From: "Theodore Ts'o" <tytso@mit.edu>
To: Stephan Mueller <smueller@chronox.de>
Cc: noloader@gmail.com, linux-kernel@vger.kernel.org,
Herbert Xu <herbert@gondor.apana.org.au>,
andi@firstfloor.org, Sandy Harris <sandyinchina@gmail.com>,
cryptography@lakedaemon.net, jsd@av8n.com, hpa@zytor.com,
linux-crypto@vger.kernel.org
Subject: Re: [PATCH 3/3] random: add interrupt callback to VMBus IRQ handler
Date: Mon, 2 May 2016 08:56:09 -0400 [thread overview]
Message-ID: <20160502125609.GF4770@thunk.org> (raw)
In-Reply-To: <1465960.gVT9QnQ1pA@tauon.atsec.com>
On Mon, May 02, 2016 at 11:14:25AM +0200, Stephan Mueller wrote:
> The issue of rollback (if you refer to activating an earlier saved image of
> the guest) is a real issue the guest cannot do anything about it that is
> effective (i.e. the guest can do without the help of the VMM). Note, rollback
> is just a special case of a much broader issue of the duplication of the RNG
> state by the VMM (be it snapshots, move of a guest to another VMM,
> suspend/resume, ...). However, the patch to enable interrupts does not seem to
> be related to that issue as interrupts are not re-issued in case of rollbacks,
> are they?
Rollback is just a much broader issue of how can you maintain security
when the VMM is run by the NSA, and can do arbitrary things to mess
with the security of the guest OS (including reading keys straight out
of guest kernel memory, etc.). Hint: you can't. :-)
If we are talking about someone who is realistically trying to do
something useful with duplicating VMM state, I'm not aware of anyone
who is actually trying to clone a running VMM in order to launch new
worker nodes. People will clone disk snapshots to rapidly bring up
rapid nodes, and so making sure we have a way to handle cases where
you can't count on /var/state/random.seed on being useful is
important. The usual answer is to use something like virtio-rng, but
all of the answers are going to assume that the host system is
trustworthy.
If you are worried about a potential attack where the CIA has cut a
deal with Amazon AWS just as the NSA did with RSADSI and DUAL-EC DRBG,
you might as well go home...
- Ted
prev parent reply other threads:[~2016-05-02 12:56 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-02 6:26 [RFC PATCH 0/3] random: replace urandom pool with a CRNG Theodore Ts'o
2016-05-02 6:26 ` [PATCH 1/3] random: replace non-blocking pool with a Chacha20-based CRNG Theodore Ts'o
2016-05-03 8:50 ` Stephan Mueller
2016-05-04 16:54 ` Jeffrey Walton
2016-05-04 17:30 ` tytso
2016-05-04 17:52 ` H. Peter Anvin
2016-05-03 9:36 ` Stephan Mueller
2016-05-04 6:24 ` Stephan Mueller
2016-05-04 14:40 ` Jeffrey Walton
2016-05-04 17:49 ` tytso
2016-05-04 18:22 ` Jeffrey Walton
2016-05-04 18:29 ` H. Peter Anvin
2016-05-04 19:07 ` tytso
2016-05-04 20:53 ` H. Peter Anvin
2016-05-04 21:42 ` John Denker
2016-05-04 21:52 ` better patch for linux/bitops.h John Denker
2016-05-05 1:35 ` Jeffrey Walton
2016-05-05 2:41 ` H. Peter Anvin
2016-05-05 2:54 ` Jeffrey Walton
2016-05-05 3:08 ` H. Peter Anvin
2016-05-05 3:30 ` Jeffrey Walton
2016-05-05 3:50 ` Theodore Ts'o
2016-05-05 4:03 ` Jeffrey Walton
2016-05-05 6:35 ` H. Peter Anvin
2016-05-05 16:15 ` UB in general ... and linux/bitops.h in particular John Denker
2016-05-05 17:32 ` Andi Kleen
2016-05-06 2:25 ` Jeffrey Walton
2016-05-05 21:34 ` better patch for linux/bitops.h Sandy Harris
2016-05-05 22:18 ` tytso
2016-05-05 22:22 ` H. Peter Anvin
2016-05-05 22:38 ` H. Peter Anvin
2016-05-06 0:13 ` H. Peter Anvin
2016-05-04 21:56 ` [PATCH 1/3] random: replace non-blocking pool with a Chacha20-based CRNG H. Peter Anvin
2016-05-04 22:06 ` linux/bitops.h John Denker
2016-05-04 23:06 ` linux/bitops.h Andi Kleen
2016-05-05 0:13 ` linux/bitops.h John Denker
2016-05-05 1:20 ` linux/bitops.h Jeffrey Walton
2016-05-05 1:27 ` linux/bitops.h H. Peter Anvin
2016-05-05 0:30 ` linux/bitops.h H. Peter Anvin
2016-05-05 0:48 ` linux/bitops.h Linus Torvalds
2016-05-06 20:08 ` linux/bitops.h Sasha Levin
2016-05-06 20:07 ` linux/bitops.h Sasha Levin
2016-05-06 20:25 ` linux/bitops.h H. Peter Anvin
2016-05-06 20:30 ` linux/bitops.h H. Peter Anvin
2016-05-02 6:26 ` [PATCH 2/3] random: make /dev/urandom scalable for silly userspace programs Theodore Ts'o
2016-05-02 7:00 ` Stephan Mueller
2016-05-02 12:50 ` Theodore Ts'o
2016-05-02 13:48 ` Theodore Ts'o
2016-05-02 13:53 ` Stephan Mueller
2016-05-02 6:26 ` [PATCH 3/3] random: add interrupt callback to VMBus IRQ handler Theodore Ts'o
2016-05-02 9:00 ` Jeffrey Walton
2016-05-02 9:14 ` Stephan Mueller
2016-05-02 12:56 ` Theodore Ts'o [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160502125609.GF4770@thunk.org \
--to=tytso@mit.edu \
--cc=andi@firstfloor.org \
--cc=cryptography@lakedaemon.net \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=jsd@av8n.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=noloader@gmail.com \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).