[SERVER-51803] Please backport SERVER-43641 Created: 22/Oct/20  Updated: 10/Nov/20  Resolved: 10/Nov/20

Status: Closed
Project: Core Server
Component/s: Internal Code
Affects Version/s: 4.0.20, 4.2.9
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Юрий Соколов Assignee: Spencer Jackson
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
backports SERVER-43641 platform/random.h causing bugs, upgra... Closed
Duplicate
duplicates SERVER-25659 InputStreamSecureRandom should open t... Closed
Operating System: ALL
Sprint: Security 2020-11-16
Participants:

 Description   

We have many mongos (v4.0.20) instances running in a pod in kubernetes. And there is a lot of such pods in every node.

Occasionally we got strange error:

 2020-10-19T07:37:08.257+0000 E - [TaskExecutorPool-0] cannot open /dev/urandom Operation not permitted
 2020-10-19T07:37:08.257+0000 F - [TaskExecutorPool-0] Fatal Assertion 28839 at src/mongo/platform/random.cpp 161
 2020-10-19T07:37:08.280+0000 F - [TaskExecutorPool-0] Got signal: 6 (Aborted).

(Sometimes it is [conn-nnn] instead of [TaskExecutorPool-0])

Looks like there some kernel bug or limitation concerning too many openings of /dev/urandom (probably, in conjunction with lxc environment).

Looks like patch for https://jira.mongodb.org/browse/SERVER-43641 fixes it by opening /dev/urandom just once in a process (while it was not main intention of a patch)
https://github.com/mongodb/mongo/commit/e1f433d2c47f623ceb5d1d1aee7605fefb71b846#diff-e00f3865e22fbd4dfd1c2e65cbac4e9e53e5e008e79260a1b6a333c67de64f36L154-R184

Could you backport this patch to 4.0.x and 4.2.x, please? Or just make similar thing: open /dev/urandom once per process.



 Comments   
Comment by Spencer Jackson [ 10/Nov/20 ]

Unfortunately, I do not believe backporting SERVER-43641 would be feasible. Random number generation is integral to several server components, and to our test infrastructure. The initial work done in SERVER-43641 resulted in follow-on work to upgrade some usage of non-cryptographic PRNGs to tolerate different outputs from the generators. These changes relied on newer APIs that existed in the server, and so cannot be backported. My recommendation would be to file an upstream issue with your containerization services to figure out why opening /dev/urandom results in "operation not permitted", or upgrade to a newer version of MongoDB that contains SERVER-43641.

Comment by Eric Sedor [ 26/Oct/20 ]

Hello,

We do have SERVER-25659 open, which looks like it may help. But we are passing this ticket on to an appropriate team to comment on the feasibility of backporting SERVER-43641.

Generated at Thu Feb 08 05:26:29 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.