From mboxrd@z Thu Jan 1 00:00:00 1970 From: Theodore Ts'o Subject: Re: [PATCH v5 0/5] random,x86,kvm: Rework arch RNG seeds and get some from kvm Date: Wed, 13 Aug 2014 10:32:09 -0400 Message-ID: <20140813143209.GD6437@thunk.org> References: <20140812191723.GI12871@thunk.org> <53EB1859.6030800@zytor.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Andy Lutomirski , kvm list , "linux-kernel@vger.kernel.org" , Kees Cook , X86 ML , Daniel Borkmann , Srivatsa Vaddagiri , Raghavendra K T , Gleb Natapov , Paolo Bonzini , Bandan Das , Andrew Honig To: "H. Peter Anvin" Return-path: Content-Disposition: inline In-Reply-To: <53EB1859.6030800@zytor.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On Wed, Aug 13, 2014 at 12:48:41AM -0700, H. Peter Anvin wrote: > The proposed arch_get_rng_seed() is not really what it claims to be; it > most definitely does not produce seed-grade randomness, instead it seems > to be an arch function for best-effort initialization of the entropy > pools -- which is fine, it is just something quite different. Without getting into an argument about which definition of "seed" is correct --- it's certainly confusing and different form the RDSEED usage of the word "seed". Do we expect that anyone else besides arch_get_rnd_seed() would actually want to use it? I'd argue no; we want the rest of the kernel to either use get_random_bytes() or prandom_u32(). Given that, maybe we should just call it arch_random_init(), and expect that the only user of this interface would be drivers/char/random.c? - Ted