Re: [Qemu-devel] virtio-rng

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Ian Molton <ian.molton@collabora.co.uk>
To: Jamie Lokier <jamie@shareable.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] virtio-rng
Date: Tue, 17 Nov 2009 09:18:29 +0000	[thread overview]
Message-ID: <4B026A65.1010706@collabora.co.uk> (raw)
In-Reply-To: <20091116233555.GJ12063@shareable.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jamie Lokier wrote:
> Ian Molton wrote:
>
> With VMs, in some circumstances it might be preferable to trust the
> host when it says it's providing already-tested entropy.  After all
> the host has total control over the guest anyway, and the host entropy
> has already been run through the same checks.

I dont know. The guests might not necessarily trust the host. I can
certainly see some benefit of not running the checks twice, however, and
this applies to some other hw rng drivers too - One in particular I know
will shut down if it detects that its entropy source(s) have gone bad.

> So I think virtio-rng could benefit form being a special case, if the
> host says "I assert this is entropy", you might inject it directly,
> and thus work even with guests that aren't running the rngd daemon for
> one reason or another.  (E.g. embedded system guests.)

I wonder if a 'rngd-lite' might not be an easier solution. I cant
imagine theres going to be much performance hit.

That said, even on my full-fat x86-64 box here, rngd weighs in at just
32KB and only needs libc...

>> I still intend to submit my virtio-rng driver, if thats what you mean,
>> since it presents the data via the same routes as all the other hw rng
>> sources. I feel this approach has value.
> 
> Suddenly I'm intrigued by this "intend to submit" as I see a
> virtio-rng driver already in the 2.6 tree... What have I misunderstood?

host side driver for qemu... I guess the proper term is qdev ?

- -Ian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLAmphAAoJEFIjE1w7L6YHm5cP/0jotxofq3OUTaPtqUHGTw8K
PJ8sfkcNvJ/4GSEbCYCXcRsSqnG32R+w6LF8lOInWsi3BJsNUqRBgInGnDzC8/kV
1vkhRQELUBgNlLes+pG6GoaQZSVnQ8Z6HbNYSxyyZ+DqESR2+f0Gm8j+QdyTpXxS
ARVoDGOM+IduZL//NMy4+hBPUGymosGKepVmaT/9cVPubGumq/f+mf21AdwCPEvk
JIlRV1asqbBU7jyut5uVULpXwqygc6+kkZl6IzIPdv9BbcI9KersikL9srXZHJa9
JtyTjXdE9lsogkJkWD5Y9yL0o9oBuQdAKD8WeN+v//imzhbcuQ5kASiGMSkRo4eD
yi8oP8PIN+vhI6MhLKML7B6n4Li+xDegNxgH1qSeB3IxovTUwuVoyK7C3GIw9Kt8
h/B6FQ0gE7yNtqsFMz4m2+vWdN9ZkNPX3o5bv5DDbPiKfVUZYu0wuwCcvtD3Wbq5
SMf1rxHCgRx3B526bJGWpgeataztp1B1B2+ml2Mdbgb2r35QOaTw/ENpt4n68o/z
ITzOAOLlPHkUDLlurkQ8jMX7rT9W/NlL/y60jImjgv5zxqggEkmMlQqSnUKwIXRE
CAZAq9+6eQ/vf6r/rY8GlVVfKr5L8tRovNSbX35vbKkjpvf+aWDr66ON+bDh2Mn+
Z5LmO4HSRe/2M7e4D8HV
=9LtM
-----END PGP SIGNATURE-----

next prev parent reply	other threads:[~2009-11-17  9:19 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-11-11 21:31 [Qemu-devel] virtio-rng Ian Molton
2009-11-11 22:57 ` Paul Brook
2009-11-16  9:45 ` Gerd Hoffmann
2009-11-16 12:28   ` Ian Molton
2009-11-16 13:10     ` Gerd Hoffmann
2009-11-16 17:58       ` Ian Molton
2009-11-16 22:51         ` Jamie Lokier
2009-11-16 23:16           ` Ian Molton
2009-11-16 23:35             ` Jamie Lokier
2009-11-17  9:18               ` Ian Molton [this message]
2009-11-17  9:24         ` Amit Shah
     [not found]           ` <4B02705A.5060400@collabora.co.uk>
     [not found]             ` <20091117095456.GA11125@amit-x200.redhat.com>
     [not found]               ` <4B0278B0.1080505@collabora.co.uk>
     [not found]                 ` <20091117102837.GA11493@amit-x200.redhat.com>
2009-11-17 11:10                   ` Ian Molton
2009-11-17 11:25                     ` Amit Shah

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B026A65.1010706@collabora.co.uk \
    --to=ian.molton@collabora.co.uk \
    --cc=jamie@shareable.org \
    --cc=kraxel@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).