From 3281d502733b198697bd076ae71d278c0e8b1912 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 28 Apr 2016 15:58:05 +0100 Subject: [PATCH] launch: libvirt: Add a /dev/urandom-based virtio-rng device to the appliance. It is safe to use /dev/urandom to seed the guest. In libvirt 1.3.4 this silly restriction has been lifted. This restores commit b2c845333f66d4d3135d3b6a8d4b992d6160bf0a. See also commit 9423c16607259b30985c46d04db9958ec079aa42. Thanks: Cole Robinson for doing the libvirt implementation. (cherry picked from commit 2b9f58f87b0dc2553061b4d8b301ff8e08121cb7) --- src/launch-libvirt.c | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/src/launch-libvirt.c b/src/launch-libvirt.c index 96c5913..4c29409 100644 --- a/src/launch-libvirt.c +++ b/src/launch-libvirt.c @@ -1306,26 +1306,19 @@ construct_libvirt_xml_devices (guestfs_h *g, } #endif -#if 0 - /* This is disabled. Pulling random numbers from /dev/random - * causes the appliance to pause for long periods. We should - * use /dev/urandom, but for bogus reasons libvirt prevents that. - * https://bugzilla.redhat.com/show_bug.cgi?id=1074464#c7 + /* Add a random number generator (backend for virtio-rng). This + * requires Cole Robinson's patch to permit /dev/urandom to be + * used, which was added in libvirt 1.3.4. */ - /* Add a random number generator (backend for virtio-rng). */ - start_element ("rng") { - attribute ("model", "virtio"); - start_element ("backend") { - attribute ("model", "random"); - /* It'd be nice to do this, but libvirt says: - * file '/dev/urandom' is not a supported random source - * Let libvirt pick /dev/random automatically instead. - * See also: https://bugzilla.redhat.com/show_bug.cgi?id=1074464 - */ - //string ("/dev/urandom"); + if (params->data->libvirt_version >= 1003004) { + start_element ("rng") { + attribute ("model", "virtio"); + start_element ("backend") { + attribute ("model", "random"); + string ("/dev/urandom"); + } end_element (); } end_element (); - } end_element (); -#endif + } /* virtio-scsi controller. */ start_element ("controller") { -- 1.8.3.1