vc: hypervisor: qemu: Add rng device.

Kata Containers does not have provide a good entropy level, make use of a paravirtual rng device to solve this problem. Fixes: #445 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
kata-containers · Sep 10, 2018 · bf7fd2b · bf7fd2b
1 parent f1829d0
commit bf7fd2b
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 0 deletions.
diff --git a/virtcontainers/device/config/config.go b/virtcontainers/device/config/config.go
@@ -117,6 +117,12 @@ type VFIODev struct {
 	BDF string
 }
 
+// RNGDev represents a random number generator device
+type RNGDev struct {
+	// ID is used to identify the device in the hypervisor options.
+	ID string
+}
+
 // VhostUserDeviceAttrs represents data shared by most vhost-user devices
 type VhostUserDeviceAttrs struct {
 	DevID      string

diff --git a/virtcontainers/qemu.go b/virtcontainers/qemu.go
@@ -81,6 +81,7 @@ const (
 	qmpExecCatCmd                     = "exec:cat"
 
 	scsiControllerID = "scsi0"
+	rngID            = "rng0"
 )
 
 var qemuMajorVersion int
@@ -488,6 +489,11 @@ func (q *qemu) createSandbox() error {
 	if ioThread != nil {
 		qemuConfig.IOThreads = []govmmQemu.IOThread{*ioThread}
 	}
+	// Add RNG device to hypervisor
+	rngDev := config.RNGDev{
+		ID: rngID,
+	}
+	qemuConfig.Devices = q.arch.appendRNGDevice(qemuConfig.Devices, rngDev)
 
 	q.qemuConfig = qemuConfig
 

diff --git a/virtcontainers/qemu_arch_base.go b/virtcontainers/qemu_arch_base.go
@@ -82,6 +82,9 @@ type qemuArch interface {
 	// appendVFIODevice appends a VFIO device to devices
 	appendVFIODevice(devices []govmmQemu.Device, vfioDevice config.VFIODev) []govmmQemu.Device
 
+	// appendRNGDevice appends a RNG device to devices
+	appendRNGDevice(devices []govmmQemu.Device, rngDevice config.RNGDev) []govmmQemu.Device
+
 	// handleImagePath handles the Hypervisor Config image path
 	handleImagePath(config HypervisorConfig)
 }
@@ -505,6 +508,16 @@ func (q *qemuArchBase) appendVFIODevice(devices []govmmQemu.Device, vfioDev conf
 	return devices
 }
 
+func (q *qemuArchBase) appendRNGDevice(devices []govmmQemu.Device, rngDev config.RNGDev) []govmmQemu.Device {
+	devices = append(devices,
+		govmmQemu.RngDevice{
+			ID: rngDev.ID,
+		},
+	)
+
+	return devices
+}
+
 func (q *qemuArchBase) handleImagePath(config HypervisorConfig) {
 	if config.ImagePath != "" {
 		q.kernelParams = append(q.kernelParams, kernelRootParams...)