virtio-rng: Add rate limiting options for virtio-RNG

Qemu's implementation of virtio RNG supports rate limiting of the
entropy used. This patch exposes the option to tune this functionality.

This patch is based on qemu commit 904d6f588063fb5ad2b61998acdf1e73fb4

The rate limiting is exported in the XML as:
<devices>
  ...
  <rng model='virtio'>
    <rate bytes='123' period='1234'/>
    <backend model='random'/>
  </rng>
  ...

docs/formatdomain.html.in

@@ -4294,6 +4294,7 @@ qemu-kvm -net nic,model=? /dev/null
   ...
   <devices>
     <rng model='virtio'>
+      <rate period="2000" bytes="1234"/>
       <backend model='random'>/dev/random</backend>
       <!-- OR -->
       <backend model='egd' type='udp'>
@@ -4316,6 +4317,18 @@ qemu-kvm -net nic,model=? /dev/null
           <li>'virtio' &mdash; supported by qemu and virtio-rng kernel module</li>
         </ul>
       </dd>
+      <dt><code>rate</code></dt>
+      <dd>
+        <p>
+          The optional <code>rate</code> element allows limiting the rate at
+          which entropy can be consumed from the source.  The mandatory
+          attribute <code>bytes</code> specifies how many bytes are permitted
+          to be consumed per period.  An optional <code>period</code> attribute
+          specifies the duration of a period in milliseconds; if omitted, the
+          period is taken as 1000 milliseconds (1 second).
+          <span class='since'>Since 1.0.4</span>
+        </p>
+      </dd>
       <dt><code>backend</code></dt>
       <dd>
         <p>

docs/schemas/domaincommon.rng

@@ -3522,7 +3522,12 @@
           <value>virtio</value>
         </choice>
       </attribute>
-      <ref name="rng-backend"/>
+      <interleave>
+        <ref name="rng-backend"/>
+        <optional>
+          <ref name="rng-rate"/>
+        </optional>
+      </interleave>
     </element>
   </define>
 
@@ -3550,6 +3555,20 @@
     </element>
   </define>
 
+  <define name="rng-rate">
+    <element name="rate">
+      <attribute name="bytes">
+        <ref name="positiveInteger"/>
+      </attribute>
+      <optional>
+        <attribute name="period">
+          <ref name="positiveInteger"/>
+        </attribute>
+      </optional>
+      <empty/>
+    </element>
+  </define>
+
   <define name="usbmaster">
     <element name="master">
       <attribute name="startport">

src/conf/domain_conf.c

@@ -7570,6 +7570,19 @@ virDomainRNGDefParseXML(const xmlNodePtr node,
 
     ctxt->node = node;
 
+    if (virXPathUInt("string(./rate/@bytes)", ctxt, &def->rate) < -1) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("invalid RNG rate bytes value"));
+        goto error;
+    }
+
+    if (def->rate > 0 &&
+        virXPathUInt("string(./rate/@period)", ctxt, &def->period) < -1) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("invalid RNG rate period value"));
+        goto error;
+    }
+
     if ((nbackends = virXPathNodeSet("./backend", ctxt, &backends)) < 0)
         goto error;
 
@@ -13897,6 +13910,12 @@ virDomainRNGDefFormat(virBufferPtr buf,
     const char *backend = virDomainRNGBackendTypeToString(def->backend);
 
     virBufferAsprintf(buf, "    <rng model='%s'>\n", model);
+    if (def->rate) {
+        virBufferAsprintf(buf, "      <rate bytes='%u'", def->rate);
+        if (def->period)
+            virBufferAsprintf(buf, " period='%u'", def->period);
+        virBufferAddLit(buf, "/>\n");
+    }
     virBufferAsprintf(buf, "      <backend model='%s'", backend);
 
     switch ((enum virDomainRNGBackend) def->backend) {

src/conf/domain_conf.h

@@ -1736,6 +1736,8 @@ enum virDomainRNGBackend {
 struct _virDomainRNGDef {
     int model;
     int backend;
+    unsigned int rate; /* bytes per period */
+    unsigned int period; /* milliseconds */
 
     union {
         char *file; /* file name for 'random' source */

src/qemu/qemu_command.c

@@ -4492,6 +4492,14 @@ qemuBuildRNGDeviceArgs(virCommandPtr cmd,
 
     virBufferAsprintf(&buf, "virtio-rng-pci,rng=%s", dev->info.alias);
 
+    if (dev->rate > 0) {
+        virBufferAsprintf(&buf, ",max-bytes=%u", dev->rate);
+        if (dev->period)
+            virBufferAsprintf(&buf, ",period=%u", dev->period);
+        else
+            virBufferAddLit(&buf, ",period=1000");
+    }
+
     if (qemuBuildDeviceAddressStr(&buf, &dev->info, qemuCaps) < 0)
         goto cleanup;
 

tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.args

@@ -3,4 +3,4 @@ LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu \
 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -usb \
 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 \
 -object rng-random,id=rng0,filename=/dev/hwrng \
--device virtio-rng-pci,rng=rng0,bus=pci.0,addr=0x4
+-device virtio-rng-pci,rng=rng0,max-bytes=123,period=1234,bus=pci.0,addr=0x4

tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.xml

@@ -17,6 +17,7 @@
     <controller type='usb' index='0'/>
     <memballoon model='virtio'/>
     <rng model='virtio'>
+      <rate bytes='123' period='1234'/>
       <backend model='random'>/dev/hwrng</backend>
     </rng>
   </devices>