[edk2-devel] privileged entropy sources in QEMU/KVM guests
Paolo Bonzini
pbonzini at redhat.com
Thu Nov 7 12:50:13 UTC 2019
On 07/11/19 12:55, Daniel P. Berrangé wrote:
>> Yes, I would make SMM use a cryptographic pseudo-random number generator
>> and seed it from virtio-rng from DXE, way before the OS starts and can
>> "attack" it.
>>
>> Once you've gotten a seed, you can create a CSPRNG with a stream cipher
>> such as ChaCha20, which is literally 30 lines of code.
> If all we need is a one-time seed then virtio-rng is possibly overkill as
> that provides a continuous stream. Instead could QEMU read a few bytes
> from the host's /dev/urandom and pass it to EDK via fw_cfg, which can
> use it for the CSPRNG seed. EDK would have to erase the fw_cfg field
> to prevent the seed value leaking to the guest OS, but other than that
> its quite straightforward.
That would need anyway a change to the emulated hardware. If the guest
is able to use virtio-rng after the firmware exits (which is the case is
all the firmware needs is a one-time seed), then using virtio-rng is the
simplest alternative as it needs no change at all outside the firmware.
Paolo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#50211): https://edk2.groups.io/g/devel/message/50211
Mute This Topic: https://groups.io/mt/45640732/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list