lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 2 May 2016 08:56:09 -0400
From:	Theodore Ts'o <tytso@....edu>
To:	Stephan Mueller <smueller@...onox.de>
Cc:	noloader@...il.com, linux-kernel@...r.kernel.org,
	Herbert Xu <herbert@...dor.apana.org.au>, andi@...stfloor.org,
	Sandy Harris <sandyinchina@...il.com>,
	cryptography@...edaemon.net, jsd@...n.com, hpa@...or.com,
	linux-crypto@...r.kernel.org
Subject: Re: [PATCH 3/3] random: add interrupt callback to VMBus IRQ handler

On Mon, May 02, 2016 at 11:14:25AM +0200, Stephan Mueller wrote:
> The issue of rollback (if you refer to activating an earlier saved image of 
> the guest) is a real issue the guest cannot do anything about it that is 
> effective (i.e. the guest can do without the help of the VMM). Note, rollback 
> is just a special case of a much broader issue of the duplication of the RNG 
> state by the VMM (be it snapshots, move of a guest to another VMM, 
> suspend/resume, ...). However, the patch to enable interrupts does not seem to 
> be related to that issue as interrupts are not re-issued in case of rollbacks, 
> are they?

Rollback is just a much broader issue of how can you maintain security
when the VMM is run by the NSA, and can do arbitrary things to mess
with the security of the guest OS (including reading keys straight out
of guest kernel memory, etc.).   Hint: you can't.  :-)

If we are talking about someone who is realistically trying to do
something useful with duplicating VMM state, I'm not aware of anyone
who is actually trying to clone a running VMM in order to launch new
worker nodes.  People will clone disk snapshots to rapidly bring up
rapid nodes, and so making sure we have a way to handle cases where
you can't count on /var/state/random.seed on being useful is
important.  The usual answer is to use something like virtio-rng, but
all of the answers are going to assume that the host system is
trustworthy.

If you are worried about a potential attack where the CIA has cut a
deal with Amazon AWS just as the NSA did with RSADSI and DUAL-EC DRBG,
you might as well go home...

						- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ