Re: IRQF_SAMPLE_RANDOM question...

From: Jeremy Fitzhardinge
Date: Tue Apr 07 2009 - 04:28:04 EST

Next message: Peter Zijlstra: "RE: [patch 03/20] x86, ptrace, bts: defer branch trace stopping"
Previous message: KAMEZAWA Hiroyuki: "Re: [RFI] Shared accounting for memory resource controller"
In reply to: Jeff Garzik: "Re: IRQF_SAMPLE_RANDOM question..."
Next in thread: Robin Getz: "Re: IRQF_SAMPLE_RANDOM question..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jeff Garzik wrote:

Stephen Hemminger wrote:
The real problem one is xen-netfront. Because 1) it is least random,
the attacker might be another VM 2) the VM is most in need of random
samples because it doesn't have real hardware.

Agreed.

I'm surprised Xen doesn't use virtio-rng. I guess it needs a special Xen paravirt driver for randomness.

Yes, sampling randomness in a PV driver is pretty pointless. We could do the guest end of an entropy sink entirely in usermode, but at present there's no dom0 support for an entropy source.

J
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter Zijlstra: "RE: [patch 03/20] x86, ptrace, bts: defer branch trace stopping"
Previous message: KAMEZAWA Hiroyuki: "Re: [RFI] Shared accounting for memory resource controller"
In reply to: Jeff Garzik: "Re: IRQF_SAMPLE_RANDOM question..."
Next in thread: Robin Getz: "Re: IRQF_SAMPLE_RANDOM question..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]