[libvirt-users] question about how to set rng device on vm
Hi Amos, I'm a libvirt QE, and I can not understand the setting on libvirt.org for rng device. Could you please help to explain a little? (The xml in https://libvirt.org/formatdomain.html#elementsRng) <devices> <rng model='virtio'> <rate period="2000" bytes="1234"/> <backend model='random'>/dev/random</backend> <!-- OR --> <backend model='egd' type='udp'> *<source mode='bind' service='1234'/>* * <source mode='connect' host='1.2.3.4' service='1234'/>* </backend> </rng> </devices> How did it work with source mode='bind' and source mode='connect' together? which process on guest or host will act as server part, which for client part? One detail example: start a vm with below device, and no egd running on host: <rng model='virtio'> <backend model='egd' type='udp'> <source mode='bind' service='1234'/> <source mode='connect' host='127.0.0.1' service='1234'/> </backend> <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/> </rng> qemu command line: -chardev udp,id=charrng0,host=127.0.0.1,port=1234,localaddr=,localport=1234 -object rng-egd,id=objrng0,chardev=charrng0 -device virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.0,addr=0x9 In my understanding the purpose of the rng device on guest is to provide guest a hardware RNG device /dev/hwrng which obtain seeds from the host. The source can be /dev/random on host, then the xml will be: <rng model='virtio'> <backend model='random'>/dev/random</backend> </rng> can be hardware on host: <rng model='virtio'> <backend model='random'>/dev/hwrng</backend> </rng> can be edg daemon running on host: <rng model='virtio'> <backend model='egd' type='tcp'> <source mode='connect' host='127.0.0.1' service='1234'/> </backend> </rng> (on host, there should be a egd daemon running on tcp 127.0.0.1:1234 # egd.pl --debug-client --nofork localhost:1234) Thank you very much and look forward for your response! ------- Best Regards, Yalan Zhang IRC: yalzhang Internal phone: 8389413
On 10/25/2017 03:41 PM, Yalan Zhang wrote:
Hi Amos,
I'm a libvirt QE, and I can not understand the setting on libvirt.org for rng device. Could you please help to explain a little? (The xml in https://libvirt.org/formatdomain.html#elementsRng) <devices> <rng model='virtio'> <rate period="2000" bytes="1234"/> <backend model='random'>/dev/random</backend> <!-- OR --> <backend model='egd' type='udp'> *<source mode='bind' service='1234'/>* * <source mode='connect' host='1.2.3.4' service='1234'/>* </backend> </rng> </devices>
How did it work with source mode='bind' and source mode='connect' together?
It doesn't. That's just an example that you can have two types of backend. Either the backend connects somewhere (mode='connect'), or expect somebody to connect (mode='bind'). Just try to define domain with that RNG, dump the XML back and see what got applied. Michal
On Thu, Oct 26, 2017 at 09:30:55 +0200, Michal Privoznik wrote:
On 10/25/2017 03:41 PM, Yalan Zhang wrote:
Hi Amos,
I'm a libvirt QE, and I can not understand the setting on libvirt.org for rng device. Could you please help to explain a little? (The xml in https://libvirt.org/formatdomain.html#elementsRng) <devices> <rng model='virtio'> <rate period="2000" bytes="1234"/> <backend model='random'>/dev/random</backend> <!-- OR --> <backend model='egd' type='udp'> *<source mode='bind' service='1234'/>* * <source mode='connect' host='1.2.3.4' service='1234'/>* </backend> </rng> </devices>
How did it work with source mode='bind' and source mode='connect' together?
It doesn't. That's just an example that you can have two types of backend. Either the backend connects somewhere (mode='connect'), or expect somebody to connect (mode='bind'). Just try to define domain with that RNG, dump the XML back and see what got applied.
Note that both are required to establish a bidirectional connection with UDP as configured above. For EGD you really need both directions since it's a bidirectional protocol.
participants (3)
-
Michal Privoznik -
Peter Krempa -
Yalan Zhang