Hi Peter,
On Mon, Sep 26, 2022 at 7:05 PM Peter Maydell wrote:
>
> On Mon, 26 Sept 2022 at 17:53, Jason A. Donenfeld wrote:
> > On both x86 and dtb-based archs, the seed in memory is zeroed out by the
> > kernel after reading. So, as far as the guest is concerned, there's
> > forward secrecy. Ex
On Mon, 26 Sept 2022 at 17:53, Jason A. Donenfeld wrote:
> On both x86 and dtb-based archs, the seed in memory is zeroed out by the
> kernel after reading. So, as far as the guest is concerned, there's
> forward secrecy. Except! Except if the guest has someway of
> re-requesting that seed from the
Hi Paolo,
On Mon, Sep 26, 2022 at 06:07:43PM +0200, Paolo Bonzini wrote:
> On Mon, Sep 26, 2022 at 3:45 PM Jason A. Donenfeld wrote:
> > On Thu, Sep 22, 2022 at 5:28 PM Jason A. Donenfeld wrote:
> > > We don't want it to be possible to re-read the RNG seed after ingesting
> > > it, because this
On Mon, Sep 26, 2022 at 3:45 PM Jason A. Donenfeld wrote:
> On Thu, Sep 22, 2022 at 5:28 PM Jason A. Donenfeld wrote:
> > We don't want it to be possible to re-read the RNG seed after ingesting
> > it, because this ruins forward secrecy. Currently, however, the setup
> > data section can just be
On Thu, Sep 22, 2022 at 5:28 PM Jason A. Donenfeld wrote:
>
> We don't want it to be possible to re-read the RNG seed after ingesting
> it, because this ruins forward secrecy. Currently, however, the setup
> data section can just be re-read. Since the kernel is always read after
> the setup data,
