Re: [Qemu-devel] virtio-rng

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ian Molton <ian.molton@collabora.co.uk>
To: Jamie Lokier <jamie@shareable.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] virtio-rng
Date: Tue, 17 Nov 2009 09:18:29 +0000	[thread overview]
Message-ID: <4B026A65.1010706@collabora.co.uk> (raw)
In-Reply-To: <20091116233555.GJ12063@shareable.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jamie Lokier wrote:
> Ian Molton wrote:
>
> With VMs, in some circumstances it might be preferable to trust the
> host when it says it's providing already-tested entropy.  After all
> the host has total control over the guest anyway, and the host entropy
> has already been run through the same checks.

I dont know. The guests might not necessarily trust the host. I can
certainly see some benefit of not running the checks twice, however, and
this applies to some other hw rng drivers too - One in particular I know
will shut down if it detects that its entropy source(s) have gone bad.

> So I think virtio-rng could benefit form being a special case, if the
> host says "I assert this is entropy", you might inject it directly,
> and thus work even with guests that aren't running the rngd daemon for
> one reason or another.  (E.g. embedded system guests.)

I wonder if a 'rngd-lite' might not be an easier solution. I cant
imagine theres going to be much performance hit.

That said, even on my full-fat x86-64 box here, rngd weighs in at just
32KB and only needs libc...

>> I still intend to submit my virtio-rng driver, if thats what you mean,
>> since it presents the data via the same routes as all the other hw rng
>> sources. I feel this approach has value.
> 
> Suddenly I'm intrigued by this "intend to submit" as I see a
> virtio-rng driver already in the 2.6 tree... What have I misunderstood?

host side driver for qemu... I guess the proper term is qdev ?

- -Ian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLAmphAAoJEFIjE1w7L6YHm5cP/0jotxofq3OUTaPtqUHGTw8K
PJ8sfkcNvJ/4GSEbCYCXcRsSqnG32R+w6LF8lOInWsi3BJsNUqRBgInGnDzC8/kV
1vkhRQELUBgNlLes+pG6GoaQZSVnQ8Z6HbNYSxyyZ+DqESR2+f0Gm8j+QdyTpXxS
ARVoDGOM+IduZL//NMy4+hBPUGymosGKepVmaT/9cVPubGumq/f+mf21AdwCPEvk
JIlRV1asqbBU7jyut5uVULpXwqygc6+kkZl6IzIPdv9BbcI9KersikL9srXZHJa9
JtyTjXdE9lsogkJkWD5Y9yL0o9oBuQdAKD8WeN+v//imzhbcuQ5kASiGMSkRo4eD
yi8oP8PIN+vhI6MhLKML7B6n4Li+xDegNxgH1qSeB3IxovTUwuVoyK7C3GIw9Kt8
h/B6FQ0gE7yNtqsFMz4m2+vWdN9ZkNPX3o5bv5DDbPiKfVUZYu0wuwCcvtD3Wbq5
SMf1rxHCgRx3B526bJGWpgeataztp1B1B2+ml2Mdbgb2r35QOaTw/ENpt4n68o/z
ITzOAOLlPHkUDLlurkQ8jMX7rT9W/NlL/y60jImjgv5zxqggEkmMlQqSnUKwIXRE
CAZAq9+6eQ/vf6r/rY8GlVVfKr5L8tRovNSbX35vbKkjpvf+aWDr66ON+bDh2Mn+
Z5LmO4HSRe/2M7e4D8HV
=9LtM
-----END PGP SIGNATURE-----

next prev parent reply	other threads:[~2009-11-17  9:19 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-11-11 21:31 [Qemu-devel] virtio-rng Ian Molton
2009-11-11 22:57 ` Paul Brook
2009-11-16  9:45 ` Gerd Hoffmann
2009-11-16 12:28   ` Ian Molton
2009-11-16 13:10     ` Gerd Hoffmann
2009-11-16 17:58       ` Ian Molton
2009-11-16 22:51         ` Jamie Lokier
2009-11-16 23:16           ` Ian Molton
2009-11-16 23:35             ` Jamie Lokier
2009-11-17  9:18               ` Ian Molton [this message]
2009-11-17  9:24         ` Amit Shah
     [not found]           ` <4B02705A.5060400@collabora.co.uk>
     [not found]             ` <20091117095456.GA11125@amit-x200.redhat.com>
     [not found]               ` <4B0278B0.1080505@collabora.co.uk>
     [not found]                 ` <20091117102837.GA11493@amit-x200.redhat.com>
2009-11-17 11:10                   ` Ian Molton
2009-11-17 11:25                     ` Amit Shah

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B026A65.1010706@collabora.co.uk \
    --to=ian.molton@collabora.co.uk \
    --cc=jamie@shareable.org \
    --cc=kraxel@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.