similar to: [PATCH 1/1] virtio: rng: add derating factor for use by hwrng core

Hi Linus, Sending directly to you with the commit log changes Ted Ts'o pointed out. Not sure if Rusty's back after his travel, but this already has his s-o-b. Please pull. The following changes since commit c9d26423e56ce1ab4d786f92aebecf859d419293: Merge tag 'pm+acpi-3.17-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm (2014-08-14 18:13:46 -0600) are

Hi Linus, Sending directly to you with the commit log changes Ted Ts'o pointed out. Not sure if Rusty's back after his travel, but this already has his s-o-b. Please pull. The following changes since commit c9d26423e56ce1ab4d786f92aebecf859d419293: Merge tag 'pm+acpi-3.17-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm (2014-08-14 18:13:46 -0600) are

On (Mon) 11 Aug 2014 [15:11:03], H. Peter Anvin wrote: > On 08/11/2014 11:49 AM, Amit Shah wrote: > > The khwrngd thread is started when a hwrng device of sufficient > > quality is registered. The virtio-rng device is backed by the > > hypervisor, and we trust the hypervisor to provide real entropy. A > > malicious hypervisor is a scenario that's ruled out, so we

On (Mon) 11 Aug 2014 [15:11:03], H. Peter Anvin wrote: > On 08/11/2014 11:49 AM, Amit Shah wrote: > > The khwrngd thread is started when a hwrng device of sufficient > > quality is registered. The virtio-rng device is backed by the > > hypervisor, and we trust the hypervisor to provide real entropy. A > > malicious hypervisor is a scenario that's ruled out, so we

The khwrngd thread is started when a hwrng device of sufficient quality is registered. The virtio-rng device is backed by the hypervisor, and we trust the hypervisor to provide real entropy. A malicious hypervisor is a scenario that's irrelevant -- such a setup is bound to cause all sorts of badness, and a compromised hwrng is not the biggest threat. Given this, we are certain the quality

The khwrngd thread is started when a hwrng device of sufficient quality is registered. The virtio-rng device is backed by the hypervisor, and we trust the hypervisor to provide real entropy. A malicious hypervisor is a scenario that's irrelevant -- such a setup is bound to cause all sorts of badness, and a compromised hwrng is not the biggest threat. Given this, we are certain the quality

On 08/07/2014 06:08 AM, Amit Shah wrote: > On KVM guests where the virtio-rng device is available, and set as the > current rng, this udev rule will start rngd which will feed in the > host-provided entropy to /dev/random. > > Signed-off-by: Amit Shah <amit.shah at redhat.com> > --- > 90-virtio-rng.rules | 1 + > 1 file changed, 1 insertion(+) > create mode

On 08/07/2014 06:08 AM, Amit Shah wrote: > On KVM guests where the virtio-rng device is available, and set as the > current rng, this udev rule will start rngd which will feed in the > host-provided entropy to /dev/random. > > Signed-off-by: Amit Shah <amit.shah at redhat.com> > --- > 90-virtio-rng.rules | 1 + > 1 file changed, 1 insertion(+) > create mode

On 08/11/2014 11:49 AM, Amit Shah wrote: > The khwrngd thread is started when a hwrng device of sufficient > quality is registered. The virtio-rng device is backed by the > hypervisor, and we trust the hypervisor to provide real entropy. A > malicious hypervisor is a scenario that's ruled out, so we are certain > the quality of randomness we receive is perfectly trustworthy.

On 08/08/2014 02:07 AM, Amit Shah wrote: > > >> To >> some degree the above is obsolete when we get khwrngd widely deployed, >> but that is a new-kernel-only kind of thing. > > Right - I'm wondering if any such changes as propsed here are now > obsolted already by khwrngd? > In this case, yes, khwrngd would be a better solution for current kernels.

On 08/08/2014 02:07 AM, Amit Shah wrote: > > >> To >> some degree the above is obsolete when we get khwrngd widely deployed, >> but that is a new-kernel-only kind of thing. > > Right - I'm wondering if any such changes as propsed here are now > obsolted already by khwrngd? > In this case, yes, khwrngd would be a better solution for current kernels.

On Wed, Jul 02, 2014 at 03:58:15PM +0530, Amit Shah wrote: > Commit d9e7972619334 "hwrng: add randomness to system from rng sources" > added a call to rng_get_data() from the hwrng_register() function. > However, some rng devices need initialization before data can be read > from them. > > Also, the virtio-rng device does not behave properly when this call is > made

On Wed, Jul 02, 2014 at 03:58:15PM +0530, Amit Shah wrote: > Commit d9e7972619334 "hwrng: add randomness to system from rng sources" > added a call to rng_get_data() from the hwrng_register() function. > However, some rng devices need initialization before data can be read > from them. > > Also, the virtio-rng device does not behave properly when this call is > made

Instead of calling hwrng_register() in the probe routing, call it in the scan routine. This ensures that when hwrng_register() is successful, and it requests a few random bytes to seed the kernel's pool at init, we're ready to service that request. This will also enable us to remove the workaround added previously to check whether probe was completed, and only then ask for data from the

Instead of calling hwrng_register() in the probe routing, call it in the scan routine. This ensures that when hwrng_register() is successful, and it requests a few random bytes to seed the kernel's pool at init, we're ready to service that request. This will also enable us to remove the workaround added previously to check whether probe was completed, and only then ask for data from the

Instead of calling hwrng_register() in the probe routing, call it in the scan routine. This ensures that when hwrng_register() is successful, and it requests a few random bytes to seed the kernel's pool at init, we're ready to service that request. This will also enable us to remove the workaround added previously to check whether probe was completed, and only then ask for data from the

Instead of calling hwrng_register() in the probe routing, call it in the scan routine. This ensures that when hwrng_register() is successful, and it requests a few random bytes to seed the kernel's pool at init, we're ready to service that request. This will also enable us to remove the workaround added previously to check whether probe was completed, and only then ask for data from the

v3: - Kees Cook pointed out a weird side-effect: devices which have ->init() registered get their randomness added to the system each time they're switched in, but devices that don't have the init callback don't contribute to system randomness more than once. The weirdness is resolved here by using the randomness each time hwrng_init() is attempted, irrespective of

v3: - Kees Cook pointed out a weird side-effect: devices which have ->init() registered get their randomness added to the system each time they're switched in, but devices that don't have the init callback don't contribute to system randomness more than once. The weirdness is resolved here by using the randomness each time hwrng_init() is attempted, irrespective of

v2: - this now separates both the patches; the virtio-rng fix is self-contained - re-work hwrng core to fetch randomness at device init time if ->init() is registered by the device, instead of not calling it at all. - virtio-rng: introduce a probe_done bool to ensure we don't ask host for data before successful probe Hi, When booting a recent kernel under KVM with the virtio-rng