2018-02-08 22:02:51 |
Vineetha Kamath |
bug |
|
|
added bug |
2018-02-09 17:15:15 |
Hans Joachim Desserud |
tags |
|
xenial |
|
2018-02-09 17:54:02 |
Vineetha Kamath |
summary |
boot stalls looking for entropy in FIPS mode |
[SRU][xenial]boot stalls looking for entropy in FIPS mode |
|
2018-02-09 17:58:42 |
Vineetha Kamath |
libgcrypt20 (Ubuntu): assignee |
|
Vineetha Hari Pai (vineetha) |
|
2018-02-09 18:50:33 |
Vineetha Kamath |
description |
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library automatically goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable option currently in the library. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3 |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via a /etc/gcrypt/random.conf config file. The config setting can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
|
2018-02-09 18:51:48 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via a /etc/gcrypt/random.conf config file. The config setting can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via a /etc/gcrypt/random.conf config file. The config setting can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
|
2018-02-09 18:53:02 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via a /etc/gcrypt/random.conf config file. The config setting can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via /etc/gcrypt/random.conf config file. The config setting "only-urandom" can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
|
2018-02-09 20:48:16 |
Vineetha Kamath |
attachment added |
|
debdiff.xenial https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/1748310/+attachment/5052125/+files/debdiff.xenial |
|
2018-02-09 20:54:47 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via /etc/gcrypt/random.conf config file. The config setting "only-urandom" can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue only impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via /etc/gcrypt/random.conf config file. The config setting "only-urandom" can be used to set the entropy device to /dev/urandom globally in libgcrypt. So bionic libgcrypt is not impacted by this issue.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. Found no delays during boot after the patch fix was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
|
2018-02-09 20:58:31 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue only impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via /etc/gcrypt/random.conf config file. The config setting "only-urandom" can be used to set the entropy device to /dev/urandom globally in libgcrypt. So bionic libgcrypt is not impacted by this issue.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. Found no delays during boot after the patch fix was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via /etc/gcrypt/random.conf config file. The config setting "only-urandom" can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
|
2018-02-13 17:52:02 |
Marc Deslauriers |
nominated for series |
|
Ubuntu Xenial |
|
2018-02-13 17:52:02 |
Marc Deslauriers |
bug task added |
|
libgcrypt20 (Ubuntu Xenial) |
|
2018-02-14 19:46:10 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
This issue impacts xenial's version of libgcrypt. In later version of libgcrypt in Bionic, the entropy device is a global configurable option via /etc/gcrypt/random.conf config file. The config setting "only-urandom" can be used to set the entropy device to /dev/urandom globally in libgcrypt.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Get entropy from /dev/urandom device in FIPS mode. This does not block.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. This patch does not take away current functionality. It changes the entropy device in FIPS mode to /dev/urandom to get faster entropy. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Disable the two self tests that require entropy from /dev/random during boot in FIPS mode.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. The two self tests disabled does not impact any other functionality available in fips mode and non-fips mode of the library. |
|
2018-02-14 20:06:18 |
Vineetha Kamath |
attachment added |
|
debdiff.xenial https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/1748310/+attachment/5055411/+files/debdiff.xenial |
|
2018-02-14 20:09:55 |
Vineetha Kamath |
attachment added |
|
debdiff.bionic https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/1748310/+attachment/5055412/+files/debdiff.bionic |
|
2018-02-14 20:17:42 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
[FIX]
Disable the two self tests that require entropy from /dev/random during boot in FIPS mode.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. The two self tests disabled does not impact any other functionality available in fips mode and non-fips mode of the library. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
The issue impacts libgcrypt versions in xenial and bionic.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
lsb_release -rd
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
version - 1.8.1-4
[FIX]
Disable the two self tests that require entropy from /dev/random during boot in FIPS mode.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. The two self tests disabled does not impact any other functionality available in fips mode and non-fips mode of the library. |
|
2018-02-14 20:37:45 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
The issue impacts libgcrypt versions in xenial and bionic.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
lsb_release -rd
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
version - 1.8.1-4
[FIX]
Disable the two self tests that require entropy from /dev/random during boot in FIPS mode.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. The two self tests disabled does not impact any other functionality available in fips mode and non-fips mode of the library. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
The issue impacts libgcrypt versions in xenial and bionic.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
lsb_release -rd
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
version - 1.8.1-4
[FIX]
Disable the two self tests that require entropy from /dev/random in FIPS mode. This will prevent delays during boot.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
Tested on a VM installed with Bionic development release version of desktop ISO with full disk encryption. Installed the xenial FIPS kernel and installed the fixed libgcrypt and did not observe any delays during the boot.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. The two self tests disabled does not impact any other functionality available in fips mode and non-fips mode of the library. |
|
2018-02-16 19:06:05 |
Vineetha Kamath |
description |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
The issue impacts libgcrypt versions in xenial and bionic.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
lsb_release -rd
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
version - 1.8.1-4
[FIX]
Disable the two self tests that require entropy from /dev/random in FIPS mode. This will prevent delays during boot.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
Tested on a VM installed with Bionic development release version of desktop ISO with full disk encryption. Installed the xenial FIPS kernel and installed the fixed libgcrypt and did not observe any delays during the boot.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password.
[REGRESSION POTENTIAL]
The regression potential for this is small. The two self tests disabled does not impact any other functionality available in fips mode and non-fips mode of the library. |
[IMPACT]
libgcrypt20 is not a FIPS certified library. On a machine running FIPS enabled kernel, the library by default goes into FIPS mode if /proc/sys/crypto/fips_enabled=1. FIPS mode is not a configurable compile option currently in the library. Hence FIPS code paths are always executed on a FIPS enabled machine. In FIPS mode, it runs self tests and integrity checks and it looks for quality entropy from /dev/random. Additionally in desktop environments, gnome keyring daemon also queries libgcrypt for /dev/random entropy, slowing down the GUI startup.
On encrypted installations, cryptsetup uses libgcrypt20. During boot on an encrypted machine running in FIPS mode, cryptsetup invokes libgcrypt and it stalls looking for quality entropy from /dev/random. This results in significant delays during startup. The issue was reported by a FIPS customer.
The issue impacts libgcrypt versions in xenial and bionic.
lsb_release -rd
Description: Ubuntu 16.04.3 LTS
Release: 16.04
version - 1.6.5-2ubuntu0.3
lsb_release -rd
Description: Ubuntu Bionic Beaver (development branch)
Release: 18.04
version - 1.8.1-4
[FIX]
This fix proposes to disable libgcrypt reading /proc/sys/crypto/fips_enabled. We only want fips certified modules
reading this file and running in fips mode. libgcrypt is not one of our
fips certified modules, so should not be reading this along with our fips certified modules to determine whether to run in fips mode. The libgcrypt fips code in xenial is outdated and some algorithms are no longer allowed by recent FIPS 140-2 standards.
However, users do have the option to create a /etc/gcrypt/fips_enabled
file, manually, and force libgcrypt to run in fips mode. We propose to
leave this as is, so as to not regress anyone who is using this option.
We believe a user who uses this option is doing so with awareness.
[TEST]
Tested on a VM installed with xenial desktop iso and one with xenial server iso. Enabled full disk encryption during install. Tested with and without FIPS. No delays were observed during boot after the fix patch was applied.
Tested on a VM installed with Bionic development release version of desktop ISO with full disk encryption. Installed the xenial FIPS kernel and installed the fixed libgcrypt and did not observe any delays during the boot.
With FIPS enabled on encrypted install, without the patch fix, the boot stalls before and after prompting for decryption password. In desktop installations, a delay is observed during the GUI startup as well.
[REGRESSION POTENTIAL]
The regression potential for this is small. A fips kernel is required to
create /proc/sys/crypto/fips_enabled. For users forcing fips mode via
/etc/gcrypt/fips_enabled or the control option in libgcrypt, nothing has
changed. |
|
2018-02-16 20:06:05 |
Vineetha Kamath |
attachment added |
|
debdiff.xenial https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/1748310/+attachment/5056857/+files/debdiff.xenial |
|
2018-02-16 20:59:55 |
Vineetha Kamath |
attachment added |
|
debdiff.bionic https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/1748310/+attachment/5056878/+files/debdiff.bionic |
|
2018-02-20 16:45:20 |
Marc Deslauriers |
libgcrypt20 (Ubuntu Xenial): status |
New |
In Progress |
|
2018-02-20 16:45:23 |
Marc Deslauriers |
libgcrypt20 (Ubuntu): status |
New |
Fix Committed |
|
2018-02-20 16:45:38 |
Marc Deslauriers |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2018-02-21 03:24:51 |
Launchpad Janitor |
libgcrypt20 (Ubuntu): status |
Fix Committed |
Fix Released |
|
2018-02-21 12:00:32 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
2018-02-21 16:53:10 |
Robie Basak |
libgcrypt20 (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2018-02-21 16:53:12 |
Robie Basak |
bug |
|
|
added subscriber SRU Verification |
2018-02-21 16:53:14 |
Robie Basak |
tags |
xenial |
verification-needed verification-needed-xenial xenial |
|
2018-02-22 18:32:24 |
Vineetha Kamath |
libgcrypt20 (Ubuntu Xenial): assignee |
|
Vineetha Hari Pai (vineetha) |
|
2018-02-22 19:42:38 |
Vineetha Kamath |
tags |
verification-needed verification-needed-xenial xenial |
verification-done verification-done-xenial xenial |
|
2018-03-01 18:05:33 |
Nivedita Singhvi |
bug |
|
|
added subscriber Nivedita Singhvi |
2018-03-12 10:49:12 |
Launchpad Janitor |
libgcrypt20 (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2018-03-12 10:57:37 |
Ćukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|