Techly NewsGet the app

Get the latest tech news

CoCo VMs On Linux Will Now Panic If RdRand Is Broken To Avoid Catastrophic Conditions


For confidential computing 'CoCo' virtual machines where the VM host is assumed to be un-trusted and aims to be as isolated as possible, RdRand hardware random number generator instructions are one of the limited sources of entropy for guest VMs

For confidential computing "CoCo" virtual machines where the VM host is assumed to be un-trusted and aims to be as isolated as possible, RdRand hardware random number generator instructions are one of the limited sources of entropy for guest VMs. Right now RdRand can fail and the CoCo guest VMs will continue to boot albeit with limited or no entropy to see the VM's random number generation. Unfortunately, the CoCo threat model means that the VM host cannot be trusted and may actively work against guests to extract secrets or manipulate computation.

Get the Android app

Or read this on Phoronix

Read more on:

Photo of Linux

Linux

Photo of rdrand

rdrand

Photo of coco vms

coco vms

Related news:

News photo

RISC-V Adding Kernel-Mode FPU For Linux 6.10 To Enable Recent AMD Display Support

News photo

Linux 6.10 AES-XTS For Disk/File Encryption As Much As ~155% Faster For AMD Zen 4 CPUs

News photo

This backdoor almost infected Linux everywhere: The XZ Utils close call

« Mophie powerstation pro review: the ultimate 20,000mAh dual USB-C power bank
New Apple Vision Pro update adds 'Spatial Personas' as a visionOS 1.1 beta feature »