From: Anthony Liguori <aliguori@us.ibm.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Amit Shah <amit.shah@redhat.com>,
qemu-devel@nongnu.org, Andreas Faerber <afaerber@suse.de>,
"H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
Date: Fri, 26 Oct 2012 10:42:22 -0500 [thread overview]
Message-ID: <871ugl44v5.fsf@codemonkey.ws> (raw)
In-Reply-To: <604401631.2277495.1351264128301.JavaMail.root@redhat.com>
Paolo Bonzini <pbonzini@redhat.com> writes:
>> This series implements the backend and frontend infrastructure for virtio-rng.
>> This is similar to previous series sent out by both Amit and myself
>> although it has been trimmed down considerably.
>>
>> In terms of backends, a file and EGD backend are supported. The file defaults
>> to /dev/random based on the feedback from Peter. It's still possible
>> to support /dev/urandom though as an entropy source by overriding the file name.
>>
>> I think this series is ready to merge.
>
> Is /dev/random even appropriate to feed rngd?
>
> rngd needs _a lot_ of entropy to even start working. Its randomness
> test works in groups of 20000 bits. On a system without an hardware
> RNG, /dev/random can hardly produce 4000 bits/minute. This means a
> guest will not get any entropy boost for 5 minutes after it's started,
> even if we allow it to exhaust the parent's entropy.
I don't know, but rng-random is a non-blocking backend so it can handle
/dev/random, /dev/urandom, or /dev/hwrng.
It's just a matter of what the default is and I feel comfortable that if
someone can provide a *concrete* demonstration of what the best default
is, we can change it later on.
> At this point, /dev/hwrng (or rdrand) seems just as good as
> /dev/random as a source for virtio-rng (and even better, it is not
> starved as easily).
I've been told that hwrng sources need to be passed through a whitening
function in order to be suitable for PRNG generators. Since we expose a
/dev/hwrng in the guest, perhaps this doesn't matter...
> I think RngBackend is over-engineered. What other backends do you plan
> on adding?
Stefan Berger suggested a backend that uses a PRNG in FreeBL. That's
probably the best default since it punts to a userspace library to deal
with ensuring there's adequate whitening/entropy to start with.
> Maybe rdrand, but that's just a chardev---so why isn't this enough:
>
> -chardev file,source=on,path=/dev/hwrng,id=chr0 -device virtio-rng-pci,file=chr0
> -chardev rdrand,id=chr0 -device virtio-rng-pci,file=chr0
> -chardev socket,host=localhost,port=1024,id=chr0 -device virtio-rng-pci,rng=chr0,egd=on
>
> (which I suggested in my reply to Amit)?
I don't like overloading chardev to representate any !block device
backend which is what I fear we're doing here.
EGD is more than just a dumb pipe of data too. It's got a way to query
available entropy. I have a strong suspicion that over time, we'll add
methods to virtio-rng to query available entropy. That would mean
adding a backend specific ioctl to the chardev layer which is pretty
ugly.
The overhead of creating a separate backend to begin with is extremely
small. We're talking about dozens of lines of code. So I don't see
what the problem is.
Regards,
Anthony Liguori
>
> Paolo
next prev parent reply other threads:[~2012-10-26 15:43 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-26 14:43 [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 1/6] vl: add -object option to create QOM objects from the command line Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 2/6] object: add object_property_add_bool (v2) Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 3/6] rng: add RndBackend abstract object class Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 4/6] rng-random: add an RNG backend that uses /dev/random Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 5/6] rng-egd: introduce EGD compliant RNG backend Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 6/6] virtio-rng: hardware random number generator device Anthony Liguori
2012-10-26 15:08 ` [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support Paolo Bonzini
2012-10-26 15:42 ` Anthony Liguori [this message]
2012-10-26 16:09 ` H. Peter Anvin
2012-10-26 18:24 ` Anthony Liguori
2012-10-26 18:26 ` H. Peter Anvin
2012-10-29 6:23 ` Amit Shah
2012-10-30 4:32 ` H. Peter Anvin
2012-10-26 18:58 ` Paolo Bonzini
2012-10-26 19:07 ` H. Peter Anvin
2012-10-26 19:51 ` Paolo Bonzini
2012-10-26 19:54 ` H. Peter Anvin
2012-10-26 20:29 ` H. Peter Anvin
2012-10-29 8:45 ` Paolo Bonzini
2012-10-30 4:34 ` H. Peter Anvin
2012-10-30 4:43 ` H. Peter Anvin
2012-10-30 9:05 ` Paolo Bonzini
2012-10-30 21:11 ` H. Peter Anvin
2012-10-31 7:29 ` Paolo Bonzini
2012-10-31 14:15 ` H. Peter Anvin
2012-10-31 14:27 ` Paolo Bonzini
2012-10-26 18:53 ` Paolo Bonzini
2012-10-29 7:01 ` Amit Shah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871ugl44v5.fsf@codemonkey.ws \
--to=aliguori@us.ibm.com \
--cc=afaerber@suse.de \
--cc=amit.shah@redhat.com \
--cc=hpa@zytor.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.