[CentOS-virt] Would a hardware TRNG benefit VMs?

Wed Jul 17 04:02:03 UTC 2013
Digimer <lists at alteeve.ca>

On 16/07/13 18:01, Pete Travis wrote:
>
> On Jul 16, 2013 10:20 AM, "Digimer" <lists at alteeve.ca
> <mailto:lists at alteeve.ca>> wrote:
>  >
>  > On 16/07/13 06:30, Stefano Stabellini wrote:
>  > > On Mon, 15 Jul 2013, Digimer wrote:
>  > >> On 15/07/13 07:04, Stefano Stabellini wrote:
>  > >>> On Sat, 13 Jul 2013, Digimer wrote:
>  > >>>> Hi all,
>  > >>>>
>  > >>>>      I've been curious about using hardware true random number
> generators
>  > >>>> in my VM clusters. This got me wondering about the VM's /dev/random
>  > >>>> source... If I setup a hardware TRNG on the host, would the VM's
> also
>  > >>>> benefit from it?
>  > >>>
>  > >>> Xen VMs would not be able to benefit from it. I don't know about KVM.
>  > >>
>  > >> Would you be able to elaborate on why not? I know Xen and KVM
> differ, but this
>  > >> is not a topic I have seen discussed at all before, so any insight
> would be
>  > >> helpful and appreciated! :)
>  > >
>  > > Because we don't have a paravirtualized interface to export the
>  > > randomness to the guest.
>  > > It would be a nice small little project to do that though.
>  > >
>  >
>  > Ah, ok. I'm an admin, not a programmer, so I am not sure what would be
>  > needed. Given how popular VMs are now, I can imagine it would be a nice
>  > feature to have. If it's a "small" project, then all the better! :)
>  >
>  > Thanks!
>  >
>  > --
>  > Digimer
>  > Papers and Projects: https://alteeve.ca/w/
>  > What if the cure for cancer is trapped in the mind of a person without
>  > access to education?
>  >
>
> There is such a thing, see
> https://fedoraproject.org/wiki/Features/Virtio_RNG
>
> --Pete

Ok, that is _awesome_! I hope it gets into RHEL 7. Thank you kindly for 
the link!

-- 
Digimer
Papers and Projects: https://alteeve.ca/w/
What if the cure for cancer is trapped in the mind of a person without 
access to education?