From: Paolo Bonzini <pbonzini@redhat.com>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Amit Shah <amit.shah@redhat.com>,
Anthony Liguori <aliguori@us.ibm.com>,
Andreas Faerber <afaerber@suse.de>,
qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
Date: Fri, 26 Oct 2012 21:51:02 +0200 [thread overview]
Message-ID: <508AE9A6.4060304@redhat.com> (raw)
In-Reply-To: <5ea4bbfb-b761-42ef-93f8-7c91fee0bb30@email.android.com>
Il 26/10/2012 21:07, H. Peter Anvin ha scritto:
> This is surreal. Output from /dev/hwrng turns into output for /dev/random... it us guaranteed worse; period, end of story.
Isn't that exactly what happens in bare-metal? hwrng -> rngd -> random. Instead here
we'd have, host hwrng -> virtio-rng-pci -> guest hwrng -> guest rngd -> guest random.
The only difference is that you paravirtualize access to the host hwrng to a) distribute
entropy to multiple guests; b) support migration across hosts with different CPUs and
hardware.
> I don't know who the "agreement" is with, but it is ridiculous in this case.
man 4 random:
While some safety margin above that minimum is reasonable, as a guard against
flaws in the CPRNG algorithm, no cryptographic primitive available today can
hope to promise more than 256 bits of security, so if any program reads more
than 256 bits (32 bytes) from the kernel random pool per invocation, or per
reasonable reseed interval (not less than one minute), that should be taken
as a sign that its cryptography is not skilfully implemented.
Paolo
next prev parent reply other threads:[~2012-10-26 19:51 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-26 14:43 [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 1/6] vl: add -object option to create QOM objects from the command line Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 2/6] object: add object_property_add_bool (v2) Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 3/6] rng: add RndBackend abstract object class Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 4/6] rng-random: add an RNG backend that uses /dev/random Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 5/6] rng-egd: introduce EGD compliant RNG backend Anthony Liguori
2012-10-26 14:43 ` [Qemu-devel] [PATCH 6/6] virtio-rng: hardware random number generator device Anthony Liguori
2012-10-26 15:08 ` [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support Paolo Bonzini
2012-10-26 15:42 ` Anthony Liguori
2012-10-26 16:09 ` H. Peter Anvin
2012-10-26 18:24 ` Anthony Liguori
2012-10-26 18:26 ` H. Peter Anvin
2012-10-29 6:23 ` Amit Shah
2012-10-30 4:32 ` H. Peter Anvin
2012-10-26 18:58 ` Paolo Bonzini
2012-10-26 19:07 ` H. Peter Anvin
2012-10-26 19:51 ` Paolo Bonzini [this message]
2012-10-26 19:54 ` H. Peter Anvin
2012-10-26 20:29 ` H. Peter Anvin
2012-10-29 8:45 ` Paolo Bonzini
2012-10-30 4:34 ` H. Peter Anvin
2012-10-30 4:43 ` H. Peter Anvin
2012-10-30 9:05 ` Paolo Bonzini
2012-10-30 21:11 ` H. Peter Anvin
2012-10-31 7:29 ` Paolo Bonzini
2012-10-31 14:15 ` H. Peter Anvin
2012-10-31 14:27 ` Paolo Bonzini
2012-10-26 18:53 ` Paolo Bonzini
2012-10-29 7:01 ` Amit Shah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=508AE9A6.4060304@redhat.com \
--to=pbonzini@redhat.com \
--cc=afaerber@suse.de \
--cc=aliguori@us.ibm.com \
--cc=amit.shah@redhat.com \
--cc=hpa@zytor.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).