[vbox-dev] virtio-rng et al

Alexey Eromenko al4321 at gmail.com
Wed Mar 4 17:12:20 GMT 2015 

Newer CPUs (Broadwell?) have new RDRAND and RDSEED instructions.

Maybe it would be a good idea to allow their use inside guest VM ?

On Wed, Mar 4, 2015 at 5:48 PM, Johannes Ernst <johannes.ernst at gmail.com>
wrote:

> Unfortunately this is a headless server that wants to spin up and down a
> large number of VMs in short sequence as part of a QA process. Each wants
> to generate some key pairs. So banging on the keyboard or such isn't an
> option.
>
> Sent from my iPad.
>
> > On Mar 4, 2015, at 01:58, Frank Mehnert <frank.mehnert at oracle.com>
> wrote:
> >
> > I think the same you would do on real hardware. When I create crypt keys
> > on real hardware on Linux I'm asked to perform some actions like pressing
> > random keys very fast. I guess a busy (virtual) hard disk would add more
> > entropy, same with a busy network interface. Such device activities
> should
> > trigger a lot of interrupts which can be used by the guest OS kernel to
> > generate more entropy.
> >
> > Frank
> >
> >> On Wednesday 04 March 2015 00:10:09 you wrote:
> >> So in a nutshell, what's the best I can do at this point without code
> >> changes or waiting for the next release? I'm attempting to generate some
> >> gpg keys etc and it's taking a loooong time....
> >>
> >> Sent from my iPad.
> >>
> >>> On Mar 3, 2015, at 23:55, Frank Mehnert <frank.mehnert at oracle.com>
> wrote:
> >>>
> >>> Johannes,
> >>>
> >>>> On Tuesday 03 March 2015 20:31:06 Johannes Ernst wrote:
> >>>> What’s the best source of randomness for a Linux guest?
> >>>>
> >>>> I’ve been reading about virtio-rng [1]. Can it be made to work with
> >>>> VirtualBox?
> >>>
> >>> VirtualBox does not support virtio-rng but I guess it's not very
> >>> difficult to add this feature. I'm more worried about support for
> >>> hosts/guests different than Linux.
> >>>
> >>> The source for entropy in a virtual machine is in principle the
> >>> same like on bare metal, for instance device interrupts and their
> >>> distribution over time, several clocks and the time stamp counter.
> >>> VirtualBox tries very hard (and this will be even improved in the
> >>> next major release) to provide the guest sensible values when
> >>> reading the time stamp counter using the RDTSC machine instruction.
> >>>
> >>> But I admit that the sources for entropy within a virtual machine
> >>> are limited in comparison to bare metal, mainly because a guest
> >>> is usually configured to have only access to virtual devices being
> >>> essential for doing it's job.
> >>>
> >>> Frank
> >
> > --
> > Dr.-Ing. Frank Mehnert | Software Development Director, VirtualBox
> > ORACLE Deutschland B.V. & Co. KG | Werkstr. 24 | 71384 Weinstadt, Germany
> >
> > Hauptverwaltung: Riesstr. 25, D-80992 München
> > Registergericht: Amtsgericht München, HRA 95603
> > Geschäftsführer: Jürgen Kunz
> >
> > Komplementärin: ORACLE Deutschland Verwaltung B.V.
> > Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
> > Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
> > Geschäftsführer: Alexander van der Ven, Astrid Kepper, Val Maher
>
> _______________________________________________
> vbox-dev mailing list
> vbox-dev at virtualbox.org
> https://www.virtualbox.org/mailman/listinfo/vbox-dev
>



-- 
-Alexey Eromenko "Technologov"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.virtualbox.org/pipermail/vbox-dev/attachments/20150304/2c0e7a85/attachment.html>

More information about the vbox-dev mailing list