haveged - Entropy daemon

nurmagoz · July 24, 2023, 10:04am

Remove haveged as extra/unnecessary package.

Also useless for new kernels as per this post.

Patrick · September 4, 2023, 9:25am

Upstream Patch Tracking Bug Blocking Haveged Updates - Development - Kicksecure Forums
is haveged still useful/relevant? · Issue #57 · jirka-h/haveged · GitHub
GitHub - jirka-h/haveged: Entropy daemon ![Continuous Integration](https://github.com/jirka-h/haveged/workflows/Continuous%20Integration/badge.svg)

nurmagoz · September 6, 2023, 9:48am

mixed responses from distro engineers, also dunno about kernel 6.x if this is even more not relevant, since it doesnt make issues, ok lets keep and see.

nurmagoz · August 2, 2024, 8:27pm

haveged has been removed from qubes.

Patrick · August 3, 2024, 11:39am

Which distro engineers?

Without a rationale, discussion, that would not be an argument for removal from Whonix either. This commit was done in context of (Re)move Debian packages in `packages.list` and `packages_minimal.list` · Issue #6566 · QubesOS/qubes-issues · GitHub, which is a source code cleanup / refactoring task. Not an argument against haveged / for haveged removal.

Also, no. haveged was not removed from Qubes.

haveged was removed from packages_minimal.list file, yes. But it is still part of the “normal”, “non-minimal” packages.list file.

Even if removed from packages.list it could still be part of qubes-meta-packages. (It currently does not seem to be. I am just explanation that looking at a single file, single commit is insufficinet to predict what packages will be installed by default in Qubes.)

I haven’t found a ticket for haveged removal from Qubes and I am not creating one either because I am not convinced of it.

nurmagoz · August 6, 2024, 12:22am

Every major distro you can think of doesnt include it by default (debian, redhat, fedora…etc) and even warn against installing it.

Removed from Manjaro, rantional can be found here.

Debian packaging issue: latest version packaged in debian was 1.9.14 released in 2021, however upstream version is 1.9.18 released in 2022 which has not included for over 2 years into debian (or possibly ever).

The maintainer himself called it obsolete…

So not sure about the idea of having it for the future kernel versions, because its unknown how will that mess things up.

Patrick · August 6, 2024, 1:14pm

haveged has a test suite. It’s tested. (haveged) It’s passing. It’s maintained.

Bad wording from 2021. This was revised in 2022 and readme also updated in 2022.

Based on bad wording from 2021.

These aren’t security-focused Linux distributions. Especially Debian unfortunately isn’t on the forefront of entropy improvements.

Debian:

trusts RDRAND by default but really should not. Details here: RDRAND
No action was taken on Debian feature request set jitterentropy_rng.ko to built-in See also jitterentropy.

What another distribution does or not does is by itself not an argument. Elaborated here, written just now: Why don’t you do what does?

They acknowledge:

This article or section is out of date.

Anyhow. Let’s see the warning.

Warning: The quality of the generated entropy is not guaranteed and sometimes contested (see LCE: Do not play dice with random numbers and Is it appropriate to use haveged as a source of entropy on virtual machines?). Use it at your own risk or use it with a hardware based random number generator with the rng-tools (see #Alternative section)

So lets see who is “contesting” (just another poor word choice) what.

I am following it to the sources.

Quote LCE: Do not play dice with random numbers

““So, while I can’t really recommend it, I can’t not recommend it either.””

So no contesting there.
~~contesting~~ → researching

If you are going to run HAVEGE, Peter strongly recommended running it together with rngd, rather than as a replacement for it.

Great. That’s what we are doing. Kinda. We don’t use rngd because that requires an additional hardware device. We don’t rely only on haveged. Multiple sources of entropy are being used. This is documented here: Entropy, Randomness, /dev/random vs /dev/urandom, Entropy Sources, Entropy Gathering Daemons, RDRAND

I am not aware of any other Linux distribution documenting the topic of entropy in this detail.

Quote linux - Is it appropriate to use haveged as a source of entropy on virtual machines? - Information Security Stack Exchange

“At its heart, [HAVEGE] uses timing information based on the processor’s high resolution timer (the RDTSC instruction). This instruction can be virtualized, and some virtual machine hosts have chosen to disable this instruction, returning 0s or predictable results.”
(Source: PolarSSL Security Advisory 2011-02 on polarssl.org).

polarssl issue. They should use the proper kernel APIs and not any entropy daemon directly. The bug report can be translated to “polarssl should not use a single entropy source (haveged) by default but instead use kernel API”. Right. Not a haveged issue.

The kernel is careful about changing the randomness interface, isn’t in the business of breaking APIs (kernel development policy is: “don’t break userspace”), let alone breaking the APIs in a way leading to existing applications worsening entropy.

Commented on Debian bug report HAVEGED is obsolete starting from linux kernel 5.6 just now to clarify the situation.
Also created Debian feature request upload new version haveged 1.9.18 just now.

nurmagoz · August 6, 2024, 11:35pm

The good thing is that jirka is still active, lets hope hes following latest kernel changes to avoid any issues (although the current functionality of haveged with recent kernel versions not sure if anywhere mentioned how its improving things except with what jirka has mentioned).

Good to read as well “Myths about /dev/urandom”.

Patrick · August 14, 2024, 11:08am

related post:
[Help Welcome] KVM Development - staying the course - #575 by Patrick

Evaluating HAVEGE Randomness – Observations from Uppsala

haveged - Online Testing

Patrick · September 14, 2024, 3:26pm

nurmagoz · September 16, 2024, 3:08pm

Did a few tests. All my systems run fine without haveged (and have been so for a few years, actually – silly me)
Adding it does not increase available entropy or its quality at all.

Useful ticket.

Patrick · September 16, 2024, 5:39pm

Operating on outdated information.

nurmagoz · September 16, 2024, 6:02pm

Not about information, its practical test.

Just the developer of the tool saying its doing anything more useful.

lets see if debian is going to be interested to include it for the next releases.

Patrick · September 16, 2024, 6:24pm

Not about information, its practical test.

The only thing which was states was tested was cat /proc/sys/kernel/random/entropy_avail which is a very superficial test, that doesn’t say much.

Just the developer of the tool saying its doing anything more useful.

Quote from the ticket:

Did a few tests. All my systems run fine without haveged (and have been so for a few years, actually – silly me)
Adding it does not increase available entropy or its quality at all.

There is not much that shows much substance.

Did a few tests.

What tests?

All my systems run fine without haveged

“Runs fine” isn’t an entropy quality test. The system would run fine even if the entropy was completely predictable.

(and have been so for a few years, actually – silly me)

Indicates, that the author isn’t much focused on the topic of entropy. Otherwise, having haveged installed versus not makes quite a difference.

Adding it does not increase available entropy

Not important. Full pool is full pool.

or its quality at all.

Author didn’t say how quality was tested.

I’ll ask in the ticket.

Patrick · September 25, 2024, 1:58am

There is no such issue. If that ever was an issue, it seems to have been fixed nowadays.

Thanks for testing this! @arraybolt3

Patrick · November 11, 2024, 1:20pm

1.9.19 has been uploaded to Debian as per above link.