[Bug 1983359] Re: hwrng drivers missing in initrd.img

[Heinrich Schuchardt]

** Description changed:

  [Impact]
  The initialization of the entropy buffer of the urandom device is critical for security.
  
  When booting Jammy 22.04.1 on QEMU riscv64 I see the following warnings:
  
  [   14.654546] random: lvm: uninitialized urandom read (4 bytes read)
  [   15.247995] random: lvm: uninitialized urandom read (2 bytes read)
  [   22.484719] random: lvm: uninitialized urandom read (4 bytes read)
  [   43.161846] random: lvmconfig: uninitialized urandom read (4 bytes read)
  [   48.862281] random: lvm: uninitialized urandom read (4 bytes read)
  
  Module virtio-rng.ko is missing in initrd.img.
  Adding virtio_rng to /etc/initramfs-tools/modules avoids the warnings.
  
  Hardware RNG drivers should generally be included in the initrd to
  provide early entropy.
  
  [Test case]
  
  * Update the initramfs-tools package.
- * Run update-initramfs with MODULES=most (defined in /etc/initramfs-tools/initramfs.conf or in /etc/initramfs-tools/conf.d/*.conf)
+ * Run 'update-initramfs -k $(uname -r) -u' with MODULES=most (defined in /etc/initramfs-tools/initramfs.conf or in /etc/initramfs-tools/conf.d/*.conf)
  * Unpack the initrd with 'unmkinitramfs /boot/initrd.img-$(uname -r)'
- * Check that main/lib/modules/$(uname -r)/kernel/drivers/char/hw_random/ exists and contains kernel modules. 
+ * Check that [main/]lib/modules/$(uname -r)/kernel/drivers/char/hw_random/ exists and contains kernel modules.
  
  [Where problems could occur]
  
  Adding more drivers increases the size of the initrd. The larger initrd
  might not fit onto the boot partition. The total size of hw_random
  drivers on amd64 is less than 150 KiB so this seem improbable.
  
  [Other Info]
  
  n/a

** Summary changed:

- hwrng drivers missing in initrd.img
+ [SRU] hwrng drivers missing in initrd.img

** Patch added: "Debdiff for Jammy"
   https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1983359/+attachment/5679603/+files/initramfs-tools-0.140ubuntu13.1..0.140ubuntu13.2.debdiff

** Changed in: initramfs-tools (Ubuntu Jammy)
     Assignee: (unassigned) => Heinrich Schuchardt (xypron)

** Changed in: initramfs-tools (Ubuntu Jammy)
       Status: Incomplete => Confirmed

** Changed in: initramfs-tools (Ubuntu Jammy)
     Assignee: Heinrich Schuchardt (xypron) => (unassigned)

** Changed in: initramfs-tools (Ubuntu Jammy)
     Assignee: (unassigned) => Heinrich Schuchardt (xypron)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1983359

Title:
  [SRU] hwrng drivers missing in initrd.img

Status in initramfs-tools package in Ubuntu:
  Fix Released
Status in initramfs-tools source package in Jammy:
  Confirmed
Status in initramfs-tools source package in Kinetic:
  Fix Released

Bug description:
  [Impact]
  The initialization of the entropy buffer of the urandom device is critical for security.

  When booting Jammy 22.04.1 on QEMU riscv64 I see the following
  warnings:

  [   14.654546] random: lvm: uninitialized urandom read (4 bytes read)
  [   15.247995] random: lvm: uninitialized urandom read (2 bytes read)
  [   22.484719] random: lvm: uninitialized urandom read (4 bytes read)
  [   43.161846] random: lvmconfig: uninitialized urandom read (4 bytes read)
  [   48.862281] random: lvm: uninitialized urandom read (4 bytes read)

  Module virtio-rng.ko is missing in initrd.img.
  Adding virtio_rng to /etc/initramfs-tools/modules avoids the warnings.

  Hardware RNG drivers should generally be included in the initrd to
  provide early entropy.

  [Test case]

  * Update the initramfs-tools package.
  * Run 'update-initramfs -k $(uname -r) -u' with MODULES=most (defined in /etc/initramfs-tools/initramfs.conf or in /etc/initramfs-tools/conf.d/*.conf)
  * Unpack the initrd with 'unmkinitramfs /boot/initrd.img-$(uname -r)'
  * Check that [main/]lib/modules/$(uname -r)/kernel/drivers/char/hw_random/ exists and contains kernel modules.

  [Where problems could occur]

  Adding more drivers increases the size of the initrd. The larger
  initrd might not fit onto the boot partition. The total size of
  hw_random drivers on amd64 is less than 150 KiB so this seem
  improbable.

  [Other Info]

  n/a

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1983359/+subscriptions