[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Hardware Random Number Generator (RNG) access from Xen VMs, providing more entropy to guests

To: xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Pasi Kärkkäinen <pasik@xxxxxx>
Date: Sun, 23 Oct 2016 23:48:11 +0300
Delivery-date: Sun, 23 Oct 2016 20:48:37 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hello,

Has anyone thought of writing Xen RNG (PV) driver? 

Afaik currently there's no access to hardware accelerated RNGs from Xen VMs, so 
for example SSL/TLS operations can result in low entropy and blocking 
/dev/random in Xen VMs, resulting in poor performance of applications. Running 
same applications on baremetal Linux result in much better performance because 
baremetal Linux can access the hardware RNG directly, and thus gets much more 
entropy.

Qemu/KVM provides virtio-rng driver.. I wonder if that'd work easily with Xen 
aswell? I guess I should try..

virtio-rng backend is available in Qemu 1.3+:
- http://wiki.qemu-project.org/Features/VirtIORNG
- https://fedoraproject.org/wiki/Features/Virtio_RNG

And virtio-rng driver is included in upstream Linux kernel since 2.6.26.


Thanks,

-- Pasi


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] Hardware Random Number Generator (RNG) access from Xen VMs, providing more entropy to guests
  - From: John Haxby

Prev by Date: [Xen-devel] [qemu-upstream-unstable test] 101628: regressions - FAIL
Next by Date: [Xen-devel] [PATCH for-4.8] tools: Handle existing link to acpi directory
Previous by thread: [Xen-devel] [qemu-upstream-unstable test] 101628: regressions - FAIL
Next by thread: Re: [Xen-devel] Hardware Random Number Generator (RNG) access from Xen VMs, providing more entropy to guests
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.