Features/Virtio RNG

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Bunch of updates)
Line 1: Line 1:
<!-- All fields on this form are required to be accepted by FESCo.
 
We also request that you maintain the same order of sections so that all of the feature pages are uniform.  -->
 
 
 
= VirtIORNG =
 
= VirtIORNG =
  
 
== Summary ==
 
== Summary ==
 
+
Provide a paravirtual random number generator to virtual machines, to prevent entropy starvation in guests.
Provide virtio-rng driver to KVM guests can take advantage of host entropy (random number generator hardware)
+
 
+
  
 
== Owner ==
 
== Owner ==
* Name: [[User:crobinso| Cole Robinson]]
+
* Name: [[User:crobinso|Cole Robinson]]
 
* Email: crobinso@redhat.com
 
* Email: crobinso@redhat.com
* Name: Amit Shah
+
* Name: [[User:Amitshah|Amit Shah]]
 
* Email: amit.shah@redhat.com
 
* Email: amit.shah@redhat.com
  
Line 18: Line 13:
 
* Targeted release: [[Releases/19 | Fedora 19]]
 
* Targeted release: [[Releases/19 | Fedora 19]]
 
* Last updated:  
 
* Last updated:  
* Percentage of completion: TBS
+
* Percentage of completion: 50%
 
+
* Support for the VirtIO RNG device has been added to the QEMU sources starting from commit a9b7b2ad7b075dba5495271706670e5c6b1304bc. This is part of the QEMU 1.3 release. The Linux kernel contains the guest driver for the device since version 2.6.26.
+
  
 
== Detailed Description ==
 
== Detailed Description ==
<!-- Expand on the summary, if appropriate.  A couple sentences suffices to explain the goal, but the more details you can provide the better. -->
+
The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.
 
+
VirtIO RNG is a paravirtualized device that is exposed as a hardware RNG device to the guest. On the host side, it can be wired up to one of several sources of entropy, including a real hardware RNG device as well as the host's /dev/random if hardware support doesn't exist.  
+
  
 +
VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) can also be used.
  
 
== Benefit to Fedora ==
 
== Benefit to Fedora ==
<!-- What is the benefit to the platform?  If this is a major capability update, what has changed?  If this is a new feature, what capabilities does it bring? Why will Fedora become a better distribution or project because of this feature?-->
+
Guests will have access to better and faster entropy.
 
+
* Guests will have access to better and faster entropy.  
+
  
 
== Scope ==
 
== Scope ==
* TBS
+
* Virtio RNG driver in kernel (DONE, since 2.6.26)
 +
* QEMU Device (DONE, since qemu 1.3)
 +
* Libvirt support (patch posted, not commited yet)
 
* Apps (all optional but would be nice if they are done)
 
* Apps (all optional but would be nice if they are done)
** TBS
+
** virt-install (Not done)
 
+
** virt-manager (Not done)
  
 
== How To Test ==
 
== How To Test ==
<!-- This does not need to be a full-fledged document.  Describe the dimensions of tests that this feature is expected to pass when it is done.  If it needs to be tested with different hardware or software configurations, indicate them.  The more specific you can be, the better the community testing can be.
 
 
Remember that you are writing this how to for interested testers to use to check out your feature - documenting what you do for testing is OK, but it's much better to document what *I* can do to test your feature.
 
 
A good "how to test" should answer these four questions:
 
 
0. What special hardware / data / etc. is needed (if any)?
 
1. How do I prepare my system to test this feature? What packages
 
need to be installed, config files edited, etc.?
 
2. What specific actions do I perform to check that the feature is
 
working like it's supposed to?
 
3. What are the expected results of those actions?
 
-->
 
 
 
See http://wiki.qemu.org/Features/VirtIORNG#Testing
 
See http://wiki.qemu.org/Features/VirtIORNG#Testing
  
 +
XXX: copy bits here, proposed libvirt bits
  
 
== User Experience ==
 
== User Experience ==
 
+
Guests will have access to better and faster entropy.
Guests will have access to better and faster entropy.  
+
  
 
== Dependencies ==
 
== Dependencies ==
 
 
None
 
None
 
  
 
== Contingency Plan ==
 
== Contingency Plan ==
 
+
Since this is brand new functionality, if it isn't ready in time, nothing has changed. We just drop this feature page.
TBS
+
 
+
  
 
== Documentation ==
 
== Documentation ==
 
<!-- Is there upstream documentation on this feature, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
 
<!-- Is there upstream documentation on this feature, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
  
* http://wiki.qemu-project.org/Features/VirtIORNG
+
* [http://wiki.qemu-project.org/Features/VirtIORNG QEMU VirtIO RNG feature page]
 
+
* [https://lists.gnu.org/archive/html/qemu-devel/2012-05/msg02235.html QEMU patch email from May 2012]
 +
* [https://www.redhat.com/archives/libvir-list/2013-January/msg00775.html Latest libvirt patch posting]
 +
* [https://www.redhat.com/archives/libvir-list/2012-December/msg00937.html Libvirt RFC detailing potential future RNG daemon]
 +
* [http://egd.sourceforge.net/ Entropy gathering daemon (EGD)]
  
 
== Release Notes ==
 
== Release Notes ==
<!-- The Fedora Release Notes inform end-users about what is new in the release. Examples of past release notes are here: http://docs.fedoraproject.org/release-notes/ -->
+
KVM and libvirt now support a paravirtual random number generator device. This can be used to prevent entropy starvation in virtual machines.
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this feature, indicate them here.  You can also link to upstream documentation if it satisfies this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release. -->
+
 
+
* TBS
+
  
 
== Comments and Discussion ==
 
== Comments and Discussion ==
 
+
None yet.
* TBS
+
 
+
  
 
[[Category:FeaturePageIncomplete]]
 
[[Category:FeaturePageIncomplete]]

Revision as of 22:52, 26 January 2013

Contents

VirtIORNG

Summary

Provide a paravirtual random number generator to virtual machines, to prevent entropy starvation in guests.

Owner

Current status

  • Targeted release: Fedora 19
  • Last updated:
  • Percentage of completion: 50%

Detailed Description

The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.

VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) can also be used.

Benefit to Fedora

Guests will have access to better and faster entropy.

Scope

  • Virtio RNG driver in kernel (DONE, since 2.6.26)
  • QEMU Device (DONE, since qemu 1.3)
  • Libvirt support (patch posted, not commited yet)
  • Apps (all optional but would be nice if they are done)
    • virt-install (Not done)
    • virt-manager (Not done)

How To Test

See http://wiki.qemu.org/Features/VirtIORNG#Testing

XXX: copy bits here, proposed libvirt bits

User Experience

Guests will have access to better and faster entropy.

Dependencies

None

Contingency Plan

Since this is brand new functionality, if it isn't ready in time, nothing has changed. We just drop this feature page.

Documentation

Release Notes

KVM and libvirt now support a paravirtual random number generator device. This can be used to prevent entropy starvation in virtual machines.

Comments and Discussion

None yet.