On 2016-04-01 13:34:45, Marc Deslauriers wrote: > The kernel already feeds the hwrng into /dev/random. The user-space > daemon is no longer necessary, and may in fact be a bad idea. > > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be4000bc4644d027c519b6361f5ae3bbfc52c347
Thanks for pointing out this commit. I've spent some time looking into whether we should use rng-tools or the hwrng kthread. My conclusion is that the hwrng kthread is the best choice for Snappy Ubuntu Core devices. The hwrng kthread allows us to tune the quality of the hwrng on a per-board basis. Actually, we're forced to do so because most hwrng kernel drivers do not set the quality member of struct hwrng. Gadget snap authors will need to determine the best hwrng quality value for their hardware. One downside of using the hwrng kthread instead of rngd is that we lose the FIPS 140-2 tests that help to give some level of assurance that the hwrng device is outputting random looking values. The kernel thread does not run the bits through any tests. However, the rngtest program from rng-tools could still be used by gadget snap authors to manually verify their boards. I'm marking this MIR as invalid since we're not going forward with seeding rng-tools in Snappy Ubuntu Core. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1564675 Title: [MIR] rng-tools To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rng-tools/+bug/1564675/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
