Rusty Russell wrote:
> On Friday 16 May 2008 20:49:41 Johannes Berg wrote:
>>> +
>>> +/* Our random number generator device reads from /dev/urandom into the
>>> Guest's
>>> + * input buffers. The usual case is that the Guest doesn't want random
>>> numbers
>>> + * and so has no buffers although /dev/urandom is still readable, whereas
>>> + * console is the reverse.
>> Is it really a good idea to use the hosts /dev/urandom to fill the
>> guests /dev/random?
>
> Technically it's up to rngd in the guest to decide whether to feed entropy
> or not (ie. /dev/urandom or /dev/random).
Uhm, no. It's not. Unless the host provides actual entropy
information, you have a security hole.
> If we use /dev/random in the host, we risk a DoS. But since /dev/random
> is 0666 on my system, perhaps noone actually cares?
/dev/random = give me actual entropy, if you have some.
/dev/urandom = give me what you have, regardless of quality.
There is no point in feeding the host /dev/urandom to the guest (except
for seeding, which can be handled through other means); it will do its
own mixing anyway. The reason to provide anything at all from the host
is to give it "golden" entropy bits.
-hpa
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/virtualization
