feat: added selection of entropy crate

Added ability to select between `rand` and
`aws-lc-rs` crates for entropy device.

Signed-off-by: Egor Lazarchuk <[email protected]>

Author: ShadowCurse

Diff for: Cargo.lock

@@ -8,6 +8,11 @@ description = "Firecracker enables you to deploy workloads in lightweight virtua
 homepage = "https://firecracker-microvm.github.io/"
 license = "Apache-2.0"
 
+[features]
+default = ["aws-lc-rs"]
+aws-lc-rs = ["vmm/aws-lc-rs"]
+rand = ["vmm/rand"]
+
 [dependencies]
 event-manager = "0.3.0"
 libc = "0.2.117"
@@ -20,7 +25,7 @@ mmds = { path = "../mmds" }
 seccompiler = { path = "../seccompiler" }
 snapshot = { path = "../snapshot"}
 utils = { path = "../utils" }
-vmm = { path = "../vmm" }
+vmm = { path = "../vmm", default-features = false }
 
 [dev-dependencies]
 cargo_toml = "0.13.0"

Diff for: src/firecracker/Cargo.toml

@@ -5,8 +5,14 @@ authors = ["Amazon Firecracker team <[email protected]>"]
 edition = "2021"
 license = "Apache-2.0"
 
+[features]
+default = []
+aws-lc-rs = ["dep:aws-lc-rs"]
+rand = ["dep:rand"]
+
 [dependencies]
-aws-lc-rs = "1.0.2"
+aws-lc-rs = { version = "1.0.2", optional = true }
+rand = { version = "0.8.5", optional = true }
 bitflags = "2.0.2"
 derive_more = { version = "0.99.17", default-features = false, features = ["from", "display"] }
 event-manager = "0.3.0"

Diff for: src/vmm/Cargo.toml

@@ -5,7 +5,11 @@ use std::io;
 use std::sync::atomic::AtomicUsize;
 use std::sync::Arc;
 
-use aws_lc_rs::rand;
+#[cfg(feature = "aws-lc-rs")]
+use aws_lc_rs::{error::Unspecified as RandomError, rand};
+#[cfg(feature = "rand")]
+use rand::{rngs::OsRng, Error as RandomError, RngCore};
+
 use logger::{debug, error, IncMetric, METRICS};
 use rate_limiter::{RateLimiter, TokenType};
 use utils::eventfd::EventFd;
@@ -27,7 +31,7 @@ pub enum Error {
     #[error("Bad guest memory buffer: {0}")]
     GuestMemory(#[from] GuestMemoryError),
     #[error("Could not get random bytes: {0}")]
-    Random(#[from] aws_lc_rs::error::Unspecified),
+    Random(#[from] RandomError),
 }
 
 type Result<T> = std::result::Result<T, Error>;
@@ -109,10 +113,17 @@ impl Entropy {
         }
 
         let mut rand_bytes = vec![0; iovec.len()];
+
+        #[cfg(feature = "aws-lc-rs")]
         rand::fill(&mut rand_bytes).map_err(|err| {
             METRICS.entropy.host_rng_fails.inc();
             err
         })?;
+        #[cfg(feature = "rand")]
+        OsRng.try_fill_bytes(&mut rand_bytes).map_err(|err| {
+            METRICS.entropy.host_rng_fails.inc();
+            err
+        })?;
 
         // It is ok to unwrap here. We are writing `iovec.len()` bytes at offset 0.
         Ok(iovec.write_at(&rand_bytes, 0).unwrap().try_into().unwrap())