On 09/19/2014 01:46 PM, Andy Lutomirski wrote:
>>
>> However, it sounds to me that at least for KVM, it is very easy just to
>> emulate the RDRAND instruction. The hypervisor would report to the guest
>> that RDRAND is supported in CPUID and the emulate the instruction when guest
>> executes it. KVM already traps guest #UD (which would occur if RDRAND
>> executed while it is not supported) - so this scheme wouldn’t introduce
>> additional overhead over RDMSR.
>
> Because then guest user code will think that rdrand is there and will
> try to use it, resulting in abysmal performance.
>
Yes, the presence of RDRAND implies a cheap and inexhaustible entropy
source.
-hpa
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
