From: "H. Peter Anvin" <hpa@linux.intel.com>
To: Amit Shah <amit.shah@redhat.com>, jgarzik@bitpay.com
Cc: Virtualization List <virtualization@lists.linux-foundation.org>,
Amos Kong <akong@redhat.com>,
Rusty Russell <rusty@rustcorp.com.au>,
linux-kernel@vger.kernel.org,
Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Subject: Re: [PATCH 1/2] rngd: add udev rule to source from hwrng if virtio-rng present
Date: Thu, 07 Aug 2014 12:31:11 -0700 [thread overview]
Message-ID: <53E3D3FF.70707@linux.intel.com> (raw)
In-Reply-To: <dd2ddb8458e5ab5cffceb7fac2e3f71e9e2197f3.1407416628.git.amit.shah@redhat.com>
On 08/07/2014 06:08 AM, Amit Shah wrote:
> On KVM guests where the virtio-rng device is available, and set as the
> current rng, this udev rule will start rngd which will feed in the
> host-provided entropy to /dev/random.
>
> Signed-off-by: Amit Shah <amit.shah@redhat.com>
> ---
> 90-virtio-rng.rules | 1 +
> 1 file changed, 1 insertion(+)
> create mode 100644 90-virtio-rng.rules
>
> diff --git a/90-virtio-rng.rules b/90-virtio-rng.rules
> new file mode 100644
> index 0000000..07f2f9c
> --- /dev/null
> +++ b/90-virtio-rng.rules
> @@ -0,0 +1 @@
> +KERNEL=="hw_random", ATTR{rng_current}=="virtio*", RUN+="/sbin/rngd -r /dev/hwrng"
>
I'm not sure this is really right. rngd can receive input from a number
of sources, and I suspect it would be better to rngd to be started much
earlier and perhaps get sent a SIGHUP to reconfigure when a hw_random
device appears ... not just the virtio one.
Currently rngd exits if there is no daemon. There are a few ways to
deal with that: one is to run rngd on changes and leave a pid file
around; the rngd can try to signal the old rngd or launch itself;
another option would be to have a different rngd for each source. To
some degree the above is obsolete when we get khwrngd widely deployed,
but that is a new-kernel-only kind of thing.
-hpa
next prev parent reply other threads:[~2014-08-07 19:31 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-07 13:08 [PATCH 0/2] rng-tools: add udev rule for virtio-rng Amit Shah
2014-08-07 13:08 ` [PATCH 1/2] rngd: add udev rule to source from hwrng if virtio-rng present Amit Shah
2014-08-07 19:31 ` H. Peter Anvin [this message]
2014-08-08 9:07 ` Amit Shah
2014-08-08 21:46 ` H. Peter Anvin
2014-08-11 7:15 ` Amit Shah
2014-08-11 13:30 ` Torsten Duwe
2014-08-11 16:50 ` H. Peter Anvin
2014-08-07 13:09 ` [PATCH 2/2] Install udev rules in system-default directory Amit Shah
[not found] ` <3df55388b1b3acd142f391494f102c3ddb2270ed.1407416628.git.amit.shah__45224.3810439997$1407417016$gmane$org@redhat.com>
2014-08-19 17:20 ` Paolo Bonzini
2014-08-20 4:36 ` Amit Shah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53E3D3FF.70707@linux.intel.com \
--to=hpa@linux.intel.com \
--cc=akong@redhat.com \
--cc=amit.shah@redhat.com \
--cc=jgarzik@bitpay.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=rusty@rustcorp.com.au \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).