OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

virtio-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [virtio-dev] Re: [PATCH RFC 0/3] virtio-rng based entropy leak reporting

Hi Michael,

On 12/1/23 08:02, Michael S. Tsirkin wrote:

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



On Mon, Nov 21, 2022 at 11:30:19AM -0500, Michael S. Tsirkin wrote:

Generally, entropy only grows. However, there are cases where
it goes down - for example, consider generating a one time
pad where someone managed to use a side channel to
steal its contents. By combining the seemingly random
pad with the stolen contents we have reversed the entropy.

This actually happens within VMs e.g. when time is reversed due
to snapshoting. Existing approaches for VMs include Microsoft's
VM GEN ID.

This draft proposes a feature in virtio rng for reporting such
leaks.

Patches 1,2 refactor existing draft text. Patch 3 adds new functionality.

TODO:
       document theory of operation
       add conformance clauses

Guys any input on this? Anyone going to use this?
I plan to post an RFC patch for linux virtio-rng show-casing this with Firecracker, this week. Also, I had sent an e-mail: https://www.mail-archive.com/virtio-dev@lists.oasis-open.org/msg09128.html with some questions, 
not sure whether you missed it?


Michael S. Tsirkin (3):
   rng: move to a file of its own
   rng: be specific about the virtqueue
   rng: leak detection support

  content.tex    |  43 +--------------------
  virtio-rng.tex | 102 +++++++++++++++++++++++++++++++++++++++++++++++++
  2 files changed, 103 insertions(+), 42 deletions(-)
  create mode 100644 virtio-rng.tex

--
MST



---------------------------------------------------------------------
To unsubscribe, e-mail: virtio-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: virtio-dev-help@lists.oasis-open.org



Cheers,
Babis


Amazon Spain Services sociedad limitada unipersonal, Calle Ramirez de Prado 5, 28045 Madrid. Registro Mercantil de Madrid . Tomo 22458 . Folio 102 . Hoja M-401234 . CIF B84570936

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]