What were you trying to do that didn't work?

On VMWare systems, hwrng is not implemented, and rdrand is not always implemented depending on the CPU model, it's hence required to use jitter as a source.

Unfortunately it appears jitter takes more than 5 seconds to initialize, causing the servic e to failed:

Dec 21 11:35:29.615257 vmware-rmetrich-rhel8 strace[867]: [jitter]: JITTER timeout set to 5 sec
Dec 21 11:35:29.786198 vmware-rmetrich-rhel8 strace[867]: [jitter]: Initializing AES buffer
Dec 21 11:35:34.014465 vmware-rmetrich-rhel8 strace[867]: [jitter]: Unable to obtain AES key, disabling JITTER source
Dec 21 11:35:34.020438 vmware-rmetrich-rhel8 strace[867]: [jitter]: Initialization Failed
Dec 21 11:35:34.020438 vmware-rmetrich-rhel8 strace[867]: Can't open any entropy source

This issue is seen on both TAMLAB infrastructure ("Intel(R) Xeon(R) Silver 4314 CPU @ 2.40GHz") and some customer systems ("Intel(R) Xeon(R) CPU E5-2690 v4 @ 2.60GHz").

I could find out that 6 to 7 seconds were necessary to initialize:

[jitter]: jent_read_entropy time on cpu 0 is 6.460196247000e+00 sec
[jitter]: jent_read_entropy time on cpu 1 is 7.472291598000e+00 sec

Since the code uses CPU computation, I don't know if the issue is due to the CPUs used or if it's VMWare specific. For sure on my laptop having QEMU/KVM VMs and running "Intel Xeon Processor (Cooperlake)" CPU, only 3.5 seconds are required to initialize.

If such long time is required, then it's necessary to amend the default RNGD_ARGS line to enlarge the Jitter timeout.

Please provide the package NVR for which bug is seen:

rng-tools-6.15-3.el8

How reproducible:

Always

Steps to reproduce

1. Install a VMWare VM
2. Configure rng-tools to disable rdrand in case CPU supports rdrand
3. Reboot the system

Expected results

No rngd.service failure

Actual results

rngd.service failure