> Also, I do not believe /dev/urandom is FIPS compliant. Finally, the refill > policy is different, so it is not really true the algorithm is the same. > > All in all, other than a seed value it really doesn't make any sense. Of > course, none of this matters on newer Intel hardware ;) Right, but there's always the point about people that use heterogeneous hosts and cannot pass rdrand/rdseed to the guest. For these, we should add a QEMU driver that uses rdrand/rdseed, and thus decouples virtio-rng from the host /dev/* completely. >From the libvirt POV there are various possibilities: - Libvirt can have a libvirt.conf parameter that says "ignore whatever is specified in the guest XML if rdrand/rdseed is available, and instead use rdrand/rdseed". - Libvirt can allow specifying rdrand/rdseed _and_ an additional backend, like this: <backend model="cpu"/> <backend model="random">/dev/random</backend> and fallback to the second if rdrand/rdseed are not available. Paolo -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list