lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <482CA0C8.7020808@garzik.org>
Date:	Thu, 15 May 2008 16:44:56 -0400
From:	Jeff Garzik <jeff@...zik.org>
To:	Christian Borntraeger <borntraeger@...ibm.com>
CC:	LKML <linux-kernel@...r.kernel.org>, virtualization@...ts.osdl.org,
	Rusty Russell <rusty@...tcorp.com.au>, jeremy@...source.com,
	Herbert Xu <herbert@...dor.apana.org.au>,
	Avi Kivity <avi@...ranet.com>, dor.laor@...ranet.com
Subject: Re: Virt RNG?

Christian Borntraeger wrote:
> Am Donnerstag, 15. Mai 2008 schrieb Jeff Garzik:
>> Has anyone yet written a "hw" RNG module for virt, that reads the host's 
>> random number pool?
>>
>> All this talk[1] about IRQF_SAMPLE_RANDOM in network drivers reminds me 
>> that virt guest instances should be grabbing random numbers from the 
>> host, especially if the host has a hardware RNG.
> 
> Yes, there was a drivers/char/hw_random/virtio-rng.c in Rusty's lguest 
> repository. 
> http://www.mail-archive.com/virtualization%40lists.linux-foundation.org/msg02902.html
> 
> I have tested this driver with this fix
> https://lists.linux-foundation.org/pipermail/virtualization/2008-January/009737.html
> and it worked.

Nice!



> As it transfers only 4 byte per hypercall it is not mindblowingly fast, but I 
> guess it is fast enough.

A limitation of the hw-random API.  However, I'd say the virtio rng 
driver could (and should) buffer bigger chunks, say at least a 
cacheline's worth of data, to return via hw-random's 32-bit data request 
API.

	Jeff



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ