Re: [PATCH v3 1/2] random: add mechanism for VM forks to reinitialize crng

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 25 Feb 2022 at 12:44, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
>
> On Fri, Feb 25, 2022 at 12:26 PM Ard Biesheuvel <ardb@xxxxxxxxxx> wrote:
> >
> > On Thu, 24 Feb 2022 at 14:39, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
> > >
> > > When a VM forks, we must immediately mix in additional information to
> > > the stream of random output so that two forks or a rollback don't
> > > produce the same stream of random numbers, which could have catastrophic
> > > cryptographic consequences. This commit adds a simple API, add_vmfork_
> > > randomness(), for that, by force reseeding the crng.
> > >
> > > This has the added benefit of also draining the entropy pool and setting
> > > its timer back, so that any old entropy that was there prior -- which
> > > could have already been used by a different fork, or generally gone
> > > stale -- does not contribute to the accounting of the next 256 bits.
> > >
> > > Cc: Dominik Brodowski <linux@xxxxxxxxxxxxxxxxxxxx>
> > > Cc: Theodore Ts'o <tytso@xxxxxxx>
> > > Cc: Jann Horn <jannh@xxxxxxxxxx>
> > > Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
> > > Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
> >
> > Acked-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
>
> Okay if I treat this as a Reviewed-by instead?

Sure no problem.

Reviewed-by: Ard Biesheuvel <ardb@xxxxxxxxxx>



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux