Re: lack of boot-time entropy on arm64 ec2 instances
On Wed, Jan 08, 2020 at 07:18:33PM -0500, Theodore Y. Ts'o wrote:
> I was under the impression that Amazon provided virtio-rng support for
> its VM's? Or does that not apply for their arm64 Vm's? If they do
> support virtio-rng, it might just be an issue of building the cloud
> kernel with that option enabled.
RDRAND is used for amd64, via the RANDOM_TRUST_CPU kernel config option.
That is not available for arm64. The rough equivalent there is
apparently RANDOM_TRUST_BOOTLOADER, which uses the EFI_RNG protocol.
It's only available in Linux 5.4 at the moment, and not currently
supported on EC2. It seems like we should consider backporting this.
> Another approach would be to cherry pick 50ee7529ec45 ("random: try to
> actively add entropy rather than passively wait for it"). I'm pretty
> confident that it's probably fine ("it's fine. it's fine. Really,
> it's fine") for x86. In particular, at least x86 has RDRAND, so even
> if it's utterly predictable to someone who has detailed information
> about the CPU's microarchitecture, it probably won't be a diaster.
Thanks, this is worth looking at, at least in the absense of
RANDOM_TRUST_BOOTLOADER.
> Upstream, it's enabled for all architectures, because Linus thinks
> hanging at boot is a worse problem than a insufficiently initialized
> CRNG. I'm not at all convinced that it's safe for all ARM and RISC-V
> CPU's. On the other hand, I don't think it's going to be any worse
> that haveged (which I don't really trust on all architectures either),
> and it has the advantage of not requiring any additional userspace
> packages.
...Although this really isn't a ringing endorsement. :(
noah
Reply to: