From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1NAKDG-0008HI-PR for qemu-devel@nongnu.org; Tue, 17 Nov 2009 04:19:02 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1NAKDF-0008Gn-4x for qemu-devel@nongnu.org; Tue, 17 Nov 2009 04:19:02 -0500 Received: from [199.232.76.173] (port=48608 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NAKDF-0008Gk-2d for qemu-devel@nongnu.org; Tue, 17 Nov 2009 04:19:01 -0500 Received: from bhuna.collabora.co.uk ([93.93.128.226]:34881) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1NAKDE-0003jb-LY for qemu-devel@nongnu.org; Tue, 17 Nov 2009 04:19:00 -0500 Message-ID: <4B026A65.1010706@collabora.co.uk> Date: Tue, 17 Nov 2009 09:18:29 +0000 From: Ian Molton MIME-Version: 1.0 Subject: Re: [Qemu-devel] virtio-rng References: <4AFB2D4D.8050208@collabora.co.uk> <4B011F38.9070500@redhat.com> <4B014584.6000001@collabora.co.uk> <4B014F2D.3040205@redhat.com> <4B0192BE.4010105@collabora.co.uk> <20091116225100.GE12063@shareable.org> <4B01DD62.6030900@collabora.co.uk> <20091116233555.GJ12063@shareable.org> In-Reply-To: <20091116233555.GJ12063@shareable.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Jamie Lokier Cc: Gerd Hoffmann , qemu-devel@nongnu.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jamie Lokier wrote: > Ian Molton wrote: > > With VMs, in some circumstances it might be preferable to trust the > host when it says it's providing already-tested entropy. After all > the host has total control over the guest anyway, and the host entropy > has already been run through the same checks. I dont know. The guests might not necessarily trust the host. I can certainly see some benefit of not running the checks twice, however, and this applies to some other hw rng drivers too - One in particular I know will shut down if it detects that its entropy source(s) have gone bad. > So I think virtio-rng could benefit form being a special case, if the > host says "I assert this is entropy", you might inject it directly, > and thus work even with guests that aren't running the rngd daemon for > one reason or another. (E.g. embedded system guests.) I wonder if a 'rngd-lite' might not be an easier solution. I cant imagine theres going to be much performance hit. That said, even on my full-fat x86-64 box here, rngd weighs in at just 32KB and only needs libc... >> I still intend to submit my virtio-rng driver, if thats what you mean, >> since it presents the data via the same routes as all the other hw rng >> sources. I feel this approach has value. > > Suddenly I'm intrigued by this "intend to submit" as I see a > virtio-rng driver already in the 2.6 tree... What have I misunderstood? host side driver for qemu... I guess the proper term is qdev ? - -Ian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJLAmphAAoJEFIjE1w7L6YHm5cP/0jotxofq3OUTaPtqUHGTw8K PJ8sfkcNvJ/4GSEbCYCXcRsSqnG32R+w6LF8lOInWsi3BJsNUqRBgInGnDzC8/kV 1vkhRQELUBgNlLes+pG6GoaQZSVnQ8Z6HbNYSxyyZ+DqESR2+f0Gm8j+QdyTpXxS ARVoDGOM+IduZL//NMy4+hBPUGymosGKepVmaT/9cVPubGumq/f+mf21AdwCPEvk JIlRV1asqbBU7jyut5uVULpXwqygc6+kkZl6IzIPdv9BbcI9KersikL9srXZHJa9 JtyTjXdE9lsogkJkWD5Y9yL0o9oBuQdAKD8WeN+v//imzhbcuQ5kASiGMSkRo4eD yi8oP8PIN+vhI6MhLKML7B6n4Li+xDegNxgH1qSeB3IxovTUwuVoyK7C3GIw9Kt8 h/B6FQ0gE7yNtqsFMz4m2+vWdN9ZkNPX3o5bv5DDbPiKfVUZYu0wuwCcvtD3Wbq5 SMf1rxHCgRx3B526bJGWpgeataztp1B1B2+ml2Mdbgb2r35QOaTw/ENpt4n68o/z ITzOAOLlPHkUDLlurkQ8jMX7rT9W/NlL/y60jImjgv5zxqggEkmMlQqSnUKwIXRE CAZAq9+6eQ/vf6r/rY8GlVVfKr5L8tRovNSbX35vbKkjpvf+aWDr66ON+bDh2Mn+ Z5LmO4HSRe/2M7e4D8HV =9LtM -----END PGP SIGNATURE-----