Re: [virtio-dev] Re: [PATCH RFC 0/3] virtio-rng based entropy leak reporting
On Mon, Jan 16, 2023 at 05:45:40PM +0100, Jason A. Donenfeld wrote: > Hey guys, > > Just FYI, I am still interested in this, but it's currently taken a > backseat while I focus on some other parts of the ecosystem. I'll be > back to moving this forward in March. > > Jason OK sure, no rush. I will drop this for now and just ping me when there's interest. -- MST - To unsubscribe, e-mail: virtio-dev-unsubscr...@lists.oasis-open.org For additional commands, e-mail: virtio-dev-h...@lists.oasis-open.org
Re: [virtio-dev] Re: [PATCH RFC 0/3] virtio-rng based entropy leak reporting
Hi Michael, On 12/1/23 08:02, Michael S. Tsirkin wrote: CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. On Mon, Nov 21, 2022 at 11:30:19AM -0500, Michael S. Tsirkin wrote: Generally, entropy only grows. However, there are cases where it goes down - for example, consider generating a one time pad where someone managed to use a side channel to steal its contents. By combining the seemingly random pad with the stolen contents we have reversed the entropy. This actually happens within VMs e.g. when time is reversed due to snapshoting. Existing approaches for VMs include Microsoft's VM GEN ID. This draft proposes a feature in virtio rng for reporting such leaks. Patches 1,2 refactor existing draft text. Patch 3 adds new functionality. TODO: document theory of operation add conformance clauses Guys any input on this? Anyone going to use this? I plan to post an RFC patch for linux virtio-rng show-casing this with Firecracker, this week. Also, I had sent an e-mail: https://www.mail-archive.com/virtio-dev@lists.oasis-open.org/msg09128.html with some questions, not sure whether you missed it? Michael S. Tsirkin (3): rng: move to a file of its own rng: be specific about the virtqueue rng: leak detection support content.tex| 43 + virtio-rng.tex | 102 + 2 files changed, 103 insertions(+), 42 deletions(-) create mode 100644 virtio-rng.tex -- MST - To unsubscribe, e-mail: virtio-dev-unsubscr...@lists.oasis-open.org For additional commands, e-mail: virtio-dev-h...@lists.oasis-open.org Cheers, Babis Amazon Spain Services sociedad limitada unipersonal, Calle Ramirez de Prado 5, 28045 Madrid. Registro Mercantil de Madrid . Tomo 22458 . Folio 102 . Hoja M-401234 . CIF B84570936
[virtio-dev] Re: [PATCH RFC 0/3] virtio-rng based entropy leak reporting
On Mon, Nov 21, 2022 at 11:30:19AM -0500, Michael S. Tsirkin wrote: > Generally, entropy only grows. However, there are cases where > it goes down - for example, consider generating a one time > pad where someone managed to use a side channel to > steal its contents. By combining the seemingly random > pad with the stolen contents we have reversed the entropy. > > This actually happens within VMs e.g. when time is reversed due > to snapshoting. Existing approaches for VMs include Microsoft's > VM GEN ID. > > This draft proposes a feature in virtio rng for reporting such > leaks. > > Patches 1,2 refactor existing draft text. Patch 3 adds new functionality. > > TODO: > document theory of operation > add conformance clauses Guys any input on this? Anyone going to use this? > > Michael S. Tsirkin (3): > rng: move to a file of its own > rng: be specific about the virtqueue > rng: leak detection support > > content.tex| 43 + > virtio-rng.tex | 102 + > 2 files changed, 103 insertions(+), 42 deletions(-) > create mode 100644 virtio-rng.tex > > -- > MST > - To unsubscribe, e-mail: virtio-dev-unsubscr...@lists.oasis-open.org For additional commands, e-mail: virtio-dev-h...@lists.oasis-open.org