Port-xen archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: nothing contributing entropy in Xen domUs? or dom0!!!



On Wed, 31 Mar 2021, Greg A. Woods wrote:

Yes I did change that as well (as /var isn't part of the root partition).


I see. How did you change it? Because in 9.99 some things have changed:

	rndseed=/var/db/entropy-file

on a line of its own no longer works. You have to attach it to a
menu= line:

	menu=Boot normally:rndseed /var/db/entropy-file;boot

The same with some other directives like `gop='.

/etc/rc.d/random_seed will do this (again) later anyway.


Yes.

I know how to seed it -- but that's not the problem -- the hardware
should be providing plenty of entropy.


As riastradh@ mentioned, in 9.99 only true HWRNGs like RDSEED/RDRAND will
be used. Other, estimated, sources are no longer "counted". mrg@ says
your CPU doesn't have the necessary instructions, so that means no RNs
for you (on 9.99) ;).

cpuctl identify 0 should tell you if your CPU has RDSEED/RDRAND.

-RVP


Home | Main Index | Thread Index | Old Index