[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH RFC v1 0/2] VM fork detection for RNG
|
From: |
Laszlo Ersek |
|
Subject: |
Re: [PATCH RFC v1 0/2] VM fork detection for RNG |
|
Date: |
Thu, 24 Feb 2022 09:22:50 +0100 |
(+Daniel, +Rich)
On 02/23/22 17:08, Jason A. Donenfeld wrote:
> On Wed, Feb 23, 2022 at 2:12 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>> second patch is the reason this is just an RFC: it's a cleanup of the
>> ACPI driver from last year, and I don't really have much experience
>> writing, testing, debugging, or maintaining these types of drivers.
>> Ideally this thread would yield somebody saying, "I see the intent of
>> this; I'm happy to take over ownership of this part." That way, I can
>> focus on the RNG part, and whoever steps up for the paravirt ACPI part
>> can focus on that.
>
> I actually managed to test this in QEMU, and it seems to work quite well.
> Steps:
>
> $ qemu-system-x86_64 ... -device vmgenid,guid=auto -monitor stdio
> (qemu) savevm blah
> (qemu) quit
> $ qemu-system-x86_64 ... -device vmgenid,guid=auto -monitor stdio
> (qemu) loadvm blah
>
> Doing this successfully triggers the function to reinitialize the RNG
> with the new GUID.
QEMU's related design is documented in
<https://git.qemu.org/?p=qemu.git;a=blob;f=docs/specs/vmgenid.txt>.
The Microsoft specification referenced therein,
<http://go.microsoft.com/fwlink/?LinkId=260709>, contains the following
statement:
"they can also use the data provided in the 128-bit identifier as a high
entropy random data source"
So reinitializing an RNG from it is an express purpose.
More info in the libvirt docs (see "genid"):
https://libvirt.org/formatdomain.html#general-metadata
QEMU's interpretation of the VMGENID specifically as a UUID (which I
believe comes from me) has received (valid) criticism since:
https://github.com/libguestfs/virt-v2v/blob/master/docs/vm-generation-id-across-hypervisors.txt
(This document also investigates VMGENID on other hypervisors, which I
think pertains to your other message.)
> (It appears there's a bug in QEMU which prevents
> the GUID from being reinitialized when running `loadvm` without
> quitting first; I suppose this should be discussed with QEMU
> upstream.)
That's not (necessarily) a bug; see the end of the above-linked QEMU
document:
"There are no known use cases for changing the GUID once QEMU is
running, and adding this capability would greatly increase the complexity."
>
> So that's very positive. But I would appreciate hearing from some
> ACPI/Virt/Amazon people about this.
I've only made some random comments; I didn't see a question so I
couldn't attempt to answer :)
Thanks
Laszlo
[PATCH RFC v1 2/2] drivers/virt: add vmgenid driver for reinitializing RNG, Jason A. Donenfeld, 2022/02/23
Re: [PATCH RFC v1 0/2] VM fork detection for RNG, Jason A. Donenfeld, 2022/02/23
Re: [PATCH RFC v1 0/2] VM fork detection for RNG, Alexander Graf, 2022/02/24