| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 May 2008 13:25:09 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: Johannes Berg <johannes@...solutions.net> CC: Rusty Russell <rusty@...tcorp.com.au>, virtualization@...ts.linux-foundation.org, Jeff Garzik <jeff@...zik.org>, Herbert Xu <herbert@...dor.apana.org.au>, Christian Borntraeger <borntraeger@...ibm.com>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH 2/2] lguest: virtio-rng support Johannes Berg wrote: >> + >> +/* Our random number generator device reads from /dev/urandom into the Guest's >> + * input buffers. The usual case is that the Guest doesn't want random numbers >> + * and so has no buffers although /dev/urandom is still readable, whereas >> + * console is the reverse. > > Is it really a good idea to use the hosts /dev/urandom to fill the > guests /dev/random? Only if you have an entropy estimate to go with it. It's still dubious, though: the guests own pool will do its own mixing, so you might as well pull from /dev/random in the host as being a genuine entropy source and only add what entropy is available. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists