On Mon, Sep 26, 2022 at 3:45 PM Jason A. Donenfeld <ja...@zx2c4.com> wrote: > On Thu, Sep 22, 2022 at 5:28 PM Jason A. Donenfeld <ja...@zx2c4.com> wrote: > > We don't want it to be possible to re-read the RNG seed after ingesting > > it, because this ruins forward secrecy. Currently, however, the setup > > data section can just be re-read. Since the kernel is always read after > > the setup data, use the selection of the kernel as a trigger to > > re-initialize the RNG seed, just like we do on reboot, to preserve > > forward secrecy. > > > > Cc: Paolo Bonzini <pbonz...@redhat.com> > > Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com> > > --- > > Paolo- this applies on top of the 4 you merged this morning. -Jason > > Just bumping this, in hopes that this can go out with the same PULL > for the other 4 you merged last week.
Thanks, queued but I have a question. If I understand correctly, this protects against rereading the seed while the OS is running. If so, does that mean that the device tree-based seed initialization does not have forward secrecy at all? Paolo
