Am 06.06.2014 11:50, schrieb Florian Weimer: > On 05/05/2014 04:35 PM, Lennart Poettering wrote: >> Hmm? Well, a virtualized OS has to trust the hypervisor, there's no way >> around that. > > I'm referring to this: > > * This function will use the architecture-specific hardware random > * number generator if it is available. The arch-specific hw RNG will > * almost certainly be faster than what we can do in software, but it > * is impossible to verify that it is implemented securely (as > * opposed, to, say, the AES encryption of a sequence number using a > * key known by the NSA). So it's useful if we need the speed, but > * only if we're willing to trust the hardware manufacturer not to > * have put in a back door. > > I think this is the reason why the pool isn't considered initialized even if > its contents has been randomized with > RDRAND or similar instructions. > > I wouldn't be surprised if these minds have a similar concern about > randomness coming from a hypervisor
if you don't trust the underlying hardware and hypervisor you are lost in any case, that's a battle you can't win and in that context the random numbers are your smallest problem at all
signature.asc
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel