On Tue, Jul 22, 2014 at 2:08 PM, H. Peter Anvin <hpa@xxxxxxxxx> wrote: > On 07/22/2014 02:04 PM, Andy Lutomirski wrote: >> >> Just to check: do you mean the RDRAND is very likely to work (i.e. >> arch_get_random_long will return true) or that RDRAND will actually >> reseed several times during initialization? >> > > I mean that RDRAND will actually reseed several times during > initialization. The documented architectural limit is actually > extremely conservative. > > Either way, it isn't really different from seeding from a VM hosts > /dev/urandom... > Sure it is. The VM host's /dev/urandom makes no guarantee (or AFAIK even any particular effort) to reseed such that the output has some minimum entropy per bit, so there would be no point to reading extra data from it. Anyway, I'd be willing to drop the conservative RDRAND logic, but I *still* think that arch_get_rng_seed is a much better interface than arch_get_slow_rng_u64. --Andy -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
