[MIR] rng-tools
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rng-tools (Ubuntu) |
Invalid
|
High
|
Unassigned |
Bug Description
[Availability]
rng-tools is in universe and builds on all architectures.
[Rationale]
ARM based Snappy Ubuntu Core devices typically have a hardware number generator exposed through /dev/hwrng. The rngd daemon, from rng-tools, is needed to read from /dev/hwrng and prime /dev/random. This will allow programs that use /dev/random to generate keys to quickly generate strong keys without blocking on reads from /dev/random.
The rng-tools package should be part of the Snappy Ubuntu Core image to aide in key generation. It may be desirable to include it in other images (server, cloud, desktop) in the future.
The rngd daemon is also useful on most business-class laptops as well as workstations and servers that have a TPM chip. The tpm-rng module can be loaded at boot time, after manually updating /etc/modules, so that the TPM's random number generator is used to back the /dev/hwrng device file.
[Security]
rngd is a daemon running as root. The amount of code involved is very small but there is a slight security concern. The Ubuntu Security team will do an audit.
[Quality assurance]
rngd works out of the box when /dev/hwrng is backed by a hardware random number generator. If /dev/hwrng is not backed by anything, rngd simply exits.
There is a long-term outstanding bug (bug #571728) but I doubt that it is still valid in newer releases and the reporter claims that it is specific to his laptop model, as well. I'm in the process of investigating this bug on my hardware.
rng-tools in Ubuntu has diverged from the rather old version in Debian. We are currently in sync with the latest upstream version.
rng-tools has a diagnostic tool, rngtest, that can be used to run through FIPS tests that "grade" the random date provided by /dev/hwrng.
[UI standards]
rng-tools is primarily a system level daemon and provides no user facing surfaces.
[Dependencies]
All build and binary dependencies are already in main.
[Standards compliance]
I believe the package is in good shape in these regards.
[Maintenance]
rng-tools is very simple and the Ubuntu Security team will subscribe to their bugs.
[Background information]
N/A
description: | updated |
Changed in rng-tools (Ubuntu): | |
assignee: | nobody → Ubuntu Security Team (ubuntu-security) |
Changed in rng-tools (Ubuntu): | |
status: | Incomplete → Opinion |
status: | Opinion → Invalid |
assignee: | Ubuntu Security Team (ubuntu-security) → nobody |
From a non-security POV, this seems OK. I wish Debian was more active, seems like we're maintaining this ourselves. And tests would be nice. But that's on upstream.
So needs:
- a security review (already planned)
- a team bug subscriber (security said they would subscribe)