On Wed, Jan 08, 2020 at 07:18:33PM -0500, Theodore Y. Ts'o wrote: > I was under the impression that Amazon provided virtio-rng support for > its VM's? Or does that not apply for their arm64 Vm's? If they do > support virtio-rng, it might just be an issue of building the cloud > kernel with that option enabled.
RDRAND is used for amd64, via the RANDOM_TRUST_CPU kernel config option. That is not available for arm64. The rough equivalent there is apparently RANDOM_TRUST_BOOTLOADER, which uses the EFI_RNG protocol. It's only available in Linux 5.4 at the moment, and not currently supported on EC2. It seems like we should consider backporting this. > Another approach would be to cherry pick 50ee7529ec45 ("random: try to > actively add entropy rather than passively wait for it"). I'm pretty > confident that it's probably fine ("it's fine. it's fine. Really, > it's fine") for x86. In particular, at least x86 has RDRAND, so even > if it's utterly predictable to someone who has detailed information > about the CPU's microarchitecture, it probably won't be a diaster. Thanks, this is worth looking at, at least in the absense of RANDOM_TRUST_BOOTLOADER. > Upstream, it's enabled for all architectures, because Linus thinks > hanging at boot is a worse problem than a insufficiently initialized > CRNG. I'm not at all convinced that it's safe for all ARM and RISC-V > CPU's. On the other hand, I don't think it's going to be any worse > that haveged (which I don't really trust on all architectures either), > and it has the advantage of not requiring any additional userspace > packages. ...Although this really isn't a ringing endorsement. :( noah