Set CONFIG_RANDOM_TRUST_CPU=y

Bug #1823754 reported by Seth Forshee on 2019-04-08
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-aws (Ubuntu)
High
Seth Forshee
linux-azure (Ubuntu)
High
Seth Forshee
linux-gcp (Ubuntu)
High
Seth Forshee
linux-kvm (Ubuntu)
High
Seth Forshee

Bug Description

SRU Justification

Impact: Turning this option on will make our kernels by default trust the CPU's random number generator for the purpose of initializing the kernel's CRNG on Intel, AMD, and IBM CPUs. Users can disable this at boot time by passing random.trust_cpu=off. Turning this on has the potential to prevent getrandom(2) from blocking during early boot. This option was turned on in the master kernel shortly before disco kernel freeze; this bug is about propagating the option to derivative kernels.

Regression Potential: No user-visible regressions are expected. Some security-conscious users may prefer to not trust the CPU maker's RNG, but in that case the boot options is available.

Test Case: The benefit is difficult to verify empirically in Ubuntu kernels since we carry a patch to avoid problems with getrandom(2) blocking immediately following boot. However, it is possible to see whether or not the kernel used the CPU RNG for initializing the CRNG by searching for the string "random: crng done (trusting CPU's manufacturer)" in dmesg.

CVE References

Seth Forshee (sforshee) on 2019-04-08
Changed in linux-aws (Ubuntu):
assignee: nobody → Seth Forshee (sforshee)
importance: Undecided → High
status: New → In Progress
Changed in linux-gcp (Ubuntu):
assignee: nobody → Seth Forshee (sforshee)
importance: Undecided → High
status: New → In Progress
Changed in linux-kvm (Ubuntu):
assignee: nobody → Seth Forshee (sforshee)
importance: Undecided → High
status: New → In Progress
Seth Forshee (sforshee) on 2019-04-08
Changed in linux-aws (Ubuntu):
status: In Progress → Fix Committed
Changed in linux-azure (Ubuntu):
status: In Progress → Fix Committed
Changed in linux-gcp (Ubuntu):
status: In Progress → Fix Committed
Changed in linux-kvm (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-aws - 5.0.0-1002.2

---------------
linux-aws (5.0.0-1002.2) disco; urgency=medium

  * linux-aws: 5.0.0-1002.2 -proposed tracker (LP: #1823219)

  * Set CONFIG_RANDOM_TRUST_CPU=y (LP: #1823754)
    - [Config] CONFIG_RANDOM_TRUST_CPU=y

  * net and ftrace selftests failures due to missing test modules (LP: #1823407)
    - SAUCE: selftests: net: don't fail test_bpf when module is not present
    - SAUCE: selftests: ftrace: don't fail for unresolved tests

  * Please ship the ib_uverbs driver module in the main modules package
    (LP: #1822692)
    - [config] AWS: ib_uverbs.ko, ib_umad.ko moved to linux-modules package

  * Miscellaneous Ubuntu changes
    - [Config] update configs following rebase to 5.0.0-10.11

 -- Seth Forshee <email address hidden> Tue, 09 Apr 2019 11:13:53 -0500

Changed in linux-aws (Ubuntu):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (50.2 KiB)

This bug was fixed in the package linux-kvm - 5.0.0-1002.2

---------------
linux-kvm (5.0.0-1002.2) disco; urgency=medium

  * linux-kvm: 5.0.0-1002.2 -proposed tracker (LP: #1823222)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

  * Set CONFIG_RANDOM_TRUST_CPU=y (LP: #1823754)
    - [Config] CONFIG_RANDOM_TRUST_CPU=y

  * CONFIG_SECURITY_SELINUX_DISABLE should be disabled on KVM kernel
    (LP: #1812153)
    - [Config]: disable CONFIG_SECURITY_SELINUX_DISABLE

  * Miscellaneous Ubuntu changes
    - [Packaging] enable nvidia dkms build
    - [Config] update configs after rebase to 5.0.0-10.11

  [ Ubuntu: 5.0.0-10.11 ]

  * linux: 5.0.0-10.11 -proposed tracker (LP: #1823936)
  * Apparmor enforcement failure in lxc selftests (LP: #1823379)
    - SAUCE: apparmor: Restore Y/N in /sys for apparmor's "enabled"
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244)
    - openvswitch: fix flow actions reallocation

  [ Ubuntu: 5.0.0-9.10 ]

  * linux: 5.0.0-9.10 -proposed tracker (LP: #1823228)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction
  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next/hinic: replace disable_irq_nosync/enable_irq
  * Add uid shifting overlay filesystem (shiftfs) (LP: #1823186)
    - shiftfs: uid/gid shifting bind mount
    - shiftfs: rework and extend
    - shiftfs: support some btrfs ioctls
    - [Config] enable shiftfs
  * Cannot boot or install - have to use nomodeset (LP: #1821820)
    - Revert "drm/i915/fbdev: Actually configure untiled displays"
  * Disco update: v5.0.6 upstream stable release (LP: #1823060)
    - netfilter: nf_tables: fix set double-free in abort path
    - dccp: do not use ipv6 header for ipv4 flow
    - genetlink: Fix a memory leak on error path
    - gtp: change NET_UDP_TUNNEL dependency to select
    - ipv6: make ip6_create_rt_rcu return ip6_null_entry instead of NULL
    - mac8390: Fix mmio access size probe
    - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
    - net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
    - net: datagram: fix unbounded loop in __skb_try_recv_datagram()
    - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
    - net: phy: meson-gxl: fix interrupt support
    - net: rose: fix a possible stack overflow
    - net: stmmac: fix memory corruption with large MTUs
    - net-sysfs: call dev_hold if kobject_init_and_add success
    - net: usb: aqc111: Extend HWID table by QNAP device
    - packets: Always register packet sk in the same order
    - rhashtable: Still do rehash when we get EEXIST
    - sctp: get sctphdr by offset in sctp_compute_cksum
    - sctp: use memdup_user instead of vmemdup_user
    - tcp: do not use ipv6 header for ipv4 flow
    - tipc: allow service ranges to be connect()'ed on RDM/DGRAM
    - tipc: change to check tipc_own_id to return in tipc_net_stop
    - tipc: fix cancellation of topology subscriptions
    - tun: properly test for IFF_UP
    - vrf: prevent adding upper devices
    - v...

Changed in linux-kvm (Ubuntu):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (50.3 KiB)

This bug was fixed in the package linux-azure - 5.0.0-1002.2

---------------
linux-azure (5.0.0-1002.2) disco; urgency=medium

  * linux-azure: 5.0.0-1002.2 -proposed tracker (LP: #1823220)

  * Set CONFIG_RANDOM_TRUST_CPU=y (LP: #1823754)
    - [Config] CONFIG_RANDOM_TRUST_CPU=y

  * PAGE_POISONING / PAGE_POISONING_NO_SANITY / PAGE_POISONING_ZERO option was
    expected to be set in C-KVM (LP: #1812624)
    - [Config]: enable PAGE_POISONING, PAGE_POISONING_NO_SANITY,
      PAGE_POISONING_ZERO

  * Add CONFIG_NO_HZ_FULL=y to linux-azure kernels (LP: #1818138)
    - [Config] linux-azure: CONFIG_NO_HZ_FULL=y

  * Miscellaneous Ubuntu changes
    - [Config] update configs after rebase to 5.0.0-10.11
    - Revert "UBUNTU: [Config] azure: CONFIG_HOTPLUG_CPU=n"

  [ Ubuntu: 5.0.0-10.11 ]

  * linux: 5.0.0-10.11 -proposed tracker (LP: #1823936)
  * Apparmor enforcement failure in lxc selftests (LP: #1823379)
    - SAUCE: apparmor: Restore Y/N in /sys for apparmor's "enabled"
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244)
    - openvswitch: fix flow actions reallocation

  [ Ubuntu: 5.0.0-9.10 ]

  * linux: 5.0.0-9.10 -proposed tracker (LP: #1823228)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction
  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next/hinic: replace disable_irq_nosync/enable_irq
  * Add uid shifting overlay filesystem (shiftfs) (LP: #1823186)
    - shiftfs: uid/gid shifting bind mount
    - shiftfs: rework and extend
    - shiftfs: support some btrfs ioctls
    - [Config] enable shiftfs
  * Cannot boot or install - have to use nomodeset (LP: #1821820)
    - Revert "drm/i915/fbdev: Actually configure untiled displays"
  * Disco update: v5.0.6 upstream stable release (LP: #1823060)
    - netfilter: nf_tables: fix set double-free in abort path
    - dccp: do not use ipv6 header for ipv4 flow
    - genetlink: Fix a memory leak on error path
    - gtp: change NET_UDP_TUNNEL dependency to select
    - ipv6: make ip6_create_rt_rcu return ip6_null_entry instead of NULL
    - mac8390: Fix mmio access size probe
    - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
    - net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
    - net: datagram: fix unbounded loop in __skb_try_recv_datagram()
    - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
    - net: phy: meson-gxl: fix interrupt support
    - net: rose: fix a possible stack overflow
    - net: stmmac: fix memory corruption with large MTUs
    - net-sysfs: call dev_hold if kobject_init_and_add success
    - net: usb: aqc111: Extend HWID table by QNAP device
    - packets: Always register packet sk in the same order
    - rhashtable: Still do rehash when we get EEXIST
    - sctp: get sctphdr by offset in sctp_compute_cksum
    - sctp: use memdup_user instead of vmemdup_user
    - tcp: do not use ipv6 header for ipv4 flow
    - tipc: allow service ranges to be connect()'ed on RDM/DGRAM
    - tipc: change to check tipc_own_id to return in tipc_net_stop
 ...

Changed in linux-azure (Ubuntu):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (50.3 KiB)

This bug was fixed in the package linux-gcp - 5.0.0-1002.2

---------------
linux-gcp (5.0.0-1002.2) disco; urgency=medium

  * linux-gcp: 5.0.0-1002.2 -proposed tracker (LP: #1823221)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

  * Set CONFIG_RANDOM_TRUST_CPU=y (LP: #1823754)
    - [Config] CONFIG_RANDOM_TRUST_CPU=y

  * tcm_loop.ko: move from modules-extra into main modules package
    (LP: #1817786)
    - [Packaging] move tcm_loop.lo to main linux-modules-gcp package

  * Miscellaneous Ubuntu changes
    - [Config] bump annotations format
    - [Config] sync some annotations updates from cosmic
    - [Config] linux-gcp: Update annotations file
    - [Config] update configs after rebase to 5.0.0-10.11

  [ Ubuntu: 5.0.0-10.11 ]

  * linux: 5.0.0-10.11 -proposed tracker (LP: #1823936)
  * Apparmor enforcement failure in lxc selftests (LP: #1823379)
    - SAUCE: apparmor: Restore Y/N in /sys for apparmor's "enabled"
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244)
    - openvswitch: fix flow actions reallocation

  [ Ubuntu: 5.0.0-9.10 ]

  * linux: 5.0.0-9.10 -proposed tracker (LP: #1823228)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction
  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next/hinic: replace disable_irq_nosync/enable_irq
  * Add uid shifting overlay filesystem (shiftfs) (LP: #1823186)
    - shiftfs: uid/gid shifting bind mount
    - shiftfs: rework and extend
    - shiftfs: support some btrfs ioctls
    - [Config] enable shiftfs
  * Cannot boot or install - have to use nomodeset (LP: #1821820)
    - Revert "drm/i915/fbdev: Actually configure untiled displays"
  * Disco update: v5.0.6 upstream stable release (LP: #1823060)
    - netfilter: nf_tables: fix set double-free in abort path
    - dccp: do not use ipv6 header for ipv4 flow
    - genetlink: Fix a memory leak on error path
    - gtp: change NET_UDP_TUNNEL dependency to select
    - ipv6: make ip6_create_rt_rcu return ip6_null_entry instead of NULL
    - mac8390: Fix mmio access size probe
    - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
    - net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
    - net: datagram: fix unbounded loop in __skb_try_recv_datagram()
    - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
    - net: phy: meson-gxl: fix interrupt support
    - net: rose: fix a possible stack overflow
    - net: stmmac: fix memory corruption with large MTUs
    - net-sysfs: call dev_hold if kobject_init_and_add success
    - net: usb: aqc111: Extend HWID table by QNAP device
    - packets: Always register packet sk in the same order
    - rhashtable: Still do rehash when we get EEXIST
    - sctp: get sctphdr by offset in sctp_compute_cksum
    - sctp: use memdup_user instead of vmemdup_user
    - tcp: do not use ipv6 header for ipv4 flow
    - tipc: allow service ranges to be connect()'ed on RDM/DGRAM
    - tipc: change to check tipc_own_id to return in tipc_net_stop
    - tipc: fix cancella...

Changed in linux-gcp (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers