Re: virRandomBits - not very random

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 05/25/2018 09:17 AM, Michal Privoznik wrote:

We should probably seed it with data from /dev/urandom, and/or the new
Linux getrandom() syscall (or BSD equivalent).

I'm not quite sure that right after reboot there's going to be enough
entropy. Every service that's starting wants some random bits. But it's
probably better than what we have now.

Here's where we left things last time it came up:

https://www.redhat.com/archives/libvir-list/2014-December/msg00573.html

If gnutls has an interface that will give us random bits (gnutls_key_generate() in 3.0, perhaps), we should use THAT for all of our random bits (and forget about a seed), except when we are mocking things in our testsuite, and need a deterministic PRNG from a deterministic seed.

If not (including if we are not linked with gnutls), then we should prefer the new Linux syscall but fall back to /dev/urandom for JUST enough bits for a seed; once we're seeded, stick with using our existing PRNG for all future bits (after all, we aren't trying to generate cryptographically secure keys using virRandomBits - and the places where we DO need crypto-strong randomness such as setting up TLS migration is where we are relying on gnutls to provide it rather than virRandomBits).

So at this point, it's just a matter of someone writing the patches.

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users



[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux