On Fri, May 03, 2019 at 05:46:12PM +0200, Kashyap Chamarthy wrote: > When QEMU exposes a VirtIO-RNG device to the guest, that device needs a > source of entropy, and that source needs to be "non-blocking", like > `/dev/urandom`. However, currently QEMU defaults to the problematic > `/dev/random`, which is "blocking" (as in, it waits until sufficient > entropy is available). > > So change the entropy source to the recommended `/dev/urandom`.
Why is /dev/urandom "recommended"? I understand the requirement for instant random numbers, but what about the concerns about quality? Have you decided that the consumers of these random numbers are safe with /dev/urandom? > > Related discussion in these[1][2] past threads. > > [1] https://lists.nongnu.org/archive/html/qemu-devel/2018-06/msg08335.html > -- "RNG: Any reason QEMU doesn't default to `/dev/urandom`?" > [2] https://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg02724.html > -- "[RFC] Virtio RNG: Consider changing the default entropy source to > /dev/urandom" Please include actual justification in the commit description instead of linking to email threads that need to be read and interpreted. Stefan
signature.asc
Description: PGP signature