qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Socket reconnection.

From: Ian Molton
Subject: Re: [Qemu-devel] Socket reconnection.
Date: Sun, 06 Dec 2009 16:33:14 +0000
User-agent: Mozilla-Thunderbird 2.0.0.22 (X11/20090707) 
Jamie Lokier wrote:
> Ian Molton wrote:
>> Jamie Lokier wrote:
>>
>>> I'm a bit puzzled.
>>>
>>> Why isn't virtio-rng getting entropy from /dev/random on the host?
>> /dev/random may not be available.
> 
> Understood on a non-Linux host.

Or a linux host with a user with insufficient privs...

>> Besides, not all entropy comes from /dev/random.
> 
> On a Linux host, why isn't rngd simply injecting it's entropy into
> /dev/random where it would be more convenient to access?  (No need for
> socket reconnection code, for example).

Who knows? lack of privs, an admin who only uses egd, a machine which is
being fed entropy by egd via a tunnel. User doesnt trust /dev/random,
/dev/random known to be failing FIPS tests on a shared machine - there
could be any number of reasons. In our case, entropy is comming from
hardware via egd, to be used in the guest VMs. why feed it into RNGD,
then the hosts entropy pool, THEN the guests - just feed them directly.
the egd daemon in this case also offers load balancing to all consumers
of entropy.

Since we need this on hosts without /dev/random anyway, I dont see why
we would need to deliberately cripple qemu on linux hosts...

-Ian
reply via email to
[Prev in Thread] Current Thread [Next in Thread]