Created attachment 1071017 [details] vdsm.log Description of problem: Starting of vm with /dev/hwrng random generator set, but no physical generator attached to host, fails on vdsm side: libvirtError: internal error: process exited while connecting to monitor: 2015-09-07T11:22:29.125501Z qemu-system-x86_64: -object rng-random,id=objrng0,filename=/dev/hwrng: Could not open '/dev/hwrng': Permission denied Version-Release number of selected component (if applicable): vdsm.noarch 4.17.4-6.git3154996.fc22 How reproducible: 100% Steps to Reproduce: 1. Create a cluster with one host 2. Make sure the host has /dev/hwrng 3. Edit cluster, select Required Random Number Generator sources: /dev/hwrng 4. Create vm with random generator of source /dev/hwrng 5. Run the vm Actual results: Vm never finish starting. vdsm log contains: Thread-561::ERROR::2015-09-07 07:22:29,248::vm::749::virt.vm::(_startUnderlyingVm) vmId=`2d5f1407-39d6-494e-8ee3-edc667cbce7e`::The vm start process failed Traceback (most recent call last): File "/usr/share/vdsm/virt/vm.py", line 694, in _startUnderlyingVm self._run() File "/usr/share/vdsm/virt/vm.py", line 1865, in _run self._connection.createXML(domxml, flags), File "/usr/lib/python2.7/site-packages/vdsm/libvirtconnection.py", line 124, in wrapper ret = f(*args, **kwargs) File "/usr/lib64/python2.7/site-packages/libvirt.py", line 3523, in createXML if ret is None:raise libvirtError('virDomainCreateXML() failed', conn=self) libvirtError: internal error: process exited while connecting to monitor: 2015-09-07T11:22:29.125501Z qemu-system-x86_64: -object rng-random,id=objrng0,filename=/dev/hwrng: Could not open '/dev/hwrng': Permission denied Expected results: vm either starts normally or enabling random generator of source /dev/hwrng is disabled Additional info: called on host: # ll /dev/hwrng crw-------. 1 root root 10, 183 Sep 7 07:29 /dev/hwrng # ll /dev/random crw-rw-rw-. 1 root root 1, 8 Sep 7 07:29 /dev/random
Could you provide libvirt, qemu and kernel versions? Does it pass on el7?
libvirt.x86_64 1.2.13.1-2.fc22 qemu.x86_64 2:2.3.1-1.fc22 # uname -r 4.1.6-200.fc22.x86_64 Tested on Fedora 22
Seems like 600 are default permissions for hwrng, therefore making it inaccessible to 'qemu' u/g. Tested even with dynamic_ownership=1 and didn't really help, so it's up to us to change the ownership.
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Moving from 4.0 alpha to 4.0 beta since 4.0 alpha has been already released and bug is not ON_QA.
Works for me on these settings on host: 1) rngd --rng-device=/dev/random modprobe tpm-rng chmod 666 /dev/hwrng ll -ls /dev/hwrng 0 crw-rw-rw-. 1 root root 10, 183 Aug 2 16:58 /dev/hwrng Then started VM from engine's WEBUI with random generator of source /dev/hwrng and it booted up just fine. 2) rngd --rng-device=/dev/urandom modprobe tpm-rng chmod 666 /dev/hwrng ll -ls /dev/hwrng 0 crw-rw-rw-. 1 root root 10, 183 Aug 2 16:58 /dev/hwrng Then started VM from engine's WEBUI with random generator of source /dev/hwrng and it booted up just fine. 3) rngd --rng-device=/dev/hwrng modprobe tpm-rng chmod 666 /dev/hwrng ll -ls /dev/hwrng 0 crw-rw-rw-. 1 root root 10, 183 Aug 2 16:58 /dev/hwrng Then started VM with with random generator of source /dev/hwrng and it booted up just fine. Host's components: qemu-kvm-rhev-2.3.0-31.el7_2.20.x86_64 ovirt-imageio-daemon-0.3.0-0.el7ev.noarch libvirt-client-1.2.17-13.el7_2.5.x86_64 ovirt-vmconsole-1.0.4-1.el7ev.noarch vdsm-4.18.9-1.el7ev.x86_64 ovirt-host-deploy-1.5.1-1.el7ev.noarch ovirt-hosted-engine-ha-2.0.1-1.el7ev.noarch ovirt-hosted-engine-setup-2.0.1.3-1.el7ev.noarch ovirt-engine-sdk-python-3.6.7.0-1.el7ev.noarch mom-0.5.5-1.el7ev.noarch rhev-release-4.0.2-5-001.noarch ovirt-setup-lib-1.0.2-1.el7ev.noarch ovirt-imageio-common-0.3.0-0.el7ev.noarch ovirt-vmconsole-host-1.0.4-1.el7ev.noarch sanlock-3.2.4-3.el7_2.x86_64 Linux version 3.10.0-327.30.1.el7.x86_64 (mockbuild.eng.bos.redhat.com) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) ) #1 SMP Wed Jul 13 22:09:46 EDT 2016 Linux 3.10.0-327.30.1.el7.x86_64 #1 SMP Wed Jul 13 22:09:46 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux Red Hat Enterprise Linux Server release 7.2 (Maipo) Engine's components: ovirt-engine-setup-base-4.0.2.3-0.1.el7ev.noarch ovirt-engine-extensions-api-impl-4.0.2.3-0.1.el7ev.noarch ovirt-engine-dbscripts-4.0.2.3-0.1.el7ev.noarch ovirt-iso-uploader-4.0.0-1.el7ev.noarch ovirt-engine-setup-plugin-ovirt-engine-4.0.2.3-0.1.el7ev.noarch ovirt-engine-tools-backup-4.0.2.3-0.1.el7ev.noarch ovirt-engine-4.0.2.3-0.1.el7ev.noarch ovirt-vmconsole-proxy-1.0.4-1.el7ev.noarch ovirt-engine-dwh-setup-4.0.2-1.el7ev.noarch ovirt-engine-dwh-4.0.2-1.el7ev.noarch ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.0.2.3-0.1.el7ev.noarch ovirt-engine-cli-3.6.7.0-1.el7ev.noarch ovirt-engine-setup-4.0.2.3-0.1.el7ev.noarch ovirt-engine-userportal-debuginfo-4.0.2.3-0.1.el7ev.noarch ovirt-engine-userportal-4.0.2.3-0.1.el7ev.noarch ovirt-engine-backend-4.0.2.3-0.1.el7ev.noarch ovirt-vmconsole-1.0.4-1.el7ev.noarch ovirt-setup-lib-1.0.2-1.el7ev.noarch ovirt-engine-dashboard-1.0.1-0.el7ev.x86_64 ovirt-engine-setup-plugin-ovirt-engine-common-4.0.2.3-0.1.el7ev.noarch ovirt-engine-sdk-python-3.6.7.0-1.el7ev.noarch ovirt-engine-websocket-proxy-4.0.2.3-0.1.el7ev.noarch ovirt-engine-webadmin-portal-debuginfo-4.0.2.3-0.1.el7ev.noarch ovirt-engine-tools-4.0.2.3-0.1.el7ev.noarch ovirt-log-collector-4.0.0-1.el7ev.noarch ovirt-host-deploy-java-1.5.1-1.el7ev.noarch ovirt-engine-setup-plugin-websocket-proxy-4.0.2.3-0.1.el7ev.noarch ovirt-engine-webadmin-portal-4.0.2.3-0.1.el7ev.noarch python-ovirt-engine-sdk4-4.0.0-0.5.a5.el7ev.x86_64 ovirt-engine-lib-4.0.2.3-0.1.el7ev.noarch ovirt-engine-vmconsole-proxy-helper-4.0.2.3-0.1.el7ev.noarch ovirt-engine-restapi-4.0.2.3-0.1.el7ev.noarch ovirt-image-uploader-4.0.0-1.el7ev.noarch ovirt-host-deploy-1.5.1-1.el7ev.noarch ovirt-engine-extension-aaa-jdbc-1.1.0-1.el7ev.noarch rhev-guest-tools-iso-4.0-5.el7ev.noarch rhevm-setup-plugins-4.0.0.2-1.el7ev.noarch rhev-release-4.0.2-5-001.noarch rhevm-doc-4.0.0-3.el7ev.noarch rhevm-branding-rhev-4.0.0-3.el7ev.noarch rhevm-guest-agent-common-1.0.12-3.el7ev.noarch rhevm-4.0.2.3-0.1.el7ev.noarch rhevm-spice-client-x64-msi-4.0-3.el7ev.noarch rhevm-spice-client-x86-msi-4.0-3.el7ev.noarch rhevm-dependencies-4.0.0-1.el7ev.noarch rhev-release-4.0.1-2-001.noarch Linux version 3.10.0-327.30.1.el7.x86_64 (mockbuild.eng.bos.redhat.com) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) ) #1 SMP Wed Jul 13 22:09:46 EDT 2016 Linux 3.10.0-327.30.1.el7.x86_64 #1 SMP Wed Jul 13 22:09:46 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux Red Hat Enterprise Linux Server release 7.2 (Maipo)