Question on get random long worse in VM than on host

Marc Zyngier maz at kernel.org
Sat Aug 31 01:14:20 PDT 2024


On Sat, 31 Aug 2024 08:56:23 +0100,
Ard Biesheuvel <ardb at kernel.org> wrote:
> 
> As for RNDR/RNDRRS vs TRNG: the former is not a raw entropy source, it
> is a DRBG (or CSPRNG) which provides cryptographically secure random
> numbers whose security strength is limited by the size of the seed.
> TRNG does not have this limitation in principle, although non-p KVM
> happily seeds it from the kernel's entropy pool, which has the same
> limitation in practice.

Is that something we should address? I assume that this has an impact
on the quality of the provided random numbers?

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.



More information about the linux-arm-kernel mailing list