On Tue, Dec 09, 2014 at 08:17:24AM -0700, Eric Blake wrote: > On 12/09/2014 08:07 AM, Daniel P. Berrange wrote: > > On Tue, Dec 09, 2014 at 08:03:13AM -0700, Eric Blake wrote: > >> Now that Linux has a syscall for getting secure random bytes, should we > >> use that when available in our src/util/virrandom.c implementation? > > > > Yes, we should. I remember reading a few weeks back that someone found > > our current random seed is rather predictable when the libvirt host is > > booted from a cut-down image running systemd. Since there is no longer > > 1000000000 lines of shell in the init process the initial PIDs are very > > stable across each boot attempt. > > > > The question is how should we make use of it ? Should we use it as the > > seed for initstate_r, or just use it for virRandomBits directly ? > > I think using it just to set the seed is sufficient - I don't know if > using ALL our random bits from the syscall would drain resources that > might starve other processes, and we are leaving the crypto code to > libraries that probably have their own rules on how they get their > random values secure enough for their needs. So minimizing our use to > just the seeding process will play nicer with other processes, give us > less predictability at startup, and still be something that we can > easily override during debugging to get a fixed random sequence if it is > ever needed (we have some #if code that is normally off, but can be > turned on to generated a repeatable sequence from a fixed seed; using > the syscall all the time would defeat that if we ever hit a situation of > needing fixed-sequence debugging). Agreed, that sounds reasonable Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list