Bug 1389469
|
Description
Oliver Henshaw
2016-10-27 16:02:05 UTC
Created attachment 1214667 [details]
'ps aux' after booting into runlevel 's' and logging in
Created attachment 1214668 [details]
'perf record -e random:debit_entropy -e random:credit_entropy_bits --call-graph dwarf -a -D 1000 -T sleep 120; perf script' output on host when booted into runlevel 's'
No mouse or keyboard activity on the host, so this is a little pessimistic but (a) it makes the output smaller, (b) it makes no difference to the entropy drain on the host.
qemu-system-x86_64 occasionally takes 512 bits from the host, but it can easily replace the entropy.
Created attachment 1214669 [details]
'ps aux' after booting into runlevel '3' and logging in
Created attachment 1214671 [details]
'perf record -e random:debit_entropy -e random:credit_entropy_bits --call-graph dwarf -a -D 1000 -T sleep 120; perf script' output on host when booted into runlevel '3'
No mouse or keyboard activity on the host, so this is a little pessimistic but (a) it makes the output smaller, (b) it makes no difference to the entropy drain on the host.
Now qemu-system-x86_64 is frequently extracting small amounts of entropy from the host and the host entropy pool doesn't recover to its original level.
You can (and should) back virtio-rng with /dev/urandom instead. However it requires libvirt >= 1.3.4 which might require Fedora 24+. https://www.redhat.com/archives/libvir-list/2016-April/msg00987.html Created attachment 1214672 [details] perf record -e random:debit_entropy -e random:credit_entropy_bits --call-graph dwarf -a -D 1000 -T sleep 120; perf script' output on guest when booted into runlevel '3' Simultaneous with attachment #1214671 [details]. There seems to be very little debiting the entropy pool. Credits only come 1 bit at a time for the most part, it doesn't seem like this matches the entropy debit on the host? This message is a reminder that Fedora 23 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 23. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '23'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 23 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. I think we can say this is fixed, but it requires Fedora 24+ Fedora 23 has libvirt 1.2.18 which doesn't have the fix, and I don't think libvirt has any plans to rebase since F23 is about to become obsolete. |