From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:36167) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UBXHp-0004gj-81 for qemu-devel@nongnu.org; Fri, 01 Mar 2013 16:14:39 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UBXHo-0002jJ-3L for qemu-devel@nongnu.org; Fri, 01 Mar 2013 16:14:37 -0500 Received: from mx1.redhat.com ([209.132.183.28]:59519) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UBXHn-0002jA-RR for qemu-devel@nongnu.org; Fri, 01 Mar 2013 16:14:36 -0500 Message-ID: <51311A13.6030205@redhat.com> Date: Fri, 01 Mar 2013 14:13:55 -0700 From: Eric Blake MIME-Version: 1.0 References: <512FF819.7050505@redhat.com> <87k3pqzy2y.fsf@codemonkey.ws> <513110D3.5030503@linux.vnet.ibm.com> <87d2vig75m.fsf@codemonkey.ws> In-Reply-To: <87d2vig75m.fsf@codemonkey.ws> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----enig2BGSEAQNFTBAQNDJHAXVG" Subject: Re: [Qemu-devel] virtio-rng and fd passing List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: "qemu-devel@nongnu.org" , Stefan Berger This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2BGSEAQNFTBAQNDJHAXVG Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 03/01/2013 02:08 PM, Anthony Liguori wrote: >>> You can pass chardevs to the egd backend. It's really not a good ide= a >>> to pass a fd via rng-rangom. Why not? If you are running a single guest, why can't libvirt pass that one guest an fd instead of making qemu open() the file? >> >> Fine, then we won't use fd passing for this device, whatever the reaso= n=20 >> may be. >=20 > So let's step back. There are two backends currently supported: > rng-random and rng-egd. I don't see any point in taking an fd for > rng-random. I don't think labeling comes into play here. >=20 > But if libvirt wants to interact with virtio-rng in a more intelligent > way (implementing a policy to distribute entropy), then rng-egd is the > right way to do that. Yes, libvirt will probably use rng-egd when distributing randomness among multiple guests. But libvirt wants to target BOTH forms of rng, in order to let the user choose which one is best for their needs. If rng-random is not useful to any end user, then why did qemu expose it in the first place? And if qemu thought it was worth exposing, then libvirt thinks it is worth targetting, and by using qemu_open instead of raw open, then fd passing is possible. Policy (whether it makes sense to pass an fd for a random generator, and whether /dev/random or /dev/urandom or something else is best) may be important, but it is orthogonal to the issue that I raised about consistency. --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org ------enig2BGSEAQNFTBAQNDJHAXVG Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJRMRoUAAoJEKeha0olJ0Nqp8oH/RyFO/Auhyvwm1qGCNYX30mk 11J/7VgJ/QxbkpQDF7Rvt3kWXyM+GGxoW/xtZ6ha1yt7FCOFpri9C75kYeOZmse1 QbArILDpgF3rA6IlASw2QiiwX9y+y0bFr7hl3iQIwduZXIqSL5PUPDdXHrLwHAWP jB+2UBIEiiL+99jkrOZZCEjfbHO3iEcKC4OHGzKvBvt5dEVqqHocMvz5lO7lJOhE 7ysoZV/eT1NhWwWxpa4jRVwtnyjUvm99IT3gKn4Ux2HBtTyA1HgbOPyJM6h43Xmz N08L0j2i8GqDR6oenT5ZYUHQlF8kn99TJJLvgTSURuwaMT5+MOnzezFhN7UAJYo= =R3Dh -----END PGP SIGNATURE----- ------enig2BGSEAQNFTBAQNDJHAXVG--