Re: [PATCH 0/4] random,x86,kvm: Add and use MSR_KVM_GET_RNG_SEED

From: Daniel Borkmann
Date: Wed Jul 16 2014 - 03:10:48 EST

Next message: Thomas Gleixner: "Re: [patch 14/55] timekeeping: Provide internal ktime_t based data"
Previous message: Bean Huo: "[PATCH v4] mtd:nor:timeout:fix do_write_buffer() timeout error"
In reply to: Gleb Natapov: "Re: [PATCH 0/4] random,x86,kvm: Add and use MSR_KVM_GET_RNG_SEED"
Next in thread: Gleb Natapov: "Re: [PATCH 0/4] random,x86,kvm: Add and use MSR_KVM_GET_RNG_SEED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/16/2014 08:41 AM, Gleb Natapov wrote:

On Tue, Jul 15, 2014 at 07:48:06PM -0700, Andy Lutomirski wrote:

virtio-rng is both too complicated and insufficient for initial rng
seeding. It's far too complicated to use for KASLR or any other
early boot random number needs. It also provides /dev/random-style
bits, which means that making guest boot wait for virtio-rng is
unacceptably slow, and doing it asynchronously means that
/dev/urandom might be predictable when userspace starts.

This introduces a very simple synchronous mechanism to get
/dev/urandom-style bits.

Why can't you use RDRAND instruction for that?

You mean using it directly? I think simply for the very same reasons
as in c2557a303a ...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Thomas Gleixner: "Re: [patch 14/55] timekeeping: Provide internal ktime_t based data"
Previous message: Bean Huo: "[PATCH v4] mtd:nor:timeout:fix do_write_buffer() timeout error"
In reply to: Gleb Natapov: "Re: [PATCH 0/4] random,x86,kvm: Add and use MSR_KVM_GET_RNG_SEED"
Next in thread: Gleb Natapov: "Re: [PATCH 0/4] random,x86,kvm: Add and use MSR_KVM_GET_RNG_SEED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]