From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:51747)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hpa@zytor.com>) id 1TT3VP-0005WG-13
	for qemu-devel@nongnu.org; Tue, 30 Oct 2012 00:32:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <hpa@zytor.com>) id 1TT3VO-0000cu-5K
	for qemu-devel@nongnu.org; Tue, 30 Oct 2012 00:32:46 -0400
Received: from terminus.zytor.com ([198.137.202.10]:57341 helo=mail.zytor.com)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <hpa@zytor.com>) id 1TT3VN-0000bh-TY
	for qemu-devel@nongnu.org; Tue, 30 Oct 2012 00:32:46 -0400
Message-ID: <508F5858.5050606@zytor.com>
Date: Mon, 29 Oct 2012 21:32:24 -0700
From: "H. Peter Anvin" <hpa@zytor.com>
MIME-Version: 1.0
References: <604401631.2277495.1351264128301.JavaMail.root@redhat.com>
	<871ugl44v5.fsf@codemonkey.ws> <508AB5C0.2000304@zytor.com>
	<87r4ol2it5.fsf@codemonkey.ws>
	<20121029062308.GA3564@amit.redhat.com>
In-Reply-To: <20121029062308.GA3564@amit.redhat.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Amit Shah <amit.shah@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>, Ted Ts'o <tytso@mit.edu>, Dustin Kirkland <kirkland@canonical.com>, qemu-devel@nongnu.org, George Wilson <gcwilson@us.ibm.com>, Paolo Bonzini <pbonzini@redhat.com>, Kent Yoder <key@linux.vnet.ibm.com>, Andreas Faerber <afaerber@suse.de>

On 10/28/2012 11:23 PM, Amit Shah wrote:
> One solution could be to feed host's /dev/urandom to readers of
> guests' /dev/urandom.  We could then pass the rare true entropy bits
> from host's /dev/hwrng or /dev/random to the guest via
> virtio-rng-pci's /dev/hwrng interface in the guest.
>
> If this is a valid idea (host /dev/urandom goes directly to guest's
> /dev/urandom), we would need some guest-side surgery, but it shouldn't
> be huge work, and would remove several bottlenecks.
>
> Is this a very crazy idea?

It's not crazy, it's just pointless.  You're doing a completely 
unnecessary hypercall to run the PRNG in host space.

	-hpa


-- 
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel.  I don't speak on their behalf.