On Tue, Dec 09, 2014 at 08:17:24AM -0700, Eric Blake wrote:
On 12/09/2014 08:07 AM, Daniel P. Berrange wrote:
> On Tue, Dec 09, 2014 at 08:03:13AM -0700, Eric Blake wrote:
>> Now that Linux has a syscall for getting secure random bytes, should we
>> use that when available in our src/util/virrandom.c implementation?
>
> Yes, we should. I remember reading a few weeks back that someone found
> our current random seed is rather predictable when the libvirt host is
> booted from a cut-down image running systemd. Since there is no longer
> 1000000000 lines of shell in the init process the initial PIDs are very
> stable across each boot attempt.
>
> The question is how should we make use of it ? Should we use it as the
> seed for initstate_r, or just use it for virRandomBits directly ?
I think using it just to set the seed is sufficient - I don't know if
using ALL our random bits from the syscall would drain resources that
might starve other processes, and we are leaving the crypto code to
libraries that probably have their own rules on how they get their
random values secure enough for their needs. So minimizing our use to
just the seeding process will play nicer with other processes, give us
less predictability at startup, and still be something that we can
easily override during debugging to get a fixed random sequence if it is
ever needed (we have some #if code that is normally off, but can be
turned on to generated a repeatable sequence from a fixed seed; using
the syscall all the time would defeat that if we ever hit a situation of
needing fixed-sequence debugging).
Agreed, that sounds reasonable
Regards,
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|:
http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc :|