On Fri, Feb 25, 2022 at 12:26 PM Ard Biesheuvel <a...@kernel.org> wrote: > > On Thu, 24 Feb 2022 at 14:39, Jason A. Donenfeld <ja...@zx2c4.com> wrote: > > > > When a VM forks, we must immediately mix in additional information to > > the stream of random output so that two forks or a rollback don't > > produce the same stream of random numbers, which could have catastrophic > > cryptographic consequences. This commit adds a simple API, add_vmfork_ > > randomness(), for that, by force reseeding the crng. > > > > This has the added benefit of also draining the entropy pool and setting > > its timer back, so that any old entropy that was there prior -- which > > could have already been used by a different fork, or generally gone > > stale -- does not contribute to the accounting of the next 256 bits. > > > > Cc: Dominik Brodowski <li...@dominikbrodowski.net> > > Cc: Theodore Ts'o <ty...@mit.edu> > > Cc: Jann Horn <ja...@google.com> > > Cc: Eric Biggers <ebigg...@google.com> > > Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> > > Acked-by: Ard Biesheuvel <a...@kernel.org>
Okay if I treat this as a Reviewed-by instead?
