Subject: Re: /dev/random often empty
To: Steven M. Bellovin <smb@cs.columbia.edu>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: port-xen
Date: 03/20/2007 18:19:51 
On Tue, Mar 20, 2007 at 09:44:59AM -0400, Steven M. Bellovin wrote:
>
> I've noticed similar problems.  I wonder if there should be a
> pseudo-device which draws entropy from the dom0.  (Dom0 has an emulated
> crypto device, but from the man page it doesn't include a random number
> generator.)

I don't understand.  "An emulated crypto device"?  I think you mean
swcrypto, but why is it relevant?

There is no standard interface for virtualizing access to cryptographic
devices -- or even providing a one-way stream of random data -- between
dom0 and domU.  I wrote one for xen2 but it wouldn't work with xen3 and
I don't have time to update it.

On the other hand, you can probably do what you want in userspace, if
you take note of two things:

1) User applications in general have no business asking for hard-random
   bits and hanging on a read from /dev/random (when it should be reading
   from /dev/urandom) is thus a bug in coda.

2) You *can* write to the random device node, it's just not counted in
   the entropy estimate.

Now, you can do something like this:

1) Increase the random pool size in your dom0 kernel via the relevant
   kernel config file option.

2) Fix coda and other broken consumers that insist on getting pool bits
   only when the entropy estimate is nonzero.  Alternately, modify the
   rnd pseudodevice code to count bytes inserted via writes to the device
   node in the entropy estimate -- but, personally, I would advise against
   this as there is no way to supply a meaningful entropy estimate with
   such writes, and there are in-kernel consumers that really _are_
   entitled to ask the pool what its entropy estimate is.

3) Modify your domU startup scripts that run in dom0 so that they do a
   remote login to the DomU via an SSH key or its moral equivalent, and
   then read some bytes from /dev/urandom on the dom0 and pump them
   into /dev/urandom on the domU.

That will get you the behavior you want, though it won't get you a
meaningful estimate of how much entropy has been pumped into the domU.

-- 
Thor Lancelot Simon	                               tls@rek.tjls.com
  "All of my opinions are consistent, but I cannot present them all
   at once."	-Jean-Jacques Rousseau, On The Social Contract