Ubuntu
rng-tools package

[MIR] rng-tools

Bug #1564675 reported by Tyler Hicks
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
rng-tools (Ubuntu)
Invalid
High
Unassigned

Bug Description

[Availability]

rng-tools is in universe and builds on all architectures.

[Rationale]

ARM based Snappy Ubuntu Core devices typically have a hardware number generator exposed through /dev/hwrng. The rngd daemon, from rng-tools, is needed to read from /dev/hwrng and prime /dev/random. This will allow programs that use /dev/random to generate keys to quickly generate strong keys without blocking on reads from /dev/random.

The rng-tools package should be part of the Snappy Ubuntu Core image to aide in key generation. It may be desirable to include it in other images (server, cloud, desktop) in the future.

The rngd daemon is also useful on most business-class laptops as well as workstations and servers that have a TPM chip. The tpm-rng module can be loaded at boot time, after manually updating /etc/modules, so that the TPM's random number generator is used to back the /dev/hwrng device file.

[Security]

rngd is a daemon running as root. The amount of code involved is very small but there is a slight security concern. The Ubuntu Security team will do an audit.

[Quality assurance]

rngd works out of the box when /dev/hwrng is backed by a hardware random number generator. If /dev/hwrng is not backed by anything, rngd simply exits.

There is a long-term outstanding bug (bug #571728) but I doubt that it is still valid in newer releases and the reporter claims that it is specific to his laptop model, as well. I'm in the process of investigating this bug on my hardware.

rng-tools in Ubuntu has diverged from the rather old version in Debian. We are currently in sync with the latest upstream version.

rng-tools has a diagnostic tool, rngtest, that can be used to run through FIPS tests that "grade" the random date provided by /dev/hwrng.

[UI standards]

rng-tools is primarily a system level daemon and provides no user facing surfaces.

[Dependencies]

All build and binary dependencies are already in main.

[Standards compliance]

I believe the package is in good shape in these regards.

[Maintenance]

rng-tools is very simple and the Ubuntu Security team will subscribe to their bugs.

[Background information]

N/A

See original description
Tyler Hicks (tyhicks)
description: updated
Michael Terry (mterry)
Changed in rng-tools (Ubuntu):
assignee: nobody → Ubuntu Security Team (ubuntu-security)
Revision history for this message
Michael Terry (mterry) wrote :

From a non-security POV, this seems OK. I wish Debian was more active, seems like we're maintaining this ourselves. And tests would be nice. But that's on upstream.

So needs:
- a security review (already planned)
- a team bug subscriber (security said they would subscribe)

Changed in rng-tools (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → nobody
status: New → Incomplete
assignee: nobody → Ubuntu Security Team (ubuntu-security)
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

The kernel already feeds the hwrng into /dev/random. The user-space daemon is no longer necessary, and may in fact be a bad idea.

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be4000bc4644d027c519b6361f5ae3bbfc52c347

Revision history for this message
Tyler Hicks (tyhicks) wrote : Re: [Bug 1564675] Re: [MIR] rng-tools

On 2016-04-01 13:34:45, Marc Deslauriers wrote:
> The kernel already feeds the hwrng into /dev/random. The user-space
> daemon is no longer necessary, and may in fact be a bad idea.
>
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be4000bc4644d027c519b6361f5ae3bbfc52c347

Thanks for pointing out this commit. I've spent some time looking into
whether we should use rng-tools or the hwrng kthread. My conclusion is
that the hwrng kthread is the best choice for Snappy Ubuntu Core
devices.

The hwrng kthread allows us to tune the quality of the hwrng on a
per-board basis. Actually, we're forced to do so because most hwrng
kernel drivers do not set the quality member of struct hwrng. Gadget
snap authors will need to determine the best hwrng quality value for
their hardware.

One downside of using the hwrng kthread instead of rngd is that we lose
the FIPS 140-2 tests that help to give some level of assurance that the
hwrng device is outputting random looking values. The kernel thread does
not run the bits through any tests. However, the rngtest program from
rng-tools could still be used by gadget snap authors to manually verify
their boards.

I'm marking this MIR as invalid since we're not going forward with
seeding rng-tools in Snappy Ubuntu Core.

Tyler Hicks (tyhicks)
Changed in rng-tools (Ubuntu):
status: Incomplete → Opinion
status: Opinion → Invalid
assignee: Ubuntu Security Team (ubuntu-security) → nobody
Revision history for this message
Jeffrey Walton (noloader) wrote :

Two related Debian bugs:

* "rng-tools does not perform as expected on Beaglebone Black with OMAP hw rng", https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911043
* "rng-tools: No systemd .service file", https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776597

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.