Qemu's implementation of virtio RNG supports rate limiting of the
entropy used. This patch exposes the option to tune this functionality.
This patch is based on qemu commit
904d6f588063fb5ad2b61998acdf1e73fb4
The rate limiting is exported in the XML as:
<devices>
...
<rng model='virtio'>
<rate bytes='123' period='1234'/>
<backend model='random'/>
</rng>
...
...
<devices>
<rng model='virtio'>
+ <rate period="2000" bytes="1234"/>
<backend model='random'>/dev/random</backend>
<!-- OR -->
<backend model='egd' type='udp'>
<li>'virtio' — supported by qemu and virtio-rng kernel module</li>
</ul>
</dd>
+ <dt><code>rate</code></dt>
+ <dd>
+ <p>
+ The optional <code>rate</code> element allows limiting the rate at
+ which entropy can be consumed from the source. The mandatory
+ attribute <code>bytes</code> specifies how many bytes are permitted
+ to be consumed per period. An optional <code>period</code> attribute
+ specifies the duration of a period in milliseconds; if omitted, the
+ period is taken as 1000 milliseconds (1 second).
+ <span class='since'>Since 1.0.4</span>
+ </p>
+ </dd>
<dt><code>backend</code></dt>
<dd>
<p>
<value>virtio</value>
</choice>
</attribute>
- <ref name="rng-backend"/>
+ <interleave>
+ <ref name="rng-backend"/>
+ <optional>
+ <ref name="rng-rate"/>
+ </optional>
+ </interleave>
</element>
</define>
</element>
</define>
+ <define name="rng-rate">
+ <element name="rate">
+ <attribute name="bytes">
+ <ref name="positiveInteger"/>
+ </attribute>
+ <optional>
+ <attribute name="period">
+ <ref name="positiveInteger"/>
+ </attribute>
+ </optional>
+ <empty/>
+ </element>
+ </define>
+
<define name="usbmaster">
<element name="master">
<attribute name="startport">
ctxt->node = node;
+ if (virXPathUInt("string(./rate/@bytes)", ctxt, &def->rate) < -1) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("invalid RNG rate bytes value"));
+ goto error;
+ }
+
+ if (def->rate > 0 &&
+ virXPathUInt("string(./rate/@period)", ctxt, &def->period) < -1) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("invalid RNG rate period value"));
+ goto error;
+ }
+
if ((nbackends = virXPathNodeSet("./backend", ctxt, &backends)) < 0)
goto error;
const char *backend = virDomainRNGBackendTypeToString(def->backend);
virBufferAsprintf(buf, " <rng model='%s'>\n", model);
+ if (def->rate) {
+ virBufferAsprintf(buf, " <rate bytes='%u'", def->rate);
+ if (def->period)
+ virBufferAsprintf(buf, " period='%u'", def->period);
+ virBufferAddLit(buf, "/>\n");
+ }
virBufferAsprintf(buf, " <backend model='%s'", backend);
switch ((enum virDomainRNGBackend) def->backend) {
struct _virDomainRNGDef {
int model;
int backend;
+ unsigned int rate; /* bytes per period */
+ unsigned int period; /* milliseconds */
union {
char *file; /* file name for 'random' source */
virBufferAsprintf(&buf, "virtio-rng-pci,rng=%s", dev->info.alias);
+ if (dev->rate > 0) {
+ virBufferAsprintf(&buf, ",max-bytes=%u", dev->rate);
+ if (dev->period)
+ virBufferAsprintf(&buf, ",period=%u", dev->period);
+ else
+ virBufferAddLit(&buf, ",period=1000");
+ }
+
if (qemuBuildDeviceAddressStr(&buf, &dev->info, qemuCaps) < 0)
goto cleanup;
-monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb \
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 \
-object rng-random,id=rng0,filename=/dev/hwrng \
--device virtio-rng-pci,rng=rng0,bus=pci.0,addr=0x4
+-device virtio-rng-pci,rng=rng0,max-bytes=123,period=1234,bus=pci.0,addr=0x4
<controller type='usb' index='0'/>
<memballoon model='virtio'/>
<rng model='virtio'>
+ <rate bytes='123' period='1234'/>
<backend model='random'>/dev/hwrng</backend>
</rng>
</devices>
projects / people / liuw / libxenctrl-split / libvirt.git / commitdiff