Random numbers and virtual-machine forks

Posted Mar 13, 2022 22:32 UTC (Sun) by NYKevin (subscriber, #129325)
In reply to: Random numbers and virtual-machine forks by Otus
Parent article: Random numbers and virtual-machine forks

Unfortunately, there are/were CPUs that don't properly implement RDRAND, but lie and say they do: https://arstechnica.com/gadgets/2019/10/how-a-months-old-...

Random numbers and virtual-machine forks

Posted Mar 14, 2022 6:06 UTC (Mon) by Otus (subscriber, #67685) [Link] (2 responses)

I believe the kernel marks those as not supporting RDRAND these days? Again, even a cycle counter would be enough here, since it's not about the entropy.

Random numbers and virtual-machine forks

Posted Mar 14, 2022 8:43 UTC (Mon) by Wol (subscriber, #4433) [Link] (1 responses)

Read the article. It's NOT enough.

All it takes is an application (which doesn't know) to access RDRAND directly, and you're in trouble.

The article gives the example of Wireguard, which when it hits one of these, locks the system HARD. Actually, that could possibly be behind why my system locks up every now and then ...

Cheers,
Wol

Random numbers and virtual-machine forks

Posted Mar 14, 2022 16:11 UTC (Mon) by Otus (subscriber, #67685) [Link]

Ah yes, it's combining two things. The CRNG reseed could be done differently. The application reseed must happen and requires new functionality.

I do wonder if the latter should be something more generic (not tied to vmid), since I can easily imagine other cases where you might want to tell everyone to reseed. For example, if you are using something like systemd-random-seed.service to feed entropy you trust more than the kernel's entropy collection during boot.

But anyway, that's just academical, clearly something like this is required. Thanks.