On Fri, May 03, 2019 at 05:46:12PM +0200, Kashyap Chamarthy wrote:
> When QEMU exposes a VirtIO-RNG device to the guest, that device needs a
> source of entropy, and that source needs to be "non-blocking", like
> `/dev/urandom`.  However, currently QEMU defaults to the problematic
> `/dev/random`, which is "blocking" (as in, it waits until sufficient
> entropy is available).
> 
> So change the entropy source to the recommended `/dev/urandom`.

Why is /dev/urandom "recommended"?

I understand the requirement for instant random numbers, but what about
the concerns about quality?  Have you decided that the consumers of
these random numbers are safe with /dev/urandom?

> 
> Related discussion in these[1][2] past threads.
> 
> [1] https://lists.nongnu.org/archive/html/qemu-devel/2018-06/msg08335.html
>     -- "RNG: Any reason QEMU doesn't default to `/dev/urandom`?"
> [2] https://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg02724.html
>     -- "[RFC] Virtio RNG: Consider changing the default entropy source to
>        /dev/urandom"

Please include actual justification in the commit description instead of
linking to email threads that need to be read and interpreted.

Stefan

Attachment: signature.asc
Description: PGP signature

Reply via email to