Features/Virtio RNG

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Change title)
(confirmed with maintainer, optional part not done for F19)
(11 intermediate revisions by 2 users not shown)
Line 12: Line 12:
 
== Current status ==
 
== Current status ==
 
* Targeted release: [[Releases/19 | Fedora 19]]
 
* Targeted release: [[Releases/19 | Fedora 19]]
* Last updated:  
+
* Last updated: 2013-05-22
* Percentage of completion: 50%
+
* Percentage of completion: 100% (confirmed with maintainer, optional part not done for F19)
  
 
== Detailed Description ==
 
== Detailed Description ==
 
The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.
 
The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.
  
VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) can also be used.
+
VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to inject entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) source can also be used.
  
 
== Benefit to Fedora ==
 
== Benefit to Fedora ==
Guests will have access to better and faster entropy.
+
Makes Fedora a better platform for hosting server VMs.
  
 
== Scope ==
 
== Scope ==
 
* Virtio RNG driver in kernel (DONE, since 2.6.26)
 
* Virtio RNG driver in kernel (DONE, since 2.6.26)
 
* QEMU Device (DONE, since qemu 1.3)
 
* QEMU Device (DONE, since qemu 1.3)
* Libvirt support (patch posted, not commited yet)
+
* Libvirt support (DONE, in 1.0.3)
 
* Apps (all optional but would be nice if they are done)
 
* Apps (all optional but would be nice if they are done)
 
** virt-install (Not done)
 
** virt-install (Not done)
Line 32: Line 32:
  
 
== How To Test ==
 
== How To Test ==
See http://wiki.qemu.org/Features/VirtIORNG#Testing
+
TBD
  
XXX: copy bits here, proposed libvirt bits
+
XXX: Manual qemu bits at http://wiki.qemu.org/Features/VirtIORNG#Testing
 +
 
 +
XXX: Libvirt instructions based on posted patches
  
 
== User Experience ==
 
== User Experience ==
Guests will have access to better and faster entropy.
+
Server VMs will have more options for avoiding entropy starvation.
  
 
== Dependencies ==
 
== Dependencies ==
None
+
None.
  
 
== Contingency Plan ==
 
== Contingency Plan ==
Line 46: Line 48:
  
 
== Documentation ==
 
== Documentation ==
<!-- Is there upstream documentation on this feature, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
 
 
 
* [http://wiki.qemu-project.org/Features/VirtIORNG QEMU VirtIO RNG feature page]
 
* [http://wiki.qemu-project.org/Features/VirtIORNG QEMU VirtIO RNG feature page]
 
* [https://lists.gnu.org/archive/html/qemu-devel/2012-05/msg02235.html QEMU patch email from May 2012]
 
* [https://lists.gnu.org/archive/html/qemu-devel/2012-05/msg02235.html QEMU patch email from May 2012]
Line 53: Line 53:
 
* [https://www.redhat.com/archives/libvir-list/2012-December/msg00937.html Libvirt RFC detailing potential future RNG daemon]
 
* [https://www.redhat.com/archives/libvir-list/2012-December/msg00937.html Libvirt RFC detailing potential future RNG daemon]
 
* [http://egd.sourceforge.net/ Entropy gathering daemon (EGD)]
 
* [http://egd.sourceforge.net/ Entropy gathering daemon (EGD)]
 +
* [http://log.amitshah.net/2013/01/about-random-numbers-and-virtual-machines/ Amit's post about virt and RNG]
 +
* [https://lwn.net/Articles/525459/ LWN article about random numbers]
  
 
== Release Notes ==
 
== Release Notes ==
Line 58: Line 60:
  
 
== Comments and Discussion ==
 
== Comments and Discussion ==
None yet.
+
* fedora devel discussion about the feature: https://lists.fedoraproject.org/pipermail/devel/2013-February/177867.html
  
[[Category:FeaturePageIncomplete]]
+
[[Category:FeatureAcceptedF19]]
<!-- When your feature page is completed and ready for review -->
+
[[Category:Virtualization]]
<!-- remove Category:FeaturePageIncomplete and change it to Category:FeatureReadyForWrangler -->
+
<!-- After review, the feature wrangler will move your page to Category:FeatureReadyForFesco... if it still needs more work it will move back to Category:FeaturePageIncomplete-->
+
<!-- A pretty picture of the page category usage is at: https://fedoraproject.org/wiki/Features/Policy/Process -->
+

Revision as of 15:40, 22 May 2013

Contents

Virtio RNG

Summary

Provide a paravirtual random number generator to virtual machines, to prevent entropy starvation in guests.

Owner

Current status

  • Targeted release: Fedora 19
  • Last updated: 2013-05-22
  • Percentage of completion: 100% (confirmed with maintainer, optional part not done for F19)

Detailed Description

The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.

VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to inject entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) source can also be used.

Benefit to Fedora

Makes Fedora a better platform for hosting server VMs.

Scope

  • Virtio RNG driver in kernel (DONE, since 2.6.26)
  • QEMU Device (DONE, since qemu 1.3)
  • Libvirt support (DONE, in 1.0.3)
  • Apps (all optional but would be nice if they are done)
    • virt-install (Not done)
    • virt-manager (Not done)

How To Test

TBD

XXX: Manual qemu bits at http://wiki.qemu.org/Features/VirtIORNG#Testing

XXX: Libvirt instructions based on posted patches

User Experience

Server VMs will have more options for avoiding entropy starvation.

Dependencies

None.

Contingency Plan

Since this is brand new functionality, if it isn't ready in time, nothing has changed. We just drop this feature page.

Documentation

Release Notes

KVM and libvirt now support a paravirtual random number generator device. This can be used to prevent entropy starvation in virtual machines.

Comments and Discussion