over 8 years ago

  • Subject changed from Unhandled security-related exception to NFD crash with "open /dev/urandom operation failed" when reaching ulimit
  • Description updated (diff)

Original report: http://www.lists.cs.ucla.edu/pipermail/ndn-interest/2015-September/000842.html

After changing NfdRunner::run to print extended exception information, the error message becomes FATAL: [NFD] OS_Rng: open /dev/urandom operation failed with error 24 [from ../src/security/sec-tpm-file.cpp:410 in virtual ndn::Block ndn::SecTpmFile::signInTpm(const uint8_t*, size_t, const ndn::Name&, ndn::DigestAlgorithm)].

I guess this is called for signing the packet of face events notification.

Actions #2

Updated by Junxiao Shi over 8 years ago

  • Category set to Management
  • Estimated time set to 3.00 h

The exception is thrown by https://github.com/named-data/ndn-cxx/blob/57e003638d3fe92ecc271c4bb36ff84e481b067d/src/security/sec-tpm-file.cpp#L410.
I think this should be solved in ndn::mgmt::Dispatcher, but I don't know what's the correct reaction.

We could skip sending the notification, but same could happen when signing ControlCommand response.

Actions #3

Updated by Alex Afanasyev over 8 years ago

Why do you expect successful completion, if you set up limit of 1024 handles and trying to create 1200 faces? Behavior is kind of correct. A more correct behavior would be to make sure NFD does't crash, but the snippet has to fail in any case.

Though I'm not sure there is an easy way to reliably accomplish not failing NFD. Ulimit-caused exception can be generated in various places...

Actions #4

Updated by Junxiao Shi over 8 years ago

  • Description updated (diff)
Actions

Also available in: Atom PDF