'rngd' in RHEL does not detect hardware random number generators in Intel IvyBridge processors or later
Environment
- RHEL 5
rng-utils
- RHEL 6
rng-tools
Issue
Modern Intel CPUs (Ivy Bridge and later) come with a hardware random number generates, as seen by rdrand
in /proc/cpuinfo's flags. However, the rngd
command Red Hat Enterprise Linux (RHEL) 5 and RHEL 6 do not detect or use it.
Is Red Hat planning to address this?
Resolution
1) In RHEL 5 /sbin/rngd
is provided by the rng-utils
package. Red Hat at not currently planning to provide support for hardware RNG for IvyBridge processors or later within rng-utils on RHEL 5.
2) Within RHEL 6, affected package rng-tools
cannot use or detect Intel IvyBridge (or later) hardware random number generators at this time. The following Bugzilla has been created in order to track developments related to this for RHEL 6. Please note, this Bugzilla is internal to Red Hat but has been included here for reference:
https://bugzilla.redhat.com/show_bug.cgi?id=996913
rng-tools does not detect DRNG (rdrand) on modern Intel CPUs
For some additional context, please also review the following KBase article for specific information on which Intel CPUs are supported on RHEL releases:
https://access.redhat.com/site/articles/65442
Intel CPUs and Supported Red Hat Enterprise Linux (RHEL) Versions
Root Cause
RHEL 5 rng-utils
and RHEL 6 rng-tools
cannot use or detect Intel IvyBridge (or later) hardware random number generators currently.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments