Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support

From:	H. Peter Anvin
Subject:	Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
Date:	Fri, 26 Oct 2012 13:29:52 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120605 Thunderbird/13.0

On 10/26/2012 12:51 PM, Paolo Bonzini wrote:
> Il 26/10/2012 21:07, H. Peter Anvin ha scritto:
>> This is surreal.  Output from /dev/hwrng turns into output for 
>> /dev/random... it us guaranteed worse; period, end of story.
> 
> Isn't that exactly what happens in bare-metal?  hwrng -> rngd -> random.  
> Instead here
> we'd have, host hwrng -> virtio-rng-pci -> guest hwrng -> guest rngd -> guest 
> random.
> 
> The only difference is that you paravirtualize access to the host hwrng to a) 
> distribute
> entropy to multiple guests; b) support migration across hosts with different 
> CPUs and
> hardware.

First, hwrng is only one of the sources used by rngd.  It can also
(currently) use RDRAND or TPM; additional sources are likely to be added
in the future.

Second, the harvesting of environmental noise -- timings -- is not as
good in a VM as on plain hardware, so for the no-hwrng case it is better
for this to be done in the host than in the VM.

        -hpa

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support, (continued)
- Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support, Amit Shah, 2012/10/29

Prev by Date: Re: [Qemu-devel] q35: usb keyboard trouble
Next by Date: Re: [Qemu-devel] [PATCH v7 1/1] target-i386: Add missing kvm bits.
Previous by thread: Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
Next by thread: Re: [Qemu-devel] [PATCH 0/6] add paravirtualization hwrng support
Index(es):
- Date
- Thread