[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] VirtIO-RNG: Update default entropy source to `/

From: Richard Henderson
Subject: Re: [Qemu-devel] [PATCH] VirtIO-RNG: Update default entropy source to `/dev/urandom`
Date: Tue, 7 May 2019 08:20:45 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1

On 5/3/19 8:46 AM, Kashyap Chamarthy wrote:
> When QEMU exposes a VirtIO-RNG device to the guest, that device needs a
> source of entropy, and that source needs to be "non-blocking", like
> `/dev/urandom`.  However, currently QEMU defaults to the problematic
> `/dev/random`, which is "blocking" (as in, it waits until sufficient
> entropy is available).
> So change the entropy source to the recommended `/dev/urandom`.
> Related discussion in these[1][2] past threads.
> [1] https://lists.nongnu.org/archive/html/qemu-devel/2018-06/msg08335.html
>     -- "RNG: Any reason QEMU doesn't default to `/dev/urandom`?"
> [2] https://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg02724.html
>     -- "[RFC] Virtio RNG: Consider changing the default entropy source to
>        /dev/urandom"
> Signed-off-by: Kashyap Chamarthy <address@hidden>
> ---
>  backends/rng-random.c | 2 +-
>  qemu-options.hx       | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

I would also like to point out

  "[PATCH v4 00/24] Add qemu_getrandom and ARMv8.5-RNG etc"

Which, if used in more rng backends, would remove direct use of either
/dev/urandom or /dev/random and instead be handled by one of the crypto
libraries against which we link.

Which in turn may be implemented by getrandom(2) instead of the legacy 

Which would, I suppose, deprecate the file= option entirely.


PS: I'm not sure what the difference between backends/rng* is supposed to be,
and whether that distinction is relevant.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]