On 11/07/19 13:50, Paolo Bonzini wrote: > On 07/11/19 12:55, Daniel P. Berrangé wrote: >>> Yes, I would make SMM use a cryptographic pseudo-random number generator >>> and seed it from virtio-rng from DXE, way before the OS starts and can >>> "attack" it. >>> >>> Once you've gotten a seed, you can create a CSPRNG with a stream cipher >>> such as ChaCha20, which is literally 30 lines of code. >> If all we need is a one-time seed then virtio-rng is possibly overkill as >> that provides a continuous stream. Instead could QEMU read a few bytes >> from the host's /dev/urandom and pass it to EDK via fw_cfg, which can >> use it for the CSPRNG seed. EDK would have to erase the fw_cfg field >> to prevent the seed value leaking to the guest OS, but other than that >> its quite straightforward. > > That would need anyway a change to the emulated hardware. If the guest > is able to use virtio-rng after the firmware exits (which is the case is > all the firmware needs is a one-time seed), then using virtio-rng is the > simplest alternative as it needs no change at all outside the firmware.
This is a really good point! I'll think more about using virtio-rng, hopefully without horribly hacking OVMF's BDS code. Thanks Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#50213): https://edk2.groups.io/g/devel/message/50213 Mute This Topic: https://groups.io/mt/45640732/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
