Has anyone yet written a "hw" RNG module for virt, that reads the host's random number pool? All this talk[1] about IRQF_SAMPLE_RANDOM in network drivers reminds me that virt guest instances should be grabbing random numbers from the host, especially if the host has a hardware RNG. Jeff [1] lkml&netdev thread: "[PATCH] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM"
Jeff Garzik wrote:> Has anyone yet written a "hw" RNG module for virt, that reads the host's > random number pool? > > All this talk[1] about IRQF_SAMPLE_RANDOM in network drivers reminds me > that virt guest instances should be grabbing random numbers from the > host, especially if the host has a hardware RNG.It was actually one of the first device types proposed for what would become virtio, but as far as I know there has been no work on such a device. It certainly makes lots of sense. J
Am Donnerstag, 15. Mai 2008 schrieb Jeff Garzik:> Has anyone yet written a "hw" RNG module for virt, that reads the host's > random number pool? > > All this talk[1] about IRQF_SAMPLE_RANDOM in network drivers reminds me > that virt guest instances should be grabbing random numbers from the > host, especially if the host has a hardware RNG.Yes, there was a drivers/char/hw_random/virtio-rng.c in Rusty's lguest repository. http://www.mail-archive.com/virtualization%40lists.linux-foundation.org/msg02902.html I have tested this driver with this fix https://lists.linux-foundation.org/pipermail/virtualization/2008-January/009737.html and it worked. As it transfers only 4 byte per hypercall it is not mindblowingly fast, but I guess it is fast enough. Dont know why it never hit mainline. Christian
On Thu, May 15, 2008 at 02:48:53PM -0400, Jeff Garzik wrote:> Has anyone yet written a "hw" RNG module for virt, that reads the host's > random number pool?UML has one, probably not usable as-is by anyone else right now... Jeff -- Work email - jdike at linux dot intel dot com
On Friday 16 May 2008 04:48:53 Jeff Garzik wrote:> Has anyone yet written a "hw" RNG module for virt, that reads the host's > random number pool? > > All this talk[1] about IRQF_SAMPLE_RANDOM in network drivers reminds me > that virt guest instances should be grabbing random numbers from the > host, especially if the host has a hardware RNG.Yes, I prepared one earlier. I was a little surprised to see that hwrng drivers don't contribute in any way to the entropy pool though, but now reading the thread I find out about rngd (not installed on my Ubuntu system, but available at least). One could argue that virtual rng should try to feed the kernel rng directly, with or without entropy credit. Anyway, since there's interest, I'll drag virtio_rng from the bottom of the queue, apply Christian's fix (which I somehow missed before, sorry Christian), and re-post. Thanks, Rusty.
Apparently Analagous Threads
- Virt RNG?
- [PATCH 0/2] rng-tools: add udev rule for virtio-rng
- [PATCH 0/2] rng-tools: add udev rule for virtio-rng
- [PATCH 1/2] rngd: add udev rule to source from hwrng if virtio-rng present
- [PATCH 1/2] rngd: add udev rule to source from hwrng if virtio-rng present