Il 26/10/2012 22:29, H. Peter Anvin ha scritto: >>> This is surreal. Output from /dev/hwrng turns into output for >>> /dev/random... it us guaranteed worse; period, end of story. >> > >> > Isn't that exactly what happens in bare-metal? hwrng -> rngd -> random. >> > Instead here >> > we'd have, host hwrng -> virtio-rng-pci -> guest hwrng -> guest rngd -> >> > guest random. >> > >> > The only difference is that you paravirtualize access to the host hwrng to >> > a) distribute >> > entropy to multiple guests; b) support migration across hosts with >> > different CPUs and >> > hardware. > First, hwrng is only one of the sources used by rngd. It can also > (currently) use RDRAND or TPM; additional sources are likely to be added > in the future. > > Second, the harvesting of environmental noise -- timings -- is not as > good in a VM as on plain hardware, so for the no-hwrng case it is better > for this to be done in the host than in the VM.
Neither of these make /dev/random with virtio-rng-pci worse than without (as would be the case if you fed /dev/urandom). And migration works. This, and avoiding denial of service for the host's /dev/random, is all I care about at this time. There is always time to change defaults to something better. Paolo