The havege functions in the polarssl package are currently disabled in the Fedora package. Newer releases of dolphin-emu, which are in a popular external repository, require these functions.
According to https://bugzilla.redhat.com/show_bug.cgi?id=1069394#c1, the HAVEGE feature is disabled because it's "controversial" and "would lead to security problems", but the maintainer hasn't given any more explanation than that in the bug report.
Is there any way we can get a second opinion on this? The external repository follows Fedora's guidelines to the best of their ability, and this includes the prohibition on bundling, so we'd really like to get this fixed.
Jonathan
On Wed, Oct 01, 2014 at 08:52:03AM +0300, Jonathan Dieter wrote:
The havege functions in the polarssl package are currently disabled in the Fedora package. Newer releases of dolphin-emu, which are in a popular external repository, require these functions.
According to https://bugzilla.redhat.com/show_bug.cgi?id=1069394#c1, the HAVEGE feature is disabled because it's "controversial" and "would lead to security problems", but the maintainer hasn't given any more explanation than that in the bug report.
Is there any way we can get a second opinion on this? The external
Yes there is. Since the objection is potentially security related, it would be good to get the input of the Fedora Security Team (probably on the security@ mailing list). Second, having had that conversation, if it still goes nowhere, file a ticket with FESCo.
On Wed, 2014-10-01 at 08:33 -0400, Matthew Miller wrote:
On Wed, Oct 01, 2014 at 08:52:03AM +0300, Jonathan Dieter wrote:
The havege functions in the polarssl package are currently disabled in the Fedora package. Newer releases of dolphin-emu, which are in a popular external repository, require these functions.
According to https://bugzilla.redhat.com/show_bug.cgi?id=1069394#c1, the HAVEGE feature is disabled because it's "controversial" and "would lead to security problems", but the maintainer hasn't given any more explanation than that in the bug report.
Is there any way we can get a second opinion on this? The external
Yes there is. Since the objection is potentially security related, it would be good to get the input of the Fedora Security Team (probably on the security@ mailing list). Second, having had that conversation, if it still goes nowhere, file a ticket with FESCo.
Hello, Havege is an entropy gathering technique combined with a PRNG. I cannot really comment on the algorithm, but there is not significant analysis of the technique, and has not been published in a journal that is specialized for crypto or PRNGs. In any case, my opinion is not based on an analysis of the underlying algorithm, but rather on an idea on how the Fedora system's security features should be used.
haveged and other daemons that feed entropy to kernel are useful, but a user space process in Fedora should not need an entropy gatherer. The system provides two and they are called /dev/urandom and /dev/random. By using these two we can always know that processes are sufficiently seeded. The only way to enforce that rule is by not allowing entropy gathering APIs in the system. So I'm on the keep this API disabled side, even though it's for a different reason.
Is there a reason the processes that depend on the havege API to obtain entropy cannot use the system provided devices? My guess is that the processes simply need a PRNG. In that case doesn't the polarssl API offer a reasonable PRNG that is seeded from the system's devices?
regards, Nikos
On 1.10.2014 15:12, Nikos Mavrogiannopoulos wrote:
On Wed, 2014-10-01 at 08:33 -0400, Matthew Miller wrote:
On Wed, Oct 01, 2014 at 08:52:03AM +0300, Jonathan Dieter wrote:
The havege functions in the polarssl package are currently disabled in the Fedora package. Newer releases of dolphin-emu, which are in a popular external repository, require these functions.
According to https://bugzilla.redhat.com/show_bug.cgi?id=1069394#c1, the HAVEGE feature is disabled because it's "controversial" and "would lead to security problems", but the maintainer hasn't given any more explanation than that in the bug report.
Is there any way we can get a second opinion on this? The external
Yes there is. Since the objection is potentially security related, it would be good to get the input of the Fedora Security Team (probably on the security@ mailing list). Second, having had that conversation, if it still goes nowhere, file a ticket with FESCo.
Hello, Havege is an entropy gathering technique combined with a PRNG. I cannot really comment on the algorithm, but there is not significant analysis of the technique, and has not been published in a journal that is specialized for crypto or PRNGs. In any case, my opinion is not based on an analysis of the underlying algorithm, but rather on an idea on how the Fedora system's security features should be used.
haveged and other daemons that feed entropy to kernel are useful, but a user space process in Fedora should not need an entropy gatherer. The system provides two and they are called /dev/urandom and /dev/random. By using these two we can always know that processes are sufficiently seeded. The only way to enforce that rule is by not allowing entropy gathering APIs in the system. So I'm on the keep this API disabled side, even though it's for a different reason.
Is there a reason the processes that depend on the havege API to obtain entropy cannot use the system provided devices? My guess is that the processes simply need a PRNG. In that case doesn't the polarssl API offer a reasonable PRNG that is seeded from the system's devices?
regards, Nikos
I support Nikos's analysis. Let kernel do its work.
On 10/01/2014 03:33 PM, Matthew Miller wrote:
On Wed, Oct 01, 2014 at 08:52:03AM +0300, Jonathan Dieter wrote:
The havege functions in the polarssl package are currently disabled in the Fedora package. Newer releases of dolphin-emu, which are in a popular external repository, require these functions.
According to https://bugzilla.redhat.com/show_bug.cgi?id=1069394#c1, the HAVEGE feature is disabled because it's "controversial" and "would lead to security problems", but the maintainer hasn't given any more explanation than that in the bug report.
Is there any way we can get a second opinion on this? The external
Yes there is. Since the objection is potentially security related, it would be good to get the input of the Fedora Security Team (probably on the security@ mailing list). Second, having had that conversation, if it still goes nowhere, file a ticket with FESCo.
Thanks Matthew for the roadmap on this. When doing further research to try to work out where dolphin-emu was actually using the code, I found that since dolphin-emu's latest release, they've switched to using polarssl without the havege functions. I'm hoping we can backport those commits into the latest release.
So, at this point, I think I'm going to desubmit (is that a word? unsubmit?) my request for a second opinion and won't be pursuing this any further. Apologies for any wasted time, and thanks Nikos for explaining what havege is and why it shouldn't be used in this context.
Jonathan
On Wed, Oct 01, 2014 at 06:59:52PM +0300, Jonathan Dieter wrote:
So, at this point, I think I'm going to desubmit (is that a word? unsubmit?) my request for a second opinion and won't be pursuing this any further. Apologies for any wasted time, and thanks Nikos for explaining what havege is and why it shouldn't be used in this context.
I don't think this is wasted time. I think this is the process working. :)
devel@lists.stg.fedoraproject.org