[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy

To: Anil Madhavapeddy <anil@xxxxxxxxxx>
From: Dave Scott <Dave.Scott@xxxxxxxxxx>
Date: Fri, 21 Nov 2014 10:43:00 +0000
Accept-language: en-GB, en-US
Cc: Nicolas Ojeda Bar <no263@xxxxxxxxxxxxxxx>, "mirageos-devel@xxxxxxxxxxxxxxxxxxxx" <mirageos-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 21 Nov 2014 10:43:06 +0000
List-id: Developer list for MirageOS <mirageos-devel.lists.xenproject.org>
Thread-index: AQHQBBlY0CzpHy/a9Em0bx5OuUc2y5xoHEaAgAAEzICAAAC9gIAAAKuAgAG1JACAAMi2AIAAMxAAgAACcICAAAEIgA==
Thread-topic: [MirageOS-devel] vchan hackers wanted for mirage-entropy

> On 21 Nov 2014, at 10:39, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote:
> 
> On 21 Nov 2014, at 10:30, Hannes Mehnert <hannes@xxxxxxxxxxx> wrote:
>> 
>> While this is better than the current implementation (which uses
>> OCaml's Random, which on Xen is seeded very deterministic if I
>> understand that code correctly
>> https://github.com/ocaml/ocaml/blob/638a953bcf61678307fa5d0e1a969aaaf3f1ab20/byterun/sys.c#L364),
>> it is too easy to get it wrong (running the same unikernel image
>> several times with the same seed) that I don't feel comfortable to
>> ship mirage(-tls) with that.
> 
> Bear in mind that we need some sort of a non-vchan solution for
> existing VMs even when the vchan solution does work, to cope with
> existing cloud providers.
> 
> We just need to augment the one-time-pad here with some more 
> Xen-specific environmental sources.  There may be some inspiration
> here:
> 
> http://www.ieee-security.org/TC/SP2014/papers/Not-So-RandomNumbersinVirtualizedLinuxandtheWhirlwindRNG.pdf
> 
> Another alternative we could do in the short-term is just to pass
> the 16 bytes-every-10-minutes directly via Xenstore instead of a
> full-blown Vchan.  This would just require a daemon in dom0 to be
> run that does this.

Since it needs tidying up anyway, Iâll take a look at the xenstore client code 
today and try to make it as easy as possible to write code like this. The 
internal details of the @introduceDomain watch are a bit ugly but hopefully I 
can hide them away.

Cheers,
Dave


>  The paper above also notes that the Xenstore
> hooks are useful to reinject fresh entropy upon suspend/resume,
> which couldn't be done easily in a pure vchan solution.
> 
> -anil
> _______________________________________________
> MirageOS-devel mailing list
> MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
> http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel

_______________________________________________
MirageOS-devel mailing list
MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel

References:
- [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Hannes Mehnert
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Anil Madhavapeddy
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Nicolas Ojeda Bar
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Anil Madhavapeddy
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Nicolas Ojeda Bar
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Nicolas Ojeda Bar
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Nicolas Ojeda Bar
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Hannes Mehnert
- Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
  - From: Anil Madhavapeddy

Prev by Date: Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
Next by Date: Re: [MirageOS-devel] Irmin roadmap
Previous by thread: Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
Next by thread: Re: [MirageOS-devel] vchan hackers wanted for mirage-entropy
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.