Hi Holger, On Thu, May 24, 2018 at 09:06:27AM +0000, Holger Levsen wrote: > > > Do we have a reasonablish way of telling whether a system is “real” > > > hardware or a virtual machine, and choose whether to install haveged or > > > not > > > accordingly? > > why only install it on physical machines? IME haveged is useful on real > *and* virtual machines.
Regardless of the platform, haveged will put data into random(4) and use the appropriate ioctl to increase the entropy counter, which is useful in that it prevents random(4) from “running out” of entropy. [0] On virtual machines, however, the data that the HAVEGE algorithm produces is not necessarily unpredictable [1]; hence, we shouldn't install haveged on those environments. Moreover, on virtual machines, the host virtualization system should provide entropy to its guests, for instance through virtio-rng (which can be picked up with rngd). TL;DR: On VMs, haveged might be unsafe, depending on the virtualization environment's configuration, and we (d-i/tasksel) do not have enough information available to make that call. Best, nicoo [0]: Gods, this is painful to write. There is no reason for random(4) to ever “run out” of entropy once initialized, but for some misconceptions about cryptography; however, this is the implemented behaviour and we kinda have to live with it for now. [1]: https://tls.mbed.org/tech-updates/security-advisories/polarssl-security-advisory-2011-02 is an example of the same algorithm failing on VMs.