From: Blue Swirl <blauwirbel@gmail.com>
To: Ian Molton <ian.molton@collabora.co.uk>
Cc: qemu-devel@nongnu.org, Gerd Hoffmann <kraxel@redhat.com>,
Paul Brook <paul@codesourcery.com>
Subject: Re: [Qemu-devel] [PATCH 2/2] VirtIO RNG
Date: Tue, 20 Apr 2010 23:11:21 +0300 [thread overview]
Message-ID: <v2uf43fc5581004201311tb983befay1dba3009dfcb97a8@mail.gmail.com> (raw)
In-Reply-To: <4BCE061B.2030506@collabora.co.uk>
On 4/20/10, Ian Molton <ian.molton@collabora.co.uk> wrote:
> Jamie Lokier wrote:
>
> Hi :-)
>
> > Ian Molton wrote:
> >> One last and quite important point - where should the EGD protocol
> >> implementation go? really it needs to work as kind-of a line discipline,
> >> but AFAICT thats not supported? it would be a mistake to put rate
> >> limiting in the chardev layer and leave the EGD protocol implementation
> >> in the driver.
> >
> > What do the other hypervisors supporting virtio-rng do?
>
> Um. support it? Im not sure what you mean there.
>
> > Personally I'm failing to see why EGD support is needed in Qemu, as
> > none of the crypto services on my Linux machines seem to need it so
> > why should Qemu be special, but I acknowledge there might be some
> > obscure reason.
>
> I know seevral people who use egd based hardware on their hosts who want
> virtio-rng support in their guests - it avoids having to route the data
> via TCP or other long winded paths that are trivially vulverable to
> attack both on the host and from the guests userspace. The hwrng core is
> inherently very simple.
>
> >> TBH, for the sake of one very simple driver, and given that apparently
> >> no other users in qemu seem to want rate-limiting, *I( think that you
> >> are massively over-complicating matters right now. If more drivers need
> >> rate limiting, perhaps, but that doesnt seem to be the case.
> >
> > Rate limiting both networking and serial ports may be a handy little
> > option sometimes.
>
> Perhaps, but I'm not a big user of those systems and as such Im not
> really in a position to design a rate limiting algorithm thats going to
> be really appropriate without spending a lot of time I dont have looking
> at stuff I don't really care about.
>
> I don't mind implementing trivial rate/burst limiting in the chardev
> layer if thats whats wanted, but I have neither the time nor inclination
> to write a thesis on the subject :-)
>
> > Iirc, there are some guests which get confused when
> > data transfers are gazillions times faster than they expected, or
> > gazillions times more bursty in the case of networking.
>
> Realistically, that kind of limiting might be best off in the device
> drivers those systems use, which has more intimate knowledge of how the
> virtual hardware should behave. Without extensive testing I just couldnt
> answer that.
>
> >>> We already have a virtual serial port implementation designed for
> >>> exactly this kind of application.
> >> Except that it doesn't speak to the kernels virtio-rng implementation.
> >> And that interface is not going to change just because you don't like
> >> it. (Unless you'd like to rewrite the kernels hwrng core? feel free! I'm
> >> sure it'd be appreciated - but if not, then don't complain)
> >
> > Would it be much work to change the guest to use virtio-serial
> > instead? Would it fit the problem or does virtio-rng need more
> > metadata than just a bytestream?
>
> If anything virtio-rng uses *less* info than the virtio-serial driver
> (it has one stream, in one direction, only).
>
> But the kernel already has a virtio-rng driver and it already works in a
> particular way, which is already implemented in other hypervisors. I
> didn't write the kernel driver, it is pre-existing. I suppose we could
> ask the kernel devs if they'd like another virtio-based rng driver in
> addition to the one already in use? but that seems perverse.
>
> Why even bother with virtio at all if you're going to abstract
> everything away behind a serial port? we could just modify all the guest
> kernel virtio-block drivers to serialise all their metadata, then we
> could use serial ports for that too!
>
> Abstraction can be taken too far.
>
> All MHO but I'm standing by what I said. If I can get a reasonable
> consensus about rewriting the code so that we get all the features
> needed for an enterprise level solution, namely
>
> * Fault tolerance - socket reconnection support.
> * EGD protocol support - because its what the users of this code (not me
> as such, I don't actually use it at all myself) actually want
> * virtio-rng support - because anything else is stupid and would involve
> getting a second virtio-serial-rng driver into the kernel.
>
> Then great.
>
> IMHO, the socket reconnect patch and the SIZE parameter patch fix
> obvious flaws in qemu and should be applied now, unless someone can come
> up with a good reason why they shouldn't.
>
> We can carry on debating the actual virtio-rng driver if thats whats
> wanted, but I have stated my position. So far the only argument against
> is "well I wouldn't choose to do it that way", which is hardly concrete
> reasoning.
>
> Please, please, can we get out of the bikeshed?
I would not call the discussions bikeshedding but architecture design
steering and project leadership.
next prev parent reply other threads:[~2010-04-20 20:11 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-30 14:05 [Qemu-devel] [PATCH 0/2] VirtIO RNG Ian Molton
2010-03-30 14:12 ` [Qemu-devel] [PATCH 1/2] " Ian Molton
2010-03-30 14:13 ` [Qemu-devel] [PATCH 2/2] " Ian Molton
2010-04-01 12:17 ` Paul Brook
2010-04-01 12:30 ` Jamie Lokier
2010-04-01 14:03 ` Paul Brook
2010-04-02 10:13 ` Ian Molton
2010-04-03 15:06 ` Paul Brook
2010-04-13 14:41 ` Ian Molton
2010-04-13 15:01 ` Paul Brook
2010-04-13 15:32 ` Paul Brook
2010-04-20 15:15 ` Ian Molton
2010-04-20 16:13 ` Jamie Lokier
2010-04-20 19:52 ` Ian Molton
2010-04-20 20:11 ` Blue Swirl [this message]
2010-04-20 20:56 ` Jamie Lokier
2010-04-20 21:31 ` Ian Molton
2010-04-20 21:55 ` Jamie Lokier
2010-04-21 7:43 ` Gerd Hoffmann
2010-04-21 9:40 ` Jamie Lokier
2010-04-21 12:34 ` Ian Molton
2010-04-21 13:55 ` Gerd Hoffmann
2010-04-22 19:06 ` Ian Molton
2010-04-22 21:05 ` Jamie Lokier
2010-04-23 10:17 ` Ian Molton
2010-04-24 1:37 ` Jamie Lokier
2010-04-24 8:58 ` Ian Molton
2010-04-23 8:27 ` Gerd Hoffmann
2010-04-23 9:28 ` Ian Molton
2010-04-23 14:07 ` Gerd Hoffmann
2010-04-23 15:49 ` Ian Molton
2010-04-23 17:32 ` Jamie Lokier
2010-04-24 9:16 ` Ian Molton
2010-04-02 10:15 ` Ian Molton
2010-04-02 10:07 ` Ian Molton
2010-05-03 17:56 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=v2uf43fc5581004201311tb983befay1dba3009dfcb97a8@mail.gmail.com \
--to=blauwirbel@gmail.com \
--cc=ian.molton@collabora.co.uk \
--cc=kraxel@redhat.com \
--cc=paul@codesourcery.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).