From mboxrd@z Thu Jan 1 00:00:00 1970 From: "H. Peter Anvin" Subject: Re: random: Providing a seed value to VM guests Date: Thu, 01 May 2014 15:46:20 -0700 Message-ID: <5362CEBC.9090705@zytor.com> References: <20140501192618.GA25829@thunk.org> <900441a0-24e8-4976-ad35-3971805b9f34@email.android.com> <20140501203910.GB25829@thunk.org> <5362B618.50602@zytor.com> <20140501222832.GD25829@thunk.org> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit To: Andy Lutomirski , "Theodore Ts'o" , "linux-kernel@vger.kernel.org" , kvm list , Florian Weimer , Kees Cook Return-path: In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On 05/01/2014 03:32 PM, Andy Lutomirski wrote: > On Thu, May 1, 2014 at 3:28 PM, wrote: >> On Thu, May 01, 2014 at 02:06:13PM -0700, Andy Lutomirski wrote: >>> >>> I still don't see the point. What does this do better than virtio-rng? >> >> I believe you had been complaining about how complicated it was to set >> up virtio? And this complexity is also an issue if we want to use it >> to initialize the RNG used for the kernel text ASLR --- which has to >> be done very early in the boot process, and where making something as >> simple as possible is a Good Thing. > > It's complicated, so it won't be up until much later in the boot > process. This is completely fine for /dev/random, but it's a problem > for /dev/urandom, ASLR, and such. > >> >> And since we would want to use RDRAND/RDSEED if it is available >> *anyway*, perhaps in combination with other things, why not use the >> RDRAND/RDSEED interface? > > Because it's awkward. I don't think it simplifies anything. > It greatly simplifies discovery, which is a Big Deal[TM] in early code. -hpa