Description of problem: To align with qemu update of bz1689946, libvirt should support new rng backend model 'builtin'. Version-Release number of selected component (if applicable): libvirt-5.10.0-1.module+el8.2.0+5135+ed3b2489.x86_64 qemu-kvm-4.2.0-4.module+el8.2.0+5220+e82621dc.x86_64 How reproducible: 100% Steps to Reproduce: 1. # cat /var/cache/libvirt/qemu/capabilities/3c76bc41d59c0c7314b1ae8e63f4f765d2cf16abaeea081b3ca1f5d8732f7bb1.xml |grep rng <flag name='virtio-rng'/> <flag name='rng-random'/> <flag name='rng-egd'/> 2. Try to edit guest with rng-builtin: <rng model='virtio'> <backend model='builtin'/> </rng> # virsh edit yqz82 error: XML document failed to validate against schema: Unable to validate doc against /usr/share/libvirt/schemas/domain.rng Extra element devices in interleave Element domain failed to validate content Failed. Try again? [y,n,i,f,?]: Actual results: Expected results: Additional info:
Patches: https://www.redhat.com/archives/libvir-list/2020-January/msg00000.html
I've pushed patches upstream: 51489b8419 news: Update news for rng backend type builtin bd51f89c30 qemu: Implement builtin rng backend 6a6d00e168 conf: Add rng backend model builtin 1bd17918b6 util: Do not assume comma after object id 9378713f56 qemu_capabilities: Introduce QEMU_CAPS_OBJECT_RNG_BUILTIN v6.0.0-96-g51489b8419
Verify this bug on: libvirt-daemon-6.3.0-1.module+el8.3.0+6478+69f490bb.x86_64 qemu-kvm-4.2.0-19.module+el8.3.0+6478+69f490bb.x86_64 Steps: 1.Check capabilities: # cat /var/cache/libvirt/qemu/capabilities/3c76bc41d59c0c7314b1ae8e63f4f765d2cf16abaeea081b3ca1f5d8732f7bb1.xml |grep rng -i <flag name='virtio-rng'/> <flag name='rng-random'/> <flag name='rng-egd'/> <flag name='rng-builtin'/> 2. Start guest # virsh start avocado-vt-vm1 Domain avocado-vt-vm1 started # virsh dumpxml avocado-vt-vm1 |grep 'rng m' -A4 <rng model='virtio'> <backend model='builtin'/> <alias name='rng0'/> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </rng> # ps aux|grep qemu-kvm|grep rng -object rng-builtin,id=objrng0 -device virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.6,addr=0x0 Check audit log: type=EXECVE msg=audit(1588840811.351:1386):...a80="-object" a81="rng-builtin,id=objrng0" a82="-device" a83="virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.6,addr=0x0" [root@localhost ~]# cat /sys/devices/virtual/misc/hw_random/rng_available virtio_rng.0 [root@localhost ~]# cat /sys/devices/virtual/misc/hw_random/rng_current virtio_rng.0 [root@localhost ~]# hexdump -C /dev/hwrng -n 64 00000000 b3 a3 22 a5 c3 da ca ca 8b 0f 3d 68 45 a6 04 40 |..".......=hE..@| 00000010 e9 e9 82 58 bf d5 8c af d5 5c 25 9d f8 b0 30 98 |...X.....\%...0.| 00000020 71 c3 02 55 68 97 f5 38 4a 99 77 cf 06 4a 60 20 |q..Uh..8J.w..J` | 00000030 f6 b9 55 b7 2e 07 8b a6 c6 4d 1e 1e 7f 0f 83 27 |..U......M.....'| 00000040 3.Check rate <rng model='virtio'> <rate bytes='5000' period='2000'/> <backend model='builtin'/> <alias name='rng0'/> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </rng> -object rng-builtin,id=objrng0 -device virtio-rng-pci,rng=objrng0,id=rng0,max-bytes=5000,period=2000,bus=pci.6,addr=0x0 [root@localhost ~]# dd if=/dev/hwrng of=/tmp/rate 39+0 records in 39+0 records out 19968 bytes (20 kB, 20 KiB) copied, 8.00539 s, 2.5 kB/s 4.Hotplug/unplug # virsh attach-device avocado-vt-vm1 rng-builtin_alias.xml Device attached successfully # virsh dumpxml avocado-vt-vm1 |grep 'rng m' -A5 <rng model='virtio'> <backend model='builtin'/> <alias name='ua-c3aee135-3a35-4296-8e60-5fbbc2cf0f35'/> <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/> </rng> </devices> [root@localhost ~]# hexdump -C /dev/hwrng -n 64 00000000 cf ef 7a b2 ca 7e f8 63 cc 81 2d 25 b6 60 49 ad |..z..~.c..-%.`I.| 00000010 6d 55 d1 7c f5 a8 d4 6e 5e 1d 04 66 81 ad 96 da |mU.|...n^..f....| 00000020 3b 82 d0 e7 86 b4 4b 8e b7 b8 7c 1d 45 86 e1 61 |;.....K...|.E..a| 00000030 75 b2 bf c4 1d 2c ef d1 4e 09 0e b9 c5 ff 14 6a |u....,..N......j| 00000040 # virsh detach-device avocado-vt-vm1 rng-builtin_alias.xml Device detached successfully # virsh dumpxml avocado-vt-vm1 |grep 'rng m' -A5 [root@localhost ~]# hexdump -C /dev/hwrng -n 64 hexdump: /dev/hwrng: No such device Retest with "--persistent" option, get the same results. 5. Migration # virsh migrate avocado-vt-vm1 --live qemu+ssh://dell***/system --verbose Migration: [100 %] # virsh migrate avocado-vt-vm1 --live qemu+ssh://dell***/system --verbose --p2p --postcopy Migration: [100 %] And target guest rng works well.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (virt:8.3 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:5137