Source-Changes-D archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/sys/arch/xen/xen



On Tue, Mar 03, 2009 at 03:02:46PM -0500, Perry E. Metzger wrote:
> > Log Message:
> > Fix rnd(4) support for Xen3 xennet
> > Add rnd(4) support to Xen3 xbd
> > Should fix port-xen/40739.
> >
> >
> > To generate a diff of this commit:
> > cvs rdiff -u -r1.33 -r1.34 src/sys/arch/xen/xen/if_xennet_xenbus.c
> > cvs rdiff -u -r1.38 -r1.39 src/sys/arch/xen/xen/xbd_xenbus.c
> 
> This doesn't really fix things. What it does is fold what are possibly
> quite low entropy sources into the RNG, leading the naive user to
> believe that all is well. It is difficult to figure out whether or not
> this method will actually work well, which makes it dangerous in a
> security context -- the absence of proven problems is not the same as
> the proven absence of problems.

that's why they are disabled by default. For xennet I don't see it worse
than a real ethernet device in a bridge configuration. For xbd, I see it at
the same level as xennet, or eventually better if it has a dedicated
disk.

Note that Xen 2 domU have had xennet as possible source of entropy,
and xbd as entropy source by default (this is probably not a good idea)
since day one.

Anyway, we don't have much choise for entropy sources if one is needed ...
And it is, I think, well known that virtualisation has security issues
(at last on common x86 hardware).

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--


Home | Main Index | Thread Index | Old Index