Re: [PATCH v3 1/5] x86,kvm: Add MSR_KVM_GET_RNG_SEED and a matching feature bit

From: Andy Lutomirski
Date: Thu Jul 17 2014 - 13:45:48 EST

Next message: Bob Beck: "Re: [PATCH, RFC] random: introduce getrandom(2) system call"
Previous message: Andrew Honig: "Re: [PATCH v3 1/5] x86,kvm: Add MSR_KVM_GET_RNG_SEED and a matching feature bit"
In reply to: Andrew Honig: "Re: [PATCH v3 1/5] x86,kvm: Add MSR_KVM_GET_RNG_SEED and a matching feature bit"
Next in thread: Andy Lutomirski: "[PATCH v3 2/5] random,x86: Add arch_get_slow_rng_u64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 17, 2014 at 10:43 AM, Andrew Honig <ahonig@xxxxxxxxxx> wrote:
>> + case MSR_KVM_GET_RNG_SEED:
>> + get_random_bytes(&data, sizeof(data));
>> + break;
>
> Should this be rate limited in the interest of conserving randomness?
> If there ever is an attack on the prng, this would create very
> favorable conditions for an attacker to exploit it.

IMO if the nonblocking pool has a weakness that requires us to
conserve its output, then this is the least of our worries.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bob Beck: "Re: [PATCH, RFC] random: introduce getrandom(2) system call"
Previous message: Andrew Honig: "Re: [PATCH v3 1/5] x86,kvm: Add MSR_KVM_GET_RNG_SEED and a matching feature bit"
In reply to: Andrew Honig: "Re: [PATCH v3 1/5] x86,kvm: Add MSR_KVM_GET_RNG_SEED and a matching feature bit"
Next in thread: Andy Lutomirski: "[PATCH v3 2/5] random,x86: Add arch_get_slow_rng_u64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]