[OneRNG-Discuss] Debian 12 kernel ignoring entropy from OneRNG?

Jim Cheetham jim at gonzul.net
Wed Mar 13 23:10:33 GMT 2024 

I'd be interested to know what kernel you were using on the Centos 7
machine - I think they only went up to something like 3.1.

I haven't gone digging into the current Linux behaviours in details for
ages; but broadly speaking, the Linux kernel no longer operates the same
way that it used to. Both /dev/random and /dev/urandom are operating from a
CSPRNG, and there is a much reduced need for any external entropy after
seeding has taken place; so much reduced that simple internal measurements
of CPU jitter are more than sufficient to keep the system operating
securely. The "entropy pool" is now only meaningfully measurable during
initial boot, and even there it's going to be filled enough to start the
system well before userland comes up.

So I expect your key is working just fine, sending data to rngd; and rngd
is writing into /dev/random like it used to do - but the kernel is ignoring
it, and the measurement you used to rely on is no longer meaningful. Much
of the information published (& indexed) on the Internet still seems to be
out-of-date, as the Arch documentation mentions:
https://wiki.archlinux.org/title/Random_number_generation

I'm pretty sure that this means hardware like OneRNG are no longer useful
from a systems administration perspective.

-jim

On Wed, Mar 13, 2024 at 11:35 PM Tom Yates <madhatter at teaparty.net> wrote:

> I've got a D12 system, kernel 6.1.0-18, with an attached OneRNG.  As far
> as I can tell, the OneRNG isn't filling up the entropy pool: cat
> /proc/sys/kernel/random/entropy_avail always returns 256 .
>
> The OneRNG is inside the system case, on a USB cable, and the case is in a
> colo about 50 miles away, so it's difficult for me to see the LED.  But
> when the system is rebooted, onerng.sh starts up just fine; I see it in
> the process table:
>
> root        1215  0.0  0.0   2576   892 ?        S    09:14   0:00 /bin/sh
> /sbin/onerng.sh feeder ttyACM0
>
> I see it sleep for 5 seconds:
>
> root        8033  0.0  0.0   2484   928 ?        S    09:34   0:00 sleep 5
>
> then fire up and send a bunch of entropy to /dev/random via dd:
>
> root        8069 16.6  0.0   2532   924 ?        R    09:34   0:00 dd
> if=/dev/ttyACM0 of=/dev/random bs=128 count=200
>
> at which point it goes back to sleep for 5 seconds.  strace-ing the
> process shows the same pattern of events, which I think is what's expected
> of it.
>
> Just in case, I also read notes referred to in an earlier post on this
> list [1], manually killed the onerng.sh script, and manually started rngd
> with the appropriate flags:
>
> root at lory:~# rngd -r /dev/ttyACM0 -f
> rngd 2.2 starting up...
> entropy feed to the kernel ready
>
> but still, the entropy pool remains stubbornly 256 bytes deep.  If I add
> "-S 60" to the daemon's flags, it logs once a minute along these lines:
>
> stats: bits received from HRNG source: 60064
> stats: bits sent to kernel pool: 7680
> stats: entropy added to kernel pool: 7680
> stats: FIPS 140-2 successes: 3
> stats: FIPS 140-2 failures: 0
> stats: FIPS 140-2(2001-10-10) Monobit: 0
> stats: FIPS 140-2(2001-10-10) Poker: 0
> stats: FIPS 140-2(2001-10-10) Runs: 0
> stats: FIPS 140-2(2001-10-10) Long run: 0
> stats: FIPS 140-2(2001-10-10) Continuous run: 0
> stats: HRNG source speed: (min=2.129; avg=3.330; max=5.304)Mibits/s
> stats: FIPS tests speed: (min=23.147; avg=40.524; max=66.925)Mibits/s
> stats: Lowest ready-buffers level: 2
> stats: Entropy starvations: 0
> stats: Time spent starving for entropy: (min=0; avg=0.000; max=0)us
>
> so it, too, seems to be getting entropy from the OneRNG and feeding it to
> the kernel, but again to no avail.
>
> I suppose it's possible that this system has enormous drains on its
> entropy pool, but it didn't have them last week (when it was running
> CentOS 7, also with the OneRNG inside) and the duty-cycle hasn't changed
> much.
>
> Does anyone have any thoughts about either (a) ways to hunt down an
> entropy sink, or (b) why my kernel seems to be ignoring entropy added to
> the pool?
>
>
> --
>
>        Tom Yates  -  https://www.teaparty.net
>
>
> [1] https://github.com/denis-beurive/onerng-notes?tab=readme-ov-file
>
> _______________________________________________
> Discuss mailing list
> Discuss at lists.onerng.info
> https://lists.ourshack.com/mailman/listinfo/discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ourshack.com/pipermail/discuss/attachments/20240314/4a4a6e68/attachment.html>

More information about the Discuss mailing list