Bug 1374227

Summary: Add /dev/urandom as entropy source for virtio-rng
Product: [oVirt] ovirt-engine Reporter: Martin Polednik <mpoledni>
Component: BLL.VirtAssignee: jniederm
Status: CLOSED CURRENTRELEASE QA Contact: Nisim Simsolo <nsimsolo>
Severity: high Docs Contact:
Priority: medium    
Version: 4.0.0CC: bgraveno, bugs, djasa, eedri, jniederm, lbopf, mavital, michal.skrivanek, nsimsolo, tjelinek, ykaul
Target Milestone: ovirt-4.1.0-alphaFlags: rule-engine: ovirt-4.1+
nsimsolo: testing_plan_complete+
rule-engine: planning_ack+
rule-engine: devel_ack+
mavital: testing_ack+
Target Release: 4.1.0.2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1347669 Environment:
Last Closed: 2017-03-16 14:47:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Virt RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1074464, 1347642, 1347669, 1419924    
Bug Blocks: 1337101, 1398560, 1405032, 1421510, 1430550    

Description Martin Polednik 2016-09-08 09:51:39 UTC
+++ This bug was initially created as a clone of Bug #1347669 +++

Description of problem:
/dev/urandom is perfectly fine source of randomness once seeded (see bug 1074464#c13 for discussion and references) and from 7.3 on, libvirt won't refuse it as a source of randomness (see blocking bugs). oVirt/RHEV should therefore enable it as a backend for virtio-rng from 4.1 on at latest.

Version-Release number of selected component (if applicable):
4.0

How reproducible:
always

Steps to Reproduce:
1. try to use /dev/urandom as a randomnes source in Edit VM -> Random generator
2.
3.

Actual results:
only /dev/random and /dev/hwrng are available

Expected results:
/dev/urandom is available to choose as well

Additional info:

--- Additional consideration for ovirt-engine
Currently, VDSM can report up to 2 sources: random and hwrng. New source cannot be added due to 1374216, therefore current implementation of VDSM doesn't report new source but changes semantics of "random" source.

The semantics are now as follows:
"random" RNG source means support of "random" and "urandom" sources

"urandom" is the source engine should send to VDSM when "random" checkbox is ticked.

Comment 1 Red Hat Bugzilla Rules Engine 2016-09-08 09:52:07 UTC
Bug tickets must have version flags set prior to targeting them to a release. Please ask maintainer to set the correct version flags and only then set the target milestone.

Comment 2 Yaniv Kaul 2016-11-01 11:45:17 UTC
I'm missing something here. Wouldn't it make more sense to do a simple change in VDSM only - if it's supported, use 'urandom'. Otherwise, use 'random'.
Why do we need Engine changes, for example?

Comment 3 jniederm 2016-11-01 12:26:26 UTC
IIUIC the problem with such vdsm only change might be that user will not be able to find out what RNG source is actually used. The UI would always show 'random'. Plus it would introduce an inconsistency between VM descriptor that is being send on VM startup from engine to vdsm and the actual VM configuration.
And both 'random' and 'urandom' are present on almost all linux systems so it would also mean that after upgrade 4.0 -> 4.1 even VMs in 4.0 clusters will get 'urandom' (despite expecting 'random').

Comment 4 Yaniv Kaul 2016-11-01 12:29:22 UTC
(In reply to jniederm from comment #3)
> IIUIC the problem with such vdsm only change might be that user will not be
> able to find out what RNG source is actually used. The UI would always show
> 'random'. Plus it would introduce an inconsistency between VM descriptor
> that is being send on VM startup from engine to vdsm and the actual VM
> configuration.
> And both 'random' and 'urandom' are present on almost all linux systems so
> it would also mean that after upgrade 4.0 -> 4.1 even VMs in 4.0 clusters
> will get 'urandom' (despite expecting 'random').

Understood - but keep in mind that it's a libvirt issue of not supporting 'urandom' - until 7.3. You need to make sure that all hosts support it (for migration, for example). I thought the best path would have been to hide this detail from everyone as much as possible.

Comment 5 Eyal Edri 2016-11-23 07:22:12 UTC
This is now failing CI:

http://jenkins.ovirt.org/view/experimental%20jobs/job/test-repo_ovirt_experimental_master/3562/\

While running log-collector, this error shows:

ERROR: _get_hypervisors_from_api: urandom is not a valid RngSource

Comment 6 Sandro Bonazzola 2016-12-12 13:54:16 UTC
The fix for this issue should be included in oVirt 4.1.0 beta 1 released on December 1st. If not included please move back to modified.

Comment 7 Tomas Jelinek 2016-12-13 08:12:55 UTC
*** Bug 1347271 has been marked as a duplicate of this bug. ***

Comment 8 Nisim Simsolo 2017-03-08 15:11:58 UTC
Verification builds:
ovirt-engine-4.1.1.3-0.1.el7
vdsm-4.19.7-1.el7ev.x86_64
libvirt-client-2.0.0-10.el7_3.5.x86_64
qemu-kvm-rhev-2.6.0-28.el7_3.6.x86_64
sanlock-3.4.0-1.el7.x86_64

Comment 9 Lucy Bopf 2017-03-14 04:53:16 UTC
Removing the doc text and setting requires_doc_text to '-', as this change is already described in bug 1337101.