Proposed F19 Feature: Virtio RNG

Bill Nottingham notting at redhat.com
Fri Feb 1 21:39:17 UTC 2013


Jaroslav Reznik (jreznik at redhat.com) said: 
> Feature owner(s): Cole Robinson <crobinso at redhat.com>, Amit Shah 
> <amit.shah at redhat.com>
> 
> Provide a paravirtual random number generator to virtual machines, to prevent 
> entropy starvation in guests.  
> 
> == Detailed description ==
> The linux kernel collects entropy from various non-deterministic hardware 
> events, like mouse and keyboard input, and network traffic. This entropy is then 
> exposed through /dev/random, commonly used by cryptographic applications that 
> need true randomness to maintain security. However if more entropy is being 
> consumed than is being produced, we have entropy starvation: reading from 
> /dev/random will block, which can cause a denial of service. A common example 
> here is use of /dev/random by SSL in various services.
> 
> VirtIO RNG (random number generator) is a paravirtualized device that is 
> exposed as a hardware RNG device to the guest. Virtio RNG just appears as a 
> regular hardware RNG to the guest, which the kernel reads from to fill its 
> entropy pool. This effectively allows a host to inject entropy into a guest via 
> several means: The default mode uses the host's /dev/random, but a physical HW 
> RNG device or EGD (Entropy Gathering Daemon) source can also be used. 

What exactly feeds /dev/random in the guest in the cases where this doesn't
exist, and how do we cope with this obviously making /dev/random exhaustion
in the host much more likely? (Other than assume that a HW RNG is in the
host.)

Given FIPS paranoia about RNG sources, does this have knock-on effects in
the FIPS compliance of guests depending on how it's fed in the host?

Bill



More information about the devel mailing list