[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: privileged entropy sources in QEMU/KVM guests
|
From: |
Paolo Bonzini |
|
Subject: |
Re: privileged entropy sources in QEMU/KVM guests |
|
Date: |
Thu, 7 Nov 2019 13:50:13 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 |
On 07/11/19 12:55, Daniel P. Berrangé wrote:
>> Yes, I would make SMM use a cryptographic pseudo-random number generator
>> and seed it from virtio-rng from DXE, way before the OS starts and can
>> "attack" it.
>>
>> Once you've gotten a seed, you can create a CSPRNG with a stream cipher
>> such as ChaCha20, which is literally 30 lines of code.
> If all we need is a one-time seed then virtio-rng is possibly overkill as
> that provides a continuous stream. Instead could QEMU read a few bytes
> from the host's /dev/urandom and pass it to EDK via fw_cfg, which can
> use it for the CSPRNG seed. EDK would have to erase the fw_cfg field
> to prevent the seed value leaking to the guest OS, but other than that
> its quite straightforward.
That would need anyway a change to the emulated hardware. If the guest
is able to use virtio-rng after the firmware exits (which is the case is
all the firmware needs is a one-time seed), then using virtio-rng is the
simplest alternative as it needs no change at all outside the firmware.
Paolo
- privileged entropy sources in QEMU/KVM guests, Laszlo Ersek, 2019/11/07
- Re: privileged entropy sources in QEMU/KVM guests, Dr. David Alan Gilbert, 2019/11/07
- Re: privileged entropy sources in QEMU/KVM guests, Ard Biesheuvel, 2019/11/07
- Re: privileged entropy sources in QEMU/KVM guests, Laszlo Ersek, 2019/11/07
- Re: privileged entropy sources in QEMU/KVM guests, Paolo Bonzini, 2019/11/07
- Re: privileged entropy sources in QEMU/KVM guests, Laszlo Ersek, 2019/11/07
Re: privileged entropy sources in QEMU/KVM guests, Laszlo Ersek, 2019/11/07
Re: privileged entropy sources in QEMU/KVM guests, Daniel P . Berrangé, 2019/11/07