Improving available entropy

Tim Gardner tim.gardner at canonical.com
Sat Feb 6 13:43:18 UTC 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 02/05/2016 05:39 PM, Tyler Hicks wrote:
> I took a look at how we can improve entropy on devices such as the 
> BeagleBone Black and Raspberry Pi 2. Lucky for us, both of those
> pieces of hardware include a hardware random number generator
> (hwrng) that can be used to feed random data into the kernel's
> random number entropy pool (which is what's behind /dev/random and
> /dev/urandom).
> 
> Shortly after booting the devices, I took a look at the bits of
> entropy available on each device.
> 
> ubuntu at bbb:~$ cat /proc/sys/kernel/random/entropy_avail 165
> 
> ubuntu at rpi2:~$ cat /proc/sys/kernel/random/entropy_avail 528
> 
> Those are the bits of entropy available out of a total poolsize of
> 4096 bits. The BBB's number is very low while the RPI2 is only
> slightly better. However, neither of them can generate an RSA-2048
> bit GPG key at this point due to /dev/random blocking. Keep in mind
> that this is after the device is fully booted, connected to the
> network, and I've ssh'ed in. The entropy levels are surely much
> lower before the network is up.
> 
> We can improve things by leveraging the hwrng devices. We can see
> what hwrng sources are available by reading 
> /sys/class/misc/hw_random/rng_available:
> 
> ubuntu at bbb:~$ cat /sys/class/misc/hw_random/rng_available omap
> 
> The BBB image loads the omap-rng kernel module during boot.
> Unfortunately, the RPI2 image doesn't load the necessary kernel
> module for its hwrng. We'll load it and then make sure its
> available:
> 
> ubuntu at rpi2:~$ sudo modprobe bcm2708-rng ubuntu at rpi2:~$ cat
> /sys/class/misc/hw_random/rng_available bcm2708
> 
> Having a hwrng available doesn't mean that the kernel's random
> number entropy pool is automatically fed. We need to use rngd, from
> rng-tools, to read from /dev/hwrng and write to /dev/random.
> 
> ubuntu at bbb:~$ cat /proc/sys/kernel/random/entropy_avail 180 
> ubuntu at bbb:~$ sudo ./rngd ubuntu at bbb:~$ cat
> /proc/sys/kernel/random/entropy_avail 3100
> 
> ubuntu at rpi2:~$ cat /proc/sys/kernel/random/entropy_avail 544 
> ubuntu at rpi2:~$ sudo ./rngd ubuntu at rpi2:~$ cat
> /proc/sys/kernel/random/entropy_avail 3097
> 
> Now we can easily generate keys without GPG blocking while reading
> from /dev/random. rngd continues to feed random data into the
> kernel's entropy pool while things such as key gen operations
> deplete the pool.
> 
> rngd includes fitness tests to ensure that the numbers read from 
> /dev/hwrng look random, as defined by FIPS 140-2, before writing
> them to /dev/random.
> 
> There are some things that need to be done to leverage the hwrng
> in these devices:
> 
> 1) The RPI2 image needs to ensure that the bcm2708-rng kernel
> module is loaded. 2) We need to make rng-tools available. Would it
> be preferred that rng-tools is seeded in core or should it be a
> snap that gadget snaps, for devices that have a hwrng, can declare
> as a preinstall dependency?
> 
> Tyler
> 
> 
> 

Tyler - the Xenial raspi2 Linux 4.4 based kernel that I uploaded to
- -proposed yesterday produces the following (after installing rng-tools
and rebooting):

ubuntu at raspi2:~$ cat /sys/class/misc/hw_random/rng_available
bcm2835
ubuntu at raspi2:~$ cat /proc/sys/kernel/random/entropy_avail
3082

Note that bcm2835 is built in to this kernel, so modprobing is not
necessary.

rtg
- -- 
Tim Gardner tim.gardner at canonical.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWtfh1AAoJED12yEX6FEfK6pUQAJbBI1KnmYAQwYmHpDx2C0xJ
uQFYw3+DqW6X6BXnfmAMORH3f+dnupzlkGlVRJIF85WAYhkZuYF2gty4/lQVHhZH
ReY4OE7r0K/VdofKfQNLGG2aoHb/c5snk0F/wB7eavTnSFdOh1wqK0Zp5Wx1gtp6
du3c4Z2rdof628r+WwTIWbFgsO+W5W+YKlLa9dAGJBg0elAQAh7mvas+ykjc4p+c
/k43n/RgRE38wKET2zoK4d6fv9ePRQcVtKm00fTxagw4rXptwWqJNhs6MmkcAaSm
kxcamlf8E5n5Pgfl6dz87YG1kkuNAgDKWg/lzp+hBriZErfdrM0sUElMBE91VwKi
1ipHlcYjiIKCdeOX0upyfh7OnffI1N7wvy/lZcMtPUZFFcz/aKooQ/lyoN3fSqaz
5glmYiUEESeYsyq6OL5wnDE/C2UOjsDZaNDMv51hHdqI2pyDAAhjooC7LgX54OEy
UDG6P9qZCQgY5Y+ZnmKrv6fEAxzWjnzr3eusvsjXzCjyqaGqnmtXAoxuU09+4G+t
nIk8mkMsGgtP8QUAcFgAwhQ59lP16ZncO1KHQqPDF3k2rVSIRr/OKsRLVRhSSKvh
eVbyieC0fMyzZ6fQN/d+AL7irAVzVkHkkvQB/Pp23TtG2kplLAcBuIrf0gE7Gdjt
AL/u4lL1ZeuwXt7D3fvW
=Zrm3
-----END PGP SIGNATURE-----

More information about the snappy-devel mailing list