Bug#931644: Buster kernel entropy pool too low on VM boot

To: Noah Meyerhans <noahm@debian.org>, 931644@bugs.debian.org
Subject: Bug#931644: Buster kernel entropy pool too low on VM boot
From: "Michael J. Redd" <micredd@gmail.com>
Date: Thu, 06 Feb 2020 15:36:49 -0500
Message-id: <[🔎] 8bcf97a88b002daf34f82e30d759410f51518b30.camel@gmail.com>
Reply-to: "Michael J. Redd" <micredd@gmail.com>, 931644@bugs.debian.org
In-reply-to: <20200109223058.GA19798@morgul.net>
References: <1562605169.1939.2.camel@gmail.com> <20190708174413.GW11726@bitfolk.com> <1562605169.1939.2.camel@gmail.com> <1562852537.4768.1.camel@gmail.com> <20200109223058.GA19798@morgul.net> <1562605169.1939.2.camel@gmail.com>

Apologies for the late reply. I can certainly test on some of my VMs if
you're willing to provide packages.

Reading over Linus' explanation of deriving jitter from the CPU's cycle
counter, while I'm no cryptographer, I might have some concerns about
the quality of the entropy that will be generated by this patch on
hypervisors that virtualize the time stamp counter. In my environment,
I know I can instruct Xen to never virtualize the TSC (
https://xenbits.xen.org/docs/unstable/man/xen-tscmode.7.html), which
would probably benefit the patch, but AWS and other public cloud users
may not have that option.

-Michael

Reply to:

Follow-Ups:
- Bug#931644: Buster kernel entropy pool too low on VM boot
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Re: Producing verifiable initramfs images
Next by Date: Bug#931644: Buster kernel entropy pool too low on VM boot
Previous by thread: Re: Producing verifiable initramfs images
Next by thread: Bug#931644: Buster kernel entropy pool too low on VM boot
Index(es):
- Date
- Thread