Features/rngd default on

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
m (remove admin notes)
(Feature approved on Aug-20 meeting)
 
(2 intermediate revisions by 2 users not shown)
Line 26: Line 26:
  
 
== Detailed Description ==
 
== Detailed Description ==
<!-- Expand on the summary, if appropriate.  A couple sentences suffices to explain the goal, but the more details you can provide the better. -->
 
 
Linux generally relies on extracting entropy from noise in the compute
 
Linux generally relies on extracting entropy from noise in the compute
 
environment for users of random numbers.  However, in several critical
 
environment for users of random numbers.  However, in several critical
Line 64: Line 63:
 
== Benefit to Fedora ==
 
== Benefit to Fedora ==
 
Kernel random number generator has plenty of entropy on servers, virtual machines and other platforms.
 
Kernel random number generator has plenty of entropy on servers, virtual machines and other platforms.
<!-- What is the benefit to the platform?  If this is a major capability update, what has changed?  If this is a new feature, what capabilities does it bring? Why will Fedora become a better distribution or project because of this feature?-->
 
  
 
== Scope ==
 
== Scope ==
1. Update rng-tools to version 4 (done).
+
* Update rng-tools to version 4 (done).
2. Get rng-tools added to core list of packages.
+
* Get rng-tools added to core list of packages.
 
<!-- What work do the developers have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
 
<!-- What work do the developers have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
  
Line 102: Line 100:
 
See above extended description.
 
See above extended description.
 
<!-- Is there upstream documentation on this feature, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
 
<!-- Is there upstream documentation on this feature, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
*
 
  
 
== Release Notes ==
 
== Release Notes ==
Line 108: Line 105:
 
<!-- The Fedora Release Notes inform end-users about what is new in the release.  Examples of past release notes are here: http://docs.fedoraproject.org/release-notes/ -->
 
<!-- The Fedora Release Notes inform end-users about what is new in the release.  Examples of past release notes are here: http://docs.fedoraproject.org/release-notes/ -->
 
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this feature, indicate them here.  You can also link to upstream documentation if it satisfies this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release. -->
 
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this feature, indicate them here.  You can also link to upstream documentation if it satisfies this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release. -->
*
 
  
 
== Comments and Discussion ==
 
== Comments and Discussion ==
Line 114: Line 110:
  
  
[[Category:FeaturePageIncomplete]]
+
[[Category:FeatureAcceptedF18]]
 
<!-- When your feature page is completed and ready for review -->
 
<!-- When your feature page is completed and ready for review -->
 
<!-- remove Category:FeaturePageIncomplete and change it to Category:FeatureReadyForWrangler -->
 
<!-- remove Category:FeaturePageIncomplete and change it to Category:FeatureReadyForWrangler -->
 
<!-- After review, the feature wrangler will move your page to Category:FeatureReadyForFesco... if it still needs more work it will move back to Category:FeaturePageIncomplete-->
 
<!-- After review, the feature wrangler will move your page to Category:FeatureReadyForFesco... if it still needs more work it will move back to Category:FeaturePageIncomplete-->
 
<!-- A pretty picture of the page category usage is at: https://fedoraproject.org/wiki/Features/Policy/Process -->
 
<!-- A pretty picture of the page category usage is at: https://fedoraproject.org/wiki/Features/Policy/Process -->

Latest revision as of 12:56, 21 August 2012



Contents

[edit] rngd default-on

[edit] Summary

rngd (part of the rng-tools package) should be enabled by default.

[edit] Owner

  • Email: jgarzik@redhat.com

[edit] Current status

  • Targeted release: Fedora 18
  • Last updated: 2012-08-06
  • Percentage of completion: 95%


[edit] Detailed Description

Linux generally relies on extracting entropy from noise in the compute environment for users of random numbers. However, in several critical compute environments entropic noise is notoriously scarce: servers, embedded systems, and virtual machines.

Some platforms provide a hardware random number generator, or they have a Trusted Platform Module (TPM); in particular KVM provides the rng-virtio interface to guests. Furthermore, rngd can make direct use of an architectural random number generator (currently it supports the x86 RDRAND instruction available in newer Intel processors.)

Lack of entropy is both a performance and a security problem. In the worst case it can result in duplicate key generations, as was recently discovered on Linux systems in the field.

There has been a number of functionality problems with rngd in the past, however, these should hopefully be eliminated in the just released version 4. Furthermore, if there are functionality problems remaining they should be reported upstream so they can be fixed, rather than leaving the daemon disabled with all the security hazards that entail.

In particular:

  - rngd should be turned on by default.
  - rngd should be started as early as possible.

Note that when using TPM, rngd currently conflicts with tcsd from TrouSerS. The solution to that is a kernel module which is probably going to be merged upstream in the 3.7 kernel, as it unfortunately missed the 3.6 merge window; however, it is a small patchset and it can be trivially backported. It should be in James Morris' linux-security git tree shortly; otherwise search for Kent Yoder on LKML.

[edit] Benefit to Fedora

Kernel random number generator has plenty of entropy on servers, virtual machines and other platforms.

[edit] Scope

  • Update rng-tools to version 4 (done).
  • Get rng-tools added to core list of packages.

[edit] How To Test

Run random-intensive tests such as certificate / key generation.

[edit] User Experience

Invisible, or, better kernel random entropy.

[edit] Dependencies

None

[edit] Contingency Plan

None necessary

[edit] Documentation

See above extended description.

[edit] Release Notes

Additional entropy is available for kernel random number generator users, particular for setups with low entropy such as servers or virtual machines.

[edit] Comments and Discussion