Features/Virtio RNG

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Feature has been announced)
(Add link to test day test case)
 
(5 intermediate revisions by 2 users not shown)
Line 12: Line 12:
 
== Current status ==
 
== Current status ==
 
* Targeted release: [[Releases/19 | Fedora 19]]
 
* Targeted release: [[Releases/19 | Fedora 19]]
* Last updated: January 26 2013
+
* Last updated: 2013-05-22
* Percentage of completion: 50%
+
* Percentage of completion: 100% (confirmed with maintainer, optional part not done for F19)
  
 
== Detailed Description ==
 
== Detailed Description ==
Line 26: Line 26:
 
* Virtio RNG driver in kernel (DONE, since 2.6.26)
 
* Virtio RNG driver in kernel (DONE, since 2.6.26)
 
* QEMU Device (DONE, since qemu 1.3)
 
* QEMU Device (DONE, since qemu 1.3)
* Libvirt support (patch posted, not commited yet)
+
* Libvirt support (DONE, in 1.0.3)
 
* Apps (all optional but would be nice if they are done)
 
* Apps (all optional but would be nice if they are done)
 
** virt-install (Not done)
 
** virt-install (Not done)
Line 32: Line 32:
  
 
== How To Test ==
 
== How To Test ==
TBD
+
* [[QA:Testcase_Virtualization_VirtioRNG| Virtio RNG (Random Number Generator)]]
 
+
XXX: Manual qemu bits at http://wiki.qemu.org/Features/VirtIORNG#Testing
+
 
+
XXX: Libvirt instructions based on posted patches
+
  
 
== User Experience ==
 
== User Experience ==
Line 62: Line 58:
 
* fedora devel discussion about the feature: https://lists.fedoraproject.org/pipermail/devel/2013-February/177867.html
 
* fedora devel discussion about the feature: https://lists.fedoraproject.org/pipermail/devel/2013-February/177867.html
  
 
+
[[Category:FeatureAcceptedF19]]
 
+
[[Category:FeatureAnnounced]]
+
 
[[Category:Virtualization]]
 
[[Category:Virtualization]]

Latest revision as of 19:29, 23 May 2013

Contents

[edit] Virtio RNG

[edit] Summary

Provide a paravirtual random number generator to virtual machines, to prevent entropy starvation in guests.

[edit] Owner

[edit] Current status

  • Targeted release: Fedora 19
  • Last updated: 2013-05-22
  • Percentage of completion: 100% (confirmed with maintainer, optional part not done for F19)

[edit] Detailed Description

The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.

VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to inject entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) source can also be used.

[edit] Benefit to Fedora

Makes Fedora a better platform for hosting server VMs.

[edit] Scope

  • Virtio RNG driver in kernel (DONE, since 2.6.26)
  • QEMU Device (DONE, since qemu 1.3)
  • Libvirt support (DONE, in 1.0.3)
  • Apps (all optional but would be nice if they are done)
    • virt-install (Not done)
    • virt-manager (Not done)

[edit] How To Test

[edit] User Experience

Server VMs will have more options for avoiding entropy starvation.

[edit] Dependencies

None.

[edit] Contingency Plan

Since this is brand new functionality, if it isn't ready in time, nothing has changed. We just drop this feature page.

[edit] Documentation

[edit] Release Notes

KVM and libvirt now support a paravirtual random number generator device. This can be used to prevent entropy starvation in virtual machines.

[edit] Comments and Discussion