From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christopher Covington Subject: Re: Standardizing an MSR or other hypercall to get an RNG seed? Date: Mon, 22 Sep 2014 09:33:41 -0400 Message-ID: <54202535.2030702@codeaurora.org> References: <541C765B.5050705@codeaurora.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: virtualization-bounces@lists.linux-foundation.org Errors-To: virtualization-bounces@lists.linux-foundation.org To: Andy Lutomirski Cc: Theodore Ts'o , kvm list , Gleb Natapov , Linux Virtualization , "H. Peter Anvin" , Paolo Bonzini List-Id: virtualization@lists.linuxfoundation.org On 09/19/2014 02:42 PM, Andy Lutomirski wrote: > On Fri, Sep 19, 2014 at 11:30 AM, Christopher Covington > wrote: >> On 09/17/2014 10:50 PM, Andy Lutomirski wrote: >>> Hi all- >>> >>> I would like to standardize on a very simple protocol by which a guest >>> OS can obtain an RNG seed early in boot. >>> >>> The main design requirements are: >>> >>> - The interface should be very easy to use. Linux, at least, will >>> want to use it extremely early in boot as part of kernel ASLR. This >>> means that PCI and ACPI will not work. >> >> How do non-virtual systems get entropy this early? RDRAND/Padlock? Truerand? >> Could hypervisors and simulators simply make sure these work? >> > > If RDRAND is available, then Linux, at least, will use it. The rest > are too complicated for early use. Linux on x86 plays some vaguely > clever games with rdtsc and poking at the i8254 port. I just wanted to check that it couldn't be as simple as giving one or both of the timers random initial values. Christopher -- Employee of Qualcomm Innovation Center, Inc. Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, hosted by the Linux Foundation.