vc: qemu: Add config option to choose entropy source. #781
Conversation
|
/test |
|
PSS Measurement: Memory inside container: |
virtcontainers/qemu_arch_base.go
Outdated
| @@ -525,7 +525,8 @@ func (q *qemuArchBase) appendVFIODevice(devices []govmmQemu.Device, vfioDev conf | |||
| func (q *qemuArchBase) appendRNGDevice(devices []govmmQemu.Device, rngDev config.RNGDev) []govmmQemu.Device { | |||
| devices = append(devices, | |||
| govmmQemu.RngDevice{ | |||
| ID: rngDev.ID, | |||
| ID: rngDev.ID, | |||
| Filename: "/dev/urandom", | |||
There was a problem hiding this comment.
@jcvenegas looks good, but don't you think we should make this configurable instead of hardcoding in govmm ?
We should have the opportunity to select /dev/urandom from Kata code, WDYT?
Codecov Report
@@ Coverage Diff @@
## master #781 +/- ##
==========================================
- Coverage 65.32% 65.32% -0.01%
==========================================
Files 87 87
Lines 10611 10619 +8
==========================================
+ Hits 6932 6937 +5
- Misses 2982 2985 +3
Partials 697 697 |
jcvenegas
force-pushed
the
urandom-source
branch
2 times, most recently
from
6e7cb17
to
3380bf2
Compare
|
this change makes me a little nervous. security is important in this project. I would prefer /dev/random as the DEFAULT source. |
|
The code looks good, but I have a question. Do we need a configuration option? I mean, in which situation should we choose /dev/random against /dev/urandom ? Will be /dev/urandom always a prefered option? |
|
/test |
|
@laijs @WeiZhang555 I have asked the question about |
|
PSS Measurement: Memory inside container: |
|
Would it be worth atleast logging the value of I suspect we can't reliably determine how much entropy we'd actually need. But if we could, if the system entropy falls below that threshold, we could make that a hard error. |
| @@ -319,6 +320,7 @@ func getHypervisorInfo(config oci.RuntimeConfig) HypervisorInfo { | |||
| Msize9p: config.HypervisorConfig.Msize9p, | |||
| UseVSock: config.HypervisorConfig.UseVSock, | |||
| MemorySlots: config.HypervisorConfig.MemSlots, | |||
| EntropySource: config.HypervisorConfig.EntropySource, | |||
There was a problem hiding this comment.
- should this be displayed in
kata-env? - should we do any validation on this before handing to the hypervisor? (aka does it exist, is it a char device?)
Looking at govmm, it also doesn't check this but that may well be by design since presumably qemu will :)
https://github.com/intel/govmm/blob/master/qemu/qemu.go#L1035..L1042
/cc @markdryan
There was a problem hiding this comment.
@jodh-intel qemu complains about it, OCI runtime create failed: qemu-system-x86_64: -object rng-random,id=rng0,filename=/tmp/r: Could not open '/tmp/r': No such file or directory: unknown
jcvenegas
force-pushed
the
urandom-source
branch
from
3380bf2
to
ba2df10
Compare
|
/retest |
|
PSS Measurement: Memory inside container: |
jcvenegas
changed the title
jcvenegas
force-pushed
the
urandom-source
branch
3 times, most recently
from
fcc028b
to
fb6fc8a
Compare
|
/retest |
Makefile
Outdated
| @@ -136,6 +136,8 @@ DEFMEMSLOTS := 10 | |||
| DEFBRIDGES := 1 | |||
| #Default network model | |||
| DEFNETWORKMODEL := macvtap | |||
| #Default entropy source | |||
| DEFENTROPYSOURCE := /dev/random | |||
There was a problem hiding this comment.
should the default be /dev/urandom?
Makefile
Outdated
| @@ -136,6 +136,8 @@ DEFMEMSLOTS := 10 | |||
| DEFBRIDGES := 1 | |||
| #Default network model | |||
| DEFNETWORKMODEL := macvtap | |||
| #Default entropy source | |||
| DEFENTROPYSOURCE := /dev/random | |||
There was a problem hiding this comment.
Oh sorry, I'd like urandom to be the default here, and we should add some comments related to /dev/random, explaining this can be used but with some limitations.
jcvenegas
force-pushed
the
urandom-source
branch
from
fb6fc8a
to
23747f2
Compare
|
PSS Measurement: Memory inside container: |
This adds a config option to choose the VM entropy source. Fixes: kata-containers#702 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
jcvenegas
force-pushed
the
urandom-source
branch
from
23747f2
to
41619e4
Compare
|
/test |
|
PSS Measurement: Memory inside container: |
|
Per Ted's recommendation on the mailing list, we are proceeding the patch with just seeding virtio-rng with [1] http://lists.katacontainers.io/pipermail/kata-dev/2018-September/000439.html |
Today we use
/dev/randomas entropy source.This is a blocking entropy source, when the
host is getting a low amount of entropy the
Kata VM startup takes longer because block
trying to get entropy from the source.
This change allow to change the entropy source.
For example: urandom
Fixes: #702