[pve-devel] [PATCH 0/5] fix #2264: add virtio-rng device

Stefan Reiter s.reiter at proxmox.com
Thu Feb 20 18:10:40 CET 2020


Add the ability to provice entropy to QEMU guests via an emulated hardware RNG.

First patch in pve-manager is independent. Rest depends on new qemu-server for
the API, I left 'onlineHelp' as a FIXME to avoid the dependecy to pve-docs.

I looked closely at how Linux and QEMU handle entropy/randomness to make sure
it's fine to allow /dev/urandom by default, and I'm quite certain that it poses
no issue at all (point in case: the kernel developers themselves are talking
about making /dev/random behave like /dev/urandom after the system has booted
[0], which we can always assume to be the case for VMs). I included more
rational in the qemu-server commit message.

The benefit of this is of course that we don't have to worry about host entropy
starvation nearly as much. It's still documented and the user is warned if they
choose /dev/random in the GUI though.

[0] https://lwn.net/Articles/808575/


manager: Stefan Reiter (3):
  qemu: fix icon alignment in "Add Hardware" menu
  qemu: add virtio-rng option to GUI
  qemu: change virtio-rng icon to die

 www/css/ext6-pve.css              |  14 +++-
 www/images/Makefile               |   3 +-
 www/images/icon-die.svg           |  40 ++++++++++
 www/manager6/Makefile             |   1 +
 www/manager6/Utils.js             |   2 +-
 www/manager6/qemu/HardwareView.js |  24 ++++++
 www/manager6/qemu/RNGEdit.js      | 124 ++++++++++++++++++++++++++++++
 7 files changed, 205 insertions(+), 3 deletions(-)
 create mode 100644 www/images/icon-die.svg
 create mode 100644 www/manager6/qemu/RNGEdit.js

qemu-server: Stefan Reiter (1):
  fix #2264: add virtio-rng device

 PVE/QemuServer.pm     | 73 +++++++++++++++++++++++++++++++++++++++++++
 PVE/QemuServer/PCI.pm |  1 +
 2 files changed, 74 insertions(+)

docs: Stefan Reiter (1):
  Add documentation for virtio-rng

 qm.adoc | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

-- 
2.20.1




More information about the pve-devel mailing list