|| ||"H. Peter Anvin" <hpa-AT-zytor.com>|
|| ||Rusty Russell <rusty-AT-rustcorp.com.au>|
|| ||Re: [PATCH 2/2] lguest: virtio-rng support|
|| ||Fri, 16 May 2008 21:50:31 -0700|
|| ||Theodore Tso <tytso-AT-mit.edu>, Herbert Xu <herbert-AT-gondor.apana.org.au>,
Jeff Garzik <jeff-AT-garzik.org>, LKML <linux-kernel-AT-vger.kernel.org>,
Christian Borntraeger <borntraeger-AT-de.ibm.com>,
Matt Mackall <mpm-AT-selenic.com>,
Johannes Berg <johannes-AT-sipsolutions.net>|
Rusty Russell wrote:
> On Friday 16 May 2008 20:49:41 Johannes Berg wrote:
>>> +/* Our random number generator device reads from /dev/urandom into the Guest's
>>> + * input buffers. The usual case is that the Guest doesn't want random numbers
>>> + * and so has no buffers although /dev/urandom is still readable, whereas
>>> + * console is the reverse.
>> Is it really a good idea to use the hosts /dev/urandom to fill the
>> guests /dev/random?
> Technically it's up to rngd in the guest to decide whether to feed entropy
> or not (ie. /dev/urandom or /dev/random).
Uhm, no. It's not. Unless the host provides actual entropy
information, you have a security hole.
> If we use /dev/random in the host, we risk a DoS. But since /dev/random
> is 0666 on my system, perhaps noone actually cares?
/dev/random = give me actual entropy, if you have some.
/dev/urandom = give me what you have, regardless of quality.
There is no point in feeding the host /dev/urandom to the guest (except
for seeding, which can be handled through other means); it will do its
own mixing anyway. The reason to provide anything at all from the host
is to give it "golden" entropy bits.
to post comments)