On Mon, Aug 18, 2025 at 4:17 PM Michael Paquier <mich...@paquier.xyz> wrote: > > On Mon, Aug 18, 2025 at 08:38:25AM -0700, Jacob Champion wrote: > > - Need for safety in virtualized environments > > - ...? > > Interesting. What do you mean by this point? Isolation of the > random computations on a VM/container basis even if these are > originally from the same host?
One motivating example is "I paused my VM and cloned it and now both application instances are giving me the same random numbers." (I haven't looked into OpenSSL enough to know if it has developed some magic way around this, for the record.) NetBSD talks about this a bit at [1]. I'd imagine that there are other nice things about moving it down into the kernel, like core dumps becoming ever so slightly less dangerous? But that's pretty out there. --Jacob [1] https://man.netbsd.org/acpivmgenid.4
