vc: hypervisor: qemu: Add rng device.

Kata Containers does not have provide a good entropy level, make use of a paravirtual rng device to solve this problem. Fixes: #445 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
2025-07-03 02:26:37 +00:00 · 2018-09-10 13:16:50 -05:00 · 2018-09-10 13:16:50 -05:00 · bf7fd2bcd7
commit bf7fd2bcd7
parent f1829d078a
3 changed files with 25 additions and 0 deletions
--- a/virtcontainers/device/config/config.go
+++ b/virtcontainers/device/config/config.go
@ -117,6 +117,12 @@ type VFIODev struct {
 	BDF string
 }

+// RNGDev represents a random number generator device
+type RNGDev struct {
+	// ID is used to identify the device in the hypervisor options.
+	ID string
+}
+
 // VhostUserDeviceAttrs represents data shared by most vhost-user devices
 type VhostUserDeviceAttrs struct {
 	DevID      string
--- a/virtcontainers/qemu.go
+++ b/virtcontainers/qemu.go
@ -81,6 +81,7 @@ const (
 	qmpExecCatCmd                     = "exec:cat"

 	scsiControllerID = "scsi0"
+	rngID            = "rng0"
 )

 var qemuMajorVersion int
@ -488,6 +489,11 @@ func (q *qemu) createSandbox() error {
 	if ioThread != nil {
 		qemuConfig.IOThreads = []govmmQemu.IOThread{*ioThread}
 	}
+	// Add RNG device to hypervisor
+	rngDev := config.RNGDev{
+		ID: rngID,
+	}
+	qemuConfig.Devices = q.arch.appendRNGDevice(qemuConfig.Devices, rngDev)

 	q.qemuConfig = qemuConfig

--- a/virtcontainers/qemu_arch_base.go
+++ b/virtcontainers/qemu_arch_base.go
@ -82,6 +82,9 @@ type qemuArch interface {
 	// appendVFIODevice appends a VFIO device to devices
 	appendVFIODevice(devices []govmmQemu.Device, vfioDevice config.VFIODev) []govmmQemu.Device

+	// appendRNGDevice appends a RNG device to devices
+	appendRNGDevice(devices []govmmQemu.Device, rngDevice config.RNGDev) []govmmQemu.Device
+
 	// handleImagePath handles the Hypervisor Config image path
 	handleImagePath(config HypervisorConfig)
 }
@ -505,6 +508,16 @@ func (q *qemuArchBase) appendVFIODevice(devices []govmmQemu.Device, vfioDev conf
 	return devices
 }

+func (q *qemuArchBase) appendRNGDevice(devices []govmmQemu.Device, rngDev config.RNGDev) []govmmQemu.Device {
+	devices = append(devices,
+		govmmQemu.RngDevice{
+			ID: rngDev.ID,
+		},
+	)
+
+	return devices
+}
+
 func (q *qemuArchBase) handleImagePath(config HypervisorConfig) {
 	if config.ImagePath != "" {
 		q.kernelParams = append(q.kernelParams, kernelRootParams...)