Commit-ID: 10ed0ae7373128917f704804f861d4c4cec25f25
Gitweb: http://git.kernel.org/tip/10ed0ae7373128917f704804f861d4c4cec25f25
Author: Sasha Levin <sasha.levin@xxxxxxxxxx>
AuthorDate: Fri, 16 Nov 2012 15:51:13 -0500
Committer: Pekka Enberg <penberg@xxxxxxxxxx>
CommitDate: Fri, 16 Nov 2012 23:57:37 +0200
kvm tools: use /dev/random in virtio-rng
hpa explained it way better than I ever could:
On 11/15/2012 04:13 PM, H. Peter Anvin wrote:
>> In tools/kvm, you are currently using /dev/urandom as a source for
>> virtio-rng. virtio-rng is expected to provide entropic content, as
>> the PRNG side of the force can be run in the guest itself.
On 11/15/2012 01:49 PM, Sasha Levin wrote:
> I was under the impression that by supplying /dev/urandom from the
> host, which is *outside* the guest, this is equivalent to completely
> random data for the guest since the guest cannot possibly calculate
> the random data by observing it's own actions.
>
> I guess I was wrong on that? If so I'll fix it as you've suggested.
It is unpredictable, but not entropic. Those are different things.
Consider a PRNG built by AES-encrypting a counter with a random key
(the seed). If it is properly randomly seeded, the first 16 bytes
would be entropic. However, the second 16 bytes would be completely
determined by the first ones and thus add no entropy, even though to
be able to predict them you would have to invert AES via a
known-plaintext attack.
That is why they are different metrics.
We already have a PRNG in guest space, so there is no reason to burn
more CPU time running one in host space to fake-seed the one in guest
space.
Suggested-by: H. Peter Anvin <hpa@xxxxxxxxx>
Signed-off-by: Sasha Levin <sasha.levin@xxxxxxxxxx>
Signed-off-by: Pekka Enberg <penberg@xxxxxxxxxx>
---
tools/kvm/virtio/rng.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/tools/kvm/virtio/rng.c b/tools/kvm/virtio/rng.c
index 1a09fdf..2ddfb28 100644
--- a/tools/kvm/virtio/rng.c
+++ b/tools/kvm/virtio/rng.c
@@ -61,11 +61,13 @@ static void set_guest_features(struct kvm *kvm, void *dev, u32 features)
static bool virtio_rng_do_io_request(struct kvm *kvm, struct rng_dev *rdev, struct virt_queue *queue)
{
struct iovec iov[VIRTIO_RNG_QUEUE_SIZE];
- unsigned int len = 0;
+ ssize_t len = 0;
u16 out, in, head;
head = virt_queue__get_iov(queue, iov, &out, &in, kvm);
len = readv(rdev->fd, iov, in);
+ if (len < 0 && errno == EAGAIN)
+ len = 0;
virt_queue__set_used_elem(queue, head, len);
@@ -161,7 +163,7 @@ int virtio_rng__init(struct kvm *kvm)
if (rdev == NULL)
return -ENOMEM;
- rdev->fd = open("/dev/urandom", O_RDONLY);
+ rdev->fd = open("/dev/random", O_RDONLY | O_NONBLOCK);
if (rdev->fd < 0) {
r = rdev->fd;
goto cleanup;
--
To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|