Re: regarding the changes to kernel entropy gathering

To: Havard Eidnes <he%NetBSD.org@localhost>, kre%munnari.OZ.AU@localhost
Subject: Re: regarding the changes to kernel entropy gathering
From: Brian Buhrow <buhrow%nfbcal.org@localhost>
Date: Sun, 4 Apr 2021 18:47:23 -0700

Hello.  As I understand it, Greg ran into this problem on a xen domu.  In checking my NetBSD-9
system running as a domu under xen-4.14.1, there is no rdrand or rdseed feature exposed to
domu's by xen.  This observation is confirmed by looking at the xen command line reference
page: https://xenbits.xen.org/docs/unstable/misc/xen-command-line.html

	So, it seems the best answer is to update our documentation to say that the xen
hypervisor, by default, doesn't provide the rdrand and rdseed instructions to the xen guests
and NetBSD doesn't trust the random sources provided by the xennet(4) and xbd(4) drivers.
Therefore, the only solution to get randomness working for the first time on a newlyinstalled
domu is to write 32 bytes to /dev/random.
-thanks
-Brian

Follow-Ups:
- Re: regarding the changes to kernel entropy gathering
  - From: Greg A. Woods
- Re: regarding the changes to kernel entropy gathering
  - From: Manuel Bouyer

References:
- Re: regarding the changes to kernel entropy gathering
  - From: Havard Eidnes

Prev by Date: Re: regarding the changes to kernel entropy gathering
Next by Date: Re: regarding the changes to kernel entropy gathering
Previous by Thread: Re: regarding the changes to kernel entropy gathering
Next by Thread: Re: regarding the changes to kernel entropy gathering
Indexes:

Home | Main Index | Thread Index | Old Index