Package: rng-tools Version: 2-unofficial-mt.14-1 X-Debbugs-CC: robertcnel...@gmail.com, pkg-systemd-maintain...@lists.alioth.debian.org
rng-tools does not perform as expected on a Beaglebone Black. The dev-board has a built-in rng, and the kernel driver loads as expected. /dev/hwrng is full, but /dev/random is suffering depletion. After draining /dev/random, it takes 646 seconds to read 10 bytes in blocking mode. The problem seems to be the wrapper script of systemd around the old sysinit script. Or maybe the wrapper is OK but systemd is the problem. I don't know what the problem is at the moment. Manually running '/etc/init.d/rng-tools start' and things work as expected. /dev/random has a bountiful stream of bits. A related question where I tried to troubleshoot it is at https://unix.stackexchange.com/q/475489/56041. Unfortunately, I don't know enough about the system components and they way they are supposed to interact. This report may be related: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776597 . This may be CVE worthy. It is effectively a security related DoS due to a configuration problem. At this point I think it would be wise to provide a proper systemd service file for rng-tools. I am happy to manually install and test an updated *.deb package for rng-tools. Just point me to a download. ------------------------- Some hardware information. $ cat /proc/cpuinfo processor : 0 model name : ARMv7 Processor rev 2 (v7l) BogoMIPS : 996.14 Features : half thumb fastmult vfp edsp thumbee neon vfpv3 tls vfpd32 CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x3 CPU part : 0xc08 CPU revision : 2 Hardware : Generic AM33XX (Flattened Device Tree) Revision : 0000 Serial : 0000000000000000 ------------------------- $ apt-cache show rng-tools Package: rng-tools Version: 2-unofficial-mt.14-1 Installed-Size: 148 Maintainer: Henrique de Moraes Holschuh <h...@debian.org> Architecture: armhf Replaces: intel-rng-tools Provides: intel-rng-tools Depends: libc6 (>= 2.4), udev (>= 0.053) | makedev (>= 2.3.1-77) Conflicts: intel-rng-tools Description: Daemon to use a Hardware TRNG Description-md5: 6da2aca3dd07b55b609d9cf3d5d7cd57 Tag: interface::daemon, network::server, role::program Section: utils Priority: optional Filename: pool/main/r/rng-tools/rng-tools_2-unofficial-mt.14-1_armhf.deb Size: 47364 MD5sum: eb9bde7feaec413754e4b1f255865c8d SHA1: 4ab63f0ec0f84499decbfe916c248580f51ab560 SHA256: a017aa416bda627a20cf5fdcf51f2a46471b800225a3b3abb5c6774b3cd94c6e ------------------------- $ apt-cache show systemd Package: systemd Version: 230-7~bpo8+2 Architecture: armhf Maintainer: Debian systemd Maintainers <pkg-systemd-maintain...@lists.alioth.debian.org> Installed-Size: 6490 Pre-Depends: libc6 (>= 2.8), libgcc1 (>= 1:4.4.0) Depends: libacl1 (>= 2.2.51-8), libapparmor1 (>= 2.9.0-3+exp2), libaudit1 (>= 1:2.2.1), libblkid1 (>= 2.19.1), libc6 (>= 2.17), libcap2 (>= 1:2.10), libcryptsetup4 (>= 2:1.4.3), libgcrypt20 (>= 1.6.1), libgpg-error0 (>= 1.14), libidn11 (>=1.13), libkmod2 (>= 5~), liblzma5 (>= 5.1.1alpha+20120614), libmount1 (>= 2.20.1), libpam0g (>= 0.99.7.1), libseccomp2 (>= 2.1.0), libselinux1 (>= 2.1.9), libsystemd0 (= 230-7~bpo8+2), util-linux (>= 2.25.2-6), mount (>= 2.25.2-6), adduser, libcap2-bin Recommends: libpam-systemd, dbus Suggests: systemd-ui, systemd-container, policykit-1 Conflicts: klogd Breaks: apparmor (<< 2.9.2-1), ifupdown (<< 0.8.5~), laptop-mode-tools (<< 1.68~), lsb-base (<< 4.1+Debian4), lvm2 (<< 2.02.104-1), systemd-shim (<< 8-2), udev(<< 228-5) Replaces: udev (<< 228-5) Multi-Arch: foreign Homepage: http://www.freedesktop.org/wiki/Software/systemd Priority: important Section: admin Filename: pool/main/s/systemd/systemd_230-7~bpo8+2_armhf.deb Size: 2146126 SHA256: b8ad0cd78f01d14980fa728baa841a2a59d85c706e6a3843930a8d932d289d04 SHA1: cf280cd4acccc7564a50404b95c04967be9ba468 MD5sum: bb29e98702695017bc9241c6b81d600f Description: system and service manager systemd is a system and service manager for Linux. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, supports snapshotting and restoring of the system state, maintains mount and automount points and implements an elaborate transactional dependency-based service control logic. . systemd is compatible with SysV and LSB init scripts and can work as a drop-in replacement for sysvinit. . Installing the systemd package will not switch your init system unless you boot with init=/bin/systemd or install systemd-sysv in addition. Description-md5: daa2c3e0044c2c2f5adc47475a3d6969 Package: systemd Version: 215-17+deb8u7 Installed-Size: 7977 Maintainer: Debian systemd Maintainers <pkg-systemd-maintain...@lists.alioth.debian.org> Architecture: armhf Depends: libacl1 (>= 2.2.51-8), libaudit1 (>= 1:2.2.1), libblkid1 (>= 2.19.1), libcap2 (>= 1:2.10), libcryptsetup4 (>= 2:1.4.3), libkmod2 (>= 5~), libpam0g (>=0.99.7.1), libselinux1 (>= 2.1.9), libsystemd0 (= 215-17+deb8u7), util-linux (>= 2.19.1-2), mount (>= 2.21), initscripts (>= 2.88dsf-53.2), sysv-rc, udev (>= 208-8), acl, adduser, libcap2-bin Pre-Depends: libc6 (>= 2.17), libgcrypt20 (>= 1.6.1), liblzma5 (>= 5.1.1alpha+20120614), libselinux1 (>= 1.32) Recommends: libpam-systemd, dbus Suggests: systemd-ui Conflicts: klogd Breaks: lsb-base (<< 4.1+Debian4), lvm2 (<< 2.02.104-1), systemd-shim (<< 8-2) Description: system and service manager Description-md5: b7cab5335af47ff49cf666299f5ca607 Homepage: http://www.freedesktop.org/wiki/Software/systemd Section: admin Priority: important Filename: pool/main/s/systemd/systemd_215-17+deb8u7_armhf.deb Size: 2315660 MD5sum: fdd888dba6bca71c11df702e3943d49a SHA1: 4df59c5ecbdb0202a8df1199e0dc0537c05945b3 SHA256: 16f38b4beb42020e28cd53f3e6be5bbb0af85605420389a46e6a6b94fc5de699