From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:43868)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1TRlWk-0003W2-Jm
	for qemu-devel@nongnu.org; Fri, 26 Oct 2012 11:08:54 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1TRlWj-0005wh-Cp
	for qemu-devel@nongnu.org; Fri, 26 Oct 2012 11:08:50 -0400
Received: from mx3-phx2.redhat.com ([209.132.183.24]:45299)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1TRlWj-0005wc-58
	for qemu-devel@nongnu.org; Fri, 26 Oct 2012 11:08:49 -0400
Date: Fri, 26 Oct 2012 11:08:48 -0400 (EDT)
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <604401631.2277495.1351264128301.JavaMail.root@redhat.com>
In-Reply-To: <1351262620-29348-1-git-send-email-aliguori@us.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Amit Shah <amit.shah@redhat.com>, qemu-devel@nongnu.org, Andreas Faerber <afaerber@suse.de>, "H. Peter Anvin" <hpa@zytor.com>

> This series implements the backend and frontend infrastructure for virtio-rng.
> This is similar to previous series sent out by both Amit and myself
> although it has been trimmed down considerably.
> 
> In terms of backends, a file and EGD backend are supported.  The file defaults
> to /dev/random based on the feedback from Peter.  It's still possible
> to support /dev/urandom though as an entropy source by overriding the file name.
> 
> I think this series is ready to merge.

Is /dev/random even appropriate to feed rngd?

rngd needs _a lot_ of entropy to even start working.  Its randomness test works in groups of 20000 bits. On a system without an hardware RNG, /dev/random can hardly produce 4000 bits/minute.  This means a guest will not get any entropy boost for 5 minutes after it's started, even if we allow it to exhaust the parent's entropy.

At this point, /dev/hwrng (or rdrand) seems just as good as /dev/random as a source for virtio-rng (and even better, it is not starved as easily).

I think RngBackend is over-engineered.  What other backends do you plan on adding?  Maybe rdrand, but that's just a chardev---so why isn't this enough:

  -chardev file,source=on,path=/dev/hwrng,id=chr0  -device virtio-rng-pci,file=chr0
  -chardev rdrand,id=chr0                          -device virtio-rng-pci,file=chr0
  -chardev socket,host=localhost,port=1024,id=chr0 -device virtio-rng-pci,rng=chr0,egd=on

(which I suggested in my reply to Amit)?

Paolo