The khwrngd thread is started when a hwrng device of sufficient
quality is registered.  The virtio-rng device is backed by the
hypervisor, and we trust the hypervisor to provide real entropy.

A malicious hypervisor is a scenario that's irrelevant -- such a setup
is bound to cause all sorts of badness, and a compromised hwrng is not
the biggest threat.

Given this, we are certain the quality of randomness we receive is
perfectly trustworthy.  Hence, we use 100% for the factor, indicating
maximum confidence in the source.

Signed-off-by: Amit Shah <amit.s...@redhat.com>

---
Pretty small and contained patch; would be great if it is picked up for
3.17.

v2: re-word commit msg
---
 drivers/char/hw_random/virtio-rng.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/char/hw_random/virtio-rng.c 
b/drivers/char/hw_random/virtio-rng.c
index 0027137..2e3139e 100644
--- a/drivers/char/hw_random/virtio-rng.c
+++ b/drivers/char/hw_random/virtio-rng.c
@@ -116,6 +116,7 @@ static int probe_common(struct virtio_device *vdev)
                .cleanup = virtio_cleanup,
                .priv = (unsigned long)vi,
                .name = vi->name,
+               .quality = 1000,
        };
        vdev->priv = vi;
 
-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to