From: Jeffrey Walton <noloader@gmail.com>
To: "Theodore Ts'o" <tytso@mit.edu>
Cc: linux-kernel@vger.kernel.org,
Stephan Mueller <smueller@chronox.de>,
Herbert Xu <herbert@gondor.apana.org.au>,
andi@firstfloor.org, Sandy Harris <sandyinchina@gmail.com>,
cryptography@lakedaemon.net, jsd@av8n.com, hpa@zytor.com,
linux-crypto@vger.kernel.org,
Stephan Mueller <stephan.mueller@atsec.com>
Subject: Re: [PATCH 3/3] random: add interrupt callback to VMBus IRQ handler
Date: Mon, 2 May 2016 05:00:47 -0400 [thread overview]
Message-ID: <CAH8yC8nFUm6-+AhYWCHiLCucCbcOu5Hba21tzAaonVyH6OZOAA@mail.gmail.com> (raw)
In-Reply-To: <1462170413-7164-4-git-send-email-tytso@mit.edu>
On Mon, May 2, 2016 at 2:26 AM, Theodore Ts'o <tytso@mit.edu> wrote:
> From: Stephan Mueller <smueller@chronox.de>
>
> The Hyper-V Linux Integration Services use the VMBus implementation for
> communication with the Hypervisor. VMBus registers its own interrupt
> handler that completely bypasses the common Linux interrupt handling.
> This implies that the interrupt entropy collector is not triggered.
> ...
Stephan correctly identified the problem of virtualized environments
in his paper, but there does not appear to be any real defenses in
place for VM rollback attacks.
Perhpas the following will make interesting reading:
* When Virtual is Harder than Real: Security Challenges in Virtual
Machine Based Computing Environments,
https://www.usenix.org/legacy/event/hotos05/final_papers/full_papers/garfinkel/garfinkel.pdf
* When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities
and Hedging Deployed Cryptography,
http://pages.cs.wisc.edu/~rist/papers/sslhedge.pdf
Jeff
next prev parent reply other threads:[~2016-05-02 9:00 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-02 6:26 [RFC PATCH 0/3] random: replace urandom pool with a CRNG Theodore Ts'o
2016-05-02 6:26 ` [PATCH 1/3] random: replace non-blocking pool with a Chacha20-based CRNG Theodore Ts'o
2016-05-03 8:50 ` Stephan Mueller
2016-05-04 16:54 ` Jeffrey Walton
2016-05-04 17:30 ` tytso
2016-05-04 17:52 ` H. Peter Anvin
2016-05-03 9:36 ` Stephan Mueller
2016-05-04 6:24 ` Stephan Mueller
2016-05-04 14:40 ` Jeffrey Walton
2016-05-04 17:49 ` tytso
2016-05-04 18:22 ` Jeffrey Walton
2016-05-04 18:29 ` H. Peter Anvin
2016-05-04 19:07 ` tytso
2016-05-04 20:53 ` H. Peter Anvin
2016-05-04 21:42 ` John Denker
2016-05-04 21:52 ` better patch for linux/bitops.h John Denker
2016-05-05 1:35 ` Jeffrey Walton
2016-05-05 2:41 ` H. Peter Anvin
2016-05-05 2:54 ` Jeffrey Walton
2016-05-05 3:08 ` H. Peter Anvin
2016-05-05 3:30 ` Jeffrey Walton
2016-05-05 3:50 ` Theodore Ts'o
2016-05-05 4:03 ` Jeffrey Walton
2016-05-05 6:35 ` H. Peter Anvin
2016-05-05 16:15 ` UB in general ... and linux/bitops.h in particular John Denker
2016-05-05 17:32 ` Andi Kleen
2016-05-06 2:25 ` Jeffrey Walton
2016-05-05 21:34 ` better patch for linux/bitops.h Sandy Harris
2016-05-05 22:18 ` tytso
2016-05-05 22:22 ` H. Peter Anvin
2016-05-05 22:38 ` H. Peter Anvin
2016-05-06 0:13 ` H. Peter Anvin
2016-05-04 21:56 ` [PATCH 1/3] random: replace non-blocking pool with a Chacha20-based CRNG H. Peter Anvin
2016-05-04 22:06 ` linux/bitops.h John Denker
2016-05-04 23:06 ` linux/bitops.h Andi Kleen
2016-05-05 0:13 ` linux/bitops.h John Denker
2016-05-05 1:20 ` linux/bitops.h Jeffrey Walton
2016-05-05 1:27 ` linux/bitops.h H. Peter Anvin
2016-05-05 0:30 ` linux/bitops.h H. Peter Anvin
2016-05-05 0:48 ` linux/bitops.h Linus Torvalds
2016-05-06 20:08 ` linux/bitops.h Sasha Levin
2016-05-06 20:07 ` linux/bitops.h Sasha Levin
2016-05-06 20:25 ` linux/bitops.h H. Peter Anvin
2016-05-06 20:30 ` linux/bitops.h H. Peter Anvin
2016-05-02 6:26 ` [PATCH 2/3] random: make /dev/urandom scalable for silly userspace programs Theodore Ts'o
2016-05-02 7:00 ` Stephan Mueller
2016-05-02 12:50 ` Theodore Ts'o
2016-05-02 13:48 ` Theodore Ts'o
2016-05-02 13:53 ` Stephan Mueller
2016-05-02 6:26 ` [PATCH 3/3] random: add interrupt callback to VMBus IRQ handler Theodore Ts'o
2016-05-02 9:00 ` Jeffrey Walton [this message]
2016-05-02 9:14 ` Stephan Mueller
2016-05-02 12:56 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAH8yC8nFUm6-+AhYWCHiLCucCbcOu5Hba21tzAaonVyH6OZOAA@mail.gmail.com \
--to=noloader@gmail.com \
--cc=andi@firstfloor.org \
--cc=cryptography@lakedaemon.net \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=jsd@av8n.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
--cc=stephan.mueller@atsec.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).