Provide a paravirtual random number generator to virtual machines, to prevent entropy starvation in guests.
- Targeted release: Fedora 19
- Last updated: January 26 2013
- Percentage of completion: 50%
The linux kernel collects entropy from various non-deterministic hardware events, like mouse and keyboard input, and network traffic. This entropy is then exposed through /dev/random, commonly used by cryptographic applications that need true randomness to maintain security. However if more entropy is being consumed than is being produced, we have entropy starvation: reading from /dev/random will block, which can cause a denial of service. A common example here is use of /dev/random by SSL in various services.
VirtIO RNG (random number generator) is a paravirtualized device that is exposed as a hardware RNG device to the guest. Virtio RNG just appears as a regular hardware RNG to the guest, which the kernel reads from to fill its entropy pool. This effectively allows a host to inject entropy into a guest via several means: The default mode uses the host's /dev/random, but a physical HW RNG device or EGD (Entropy Gathering Daemon) source can also be used.
Benefit to Fedora
Makes Fedora a better platform for hosting server VMs.
- Virtio RNG driver in kernel (DONE, since 2.6.26)
- QEMU Device (DONE, since qemu 1.3)
- Libvirt support (patch posted, not commited yet)
- Apps (all optional but would be nice if they are done)
- virt-install (Not done)
- virt-manager (Not done)
How To Test
XXX: Manual qemu bits at http://wiki.qemu.org/Features/VirtIORNG#Testing
XXX: Libvirt instructions based on posted patches
Server VMs will have more options for avoiding entropy starvation.
Since this is brand new functionality, if it isn't ready in time, nothing has changed. We just drop this feature page.
- QEMU VirtIO RNG feature page
- QEMU patch email from May 2012
- Latest libvirt patch posting
- Libvirt RFC detailing potential future RNG daemon
- Entropy gathering daemon (EGD)
- Amit's post about virt and RNG
- LWN article about random numbers
KVM and libvirt now support a paravirtual random number generator device. This can be used to prevent entropy starvation in virtual machines.
Comments and Discussion
- notting: (on devel list): Given FIPS paranoia about RNG sources, does this have knock-on effects in the FIPS compliance of guests depending on how it's fed in the host?
- fedora devel discussion about the feature: https://lists.fedoraproject.org/pipermail/devel/2013-February/177867.html