On Thu, May 1, 2014 at 2:01 PM, H. Peter Anvin <hpa@xxxxxxxxx> wrote:
> On 05/01/2014 01:56 PM, Andy Lutomirski wrote:
>>
>> Even if we could emulate RDSEED effectively**, I don't really
>> understand what the guest is expected to do with it. And I generally
>> dislike defining an interface with no known sensible users, because it
>> means that there's a good chance that the interface won't end up
>> working.
>>
>> ** Doing this sensibly in the host will be awkward. Is the host
>> supposed to use non-blocking reads of /dev/random? Getting anything
>> remotely fair may be difficult.
>
> The host can use nonblocking reads of /dev/random. Fairness would have
> to be implemented at the host level, but that is true for anything.
>
I still don't see the point. What does this do better than virtio-rng?
The ASLR code doesn't even try to use RDSEED. RDSEED is used in
add_interrupt_randomness, which should drain the host's /dev/random
even if it could, and it's used in init_std_data. The logic there is:
if (!arch_get_random_seed_long(&rv) &&
!arch_get_random_long(&rv))
rv = random_get_entropy();
I think this is better achieved by having the host try to supply the
highest quality data it can.
The third RDSEED use is arch_random_refill. This purpose would be
much better served by the khwrng stuff and virtio-rng.
So I still claim that fancy emulated RDSEED support will have no users.
--Andy
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
