[pve-devel] [PATCH qemu-server] qemu/rng: die when trying to pass through disconnected hwrng

[Stefan Reiter]

If /dev/hwrng exists, but no actual generator is connected (or it is
disabled on the host), QEMU will happily start the VM but crash as soon
as the guest accesses the VirtIO RNG device.

To prevent this unfortunate behaviour, check if a useable hwrng is
connected to the host before allowing the VM to be started.

Signed-off-by: Stefan Reiter <s.reiter at proxmox.com>
---

On a side note, 'file_read_firstline' was already imported from PVE::Tools but
never used. Saves a line in this patch I supposed ;)

 PVE/QemuServer.pm | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index cb96b71..6faa9cf 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -3399,6 +3399,16 @@ sub config_to_command {
 	die "cannot create VirtIO RNG device: source file '$rng->{source}' doesn't exist\n"
 	    if ! -e $rng->{source};
 
+	my $rng_select_path = '/sys/devices/virtual/misc/hw_random/rng_current';
+	if ($rng->{source} eq '/dev/hwrng' &&
+	    file_read_firstline($rng_select_path) eq 'none')
+	{
+	    # needs to abort, otherwise QEMU crashes on first rng access
+	    die "Cannot start VM with passed-through RNG device: '/dev/hwrng'"
+	      . " exists, but '$rng_select_path' is set to 'none'. Ensure that"
+	      . " a compatible hardware-RNG is attached to the host.\n";
+	}
+
 	my $rng_addr = print_pci_addr("rng0", $bridges, $arch, $machine_type);
 
 	push @$devices, '-object', "rng-random,filename=$rng->{source},id=rng0";
-- 
2.20.1