Bug 977079 - [RFE] Add virtio-rng support [EL 6.6 only]
[RFE] Add virtio-rng support [EL 6.6 only]
Status: CLOSED ERRATA
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: RFEs (Show other bugs)
unspecified
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 3.5.0
Assigned To: Frantisek Kobzik
Nisim Simsolo
virt
: FutureFeature
: 852189 (view as bug list)
Depends On:
Blocks: rhev3.5beta 1156165
  Show dependency treegraph
 
Reported: 2013-06-23 06:44 EDT by Andrew Cathrow
Modified: 2015-02-11 12:53 EST (History)
13 users (show)

See Also:
Fixed In Version: ovirt-3.5.0-beta2
Doc Type: Enhancement
Doc Text:
This feature adds support for enabling a paravirtualized random number generator (RNG) in virtual machines. To use this feature, the random number generator source must be set at cluster level to ensure all hosts support and report desired RNG device sources. This feature is supported in Red Hat Enterprise Linux hosts of version 6.6 and higher.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-02-11 12:53:23 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
sherold: Triaged+


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 18176 master MERGED backend: Control virtio rng device Never
oVirt gerrit 18497 master MERGED frontend: Control virtio rng device Never
oVirt gerrit 22258 master MERGED backend: RNG device sources reporting Never
oVirt gerrit 22259 master MERGED frontend: RNG device sources reporting Never
oVirt gerrit 27157 master MERGED restapi: Control virtio rng device Never
oVirt gerrit 27187 master MERGED restapi: RNG device sources reporting Never
oVirt gerrit 28327 master MERGED core: Update default RNG sources Never
oVirt gerrit 28593 master MERGED core: RNG device final touches Never
oVirt gerrit 28594 master MERGED frontend: RNG device final touches Never
oVirt gerrit 28690 None None None Never
oVirt gerrit 28691 None None None Never
oVirt gerrit 28692 None None None Never
oVirt gerrit 28796 None None None Never
oVirt gerrit 28838 None None None Never
oVirt gerrit 28923 master MERGED config: Expose RNG related config Never
oVirt gerrit 28924 master MERGED frontend: Fix issues with VmRngDevice.Source enum Never
oVirt gerrit 30196 ovirt-3.5 MERGED vdsm: disable virtio-rng on rhel < 6.6 Never
Red Hat Product Errata RHSA-2015:0158 normal SHIPPED_LIVE Important: Red Hat Enterprise Virtualization Manager 3.5.0 2015-02-11 17:38:50 EST

  None (edit)
Description Andrew Cathrow 2013-06-23 06:44:38 EDT
Entropy inside a virtual machine is very limited compared to physical machines and in some cases can cause issues[1]

KVM has support for a paravirtualized random number generator virtio-rng[1].

This option should only be supported on cluster level 3.3.
This requires RHEL 6.5 which adds libvirt and qemu-kvm support.

By default the option should not be set.
A user should be given the option to add a paravirt RNG.

The UI should be simple checkbox - "enable paravirtualized random number generator".
The default should be off/not-selected.

For 99.9% of users this should provide adequate functionality.
For those who want more configuration we should enable this through custom properties so that we don't overcomplicate the UI.

By default we should set the mode to 'backend' to random using device /dev/random.


The following custom properties should be added (names can be discussed)

rng-device  -> /dev/random or /dev/hwrng
rng-period  -> (time in ms)
rng-bytes   -> 








Libvirt documentation can be found at [3]


[1] http://log.amitshah.net/2013/01/about-random-numbers-and-virtual-machines/
[2] http://wiki.qemu.org/Features-Done/VirtIORNG
[3] http://libvirt.org/formatdomain.html#elementsRng
Comment 2 Andrew Cathrow 2013-06-23 11:21:23 EDT
*** Bug 852189 has been marked as a duplicate of this bug. ***
Comment 3 Michal Skrivanek 2013-07-02 23:56:18 EDT
adding full GUI options instead of cust props would be easy enough. Except for rdg where there are too many different options.
Comment 6 Sven Kieske 2014-01-27 08:29:21 EST
Shouldn't target release be set to something and not to anything, according
to policy, Itamar?
Comment 7 Itamar Heim 2014-01-27 08:35:23 EST
(In reply to Sven Kieske from comment #6)
> Shouldn't target release be set to something and not to anything, according
> to policy, Itamar?

for bugs to make sure they are always on the radar.
for RFEs they need to be planned for a version as part of version planning, so can wait on "---" as they get reviewed usually as part of version planning. folks usually give enough attention to feature requests, less so to bugs.
Comment 8 Michal Skrivanek 2014-02-13 03:14:12 EST
tentatively planned for 3.5
Comment 11 Michal Skrivanek 2014-05-28 10:32:37 EDT
removing from the 3.5 release because of lack of QEMU support in RHEL 6.5
Comment 12 Michal Skrivanek 2014-07-17 02:31:39 EDT
Note: Requires libvirt from RHEL 6.6+ / Fedora 19+
code-wise the feature is complete in 3.5 already
Comment 13 Michal Skrivanek 2014-07-25 04:18:53 EDT
we're complete in 3.5 code base
Comment 14 Pavel Novotny 2014-08-29 12:34:16 EDT
Just a QA update - verification is waiting till QEMU 1.3 is released.
Comment 16 Nisim Simsolo 2014-10-27 03:21:12 EDT
Verified using:
rhevm-3.5.0-0.17.beta.el6ev.noarch
libvirt-0.10.2-46.el6.x86_64
vdsm-4.16.7.1-1.el6ev.x86_64
sanlock-2.8-1.el6.x86_64
qemu-kvm-rhev-0.12.1.2-2.448.el6.x86_64
Comment 18 errata-xmlrpc 2015-02-11 12:53:23 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0158.html

Note You need to log in before you can comment on or make changes to this bug.