Introduce qemu_guest_getrandom.

Use qemu_guest_getrandom in aspeed, nrf51, bcm2835, exynos4210 rng devices. Use qemu_guest_getrandom in target/ppc darn instruction. Support ARMv8.5-RNG extension. Support x86 RDRAND extension. Acked-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Laurent Vivier <laurent@vivier.eu> -----BEGIN PGP SIGNATURE----- iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAlzllrsdHHJpY2hhcmQu aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9/qAgAuYpF/gHrkfT+IFrw OsgV1pPdhh+opxp44ayIQ6VC64voij0k/NnmC3/BxRv89yPqchvA6m0c2jzfGuwZ ICpDt7LvFTrG9k8X9vEXbOTfh5dS/5g1o0LXiGU9RmMaC/5z2ZIabxU8K1Ti3+X0 P3B5s65rRQ8fPzOAMLEjeaHYQ/AOX/CNsmgFDve+d0b9tJY99UVO3Pb0h3+eR0s3 /4AHWG+IACGX7MVgFIfkEbGVnwboNiT20MUq3Exn2yGgg0IbLfoUazOnbfRz9jkX kbN6nAZ+WDynf31SvvkEL/P6W5medf58ufJOiBB8opIp1E4WDdM30V8RkkPOyj4z YOBmSw== =2RnL -----END PGP SIGNATURE----- Merge remote-tracking branch 'remotes/rth/tags/pull-rng-20190522' into staging Introduce qemu_guest_getrandom. Use qemu_guest_getrandom in aspeed, nrf51, bcm2835, exynos4210 rng devices. Use qemu_guest_getrandom in target/ppc darn instruction. Support ARMv8.5-RNG extension. Support x86 RDRAND extension. Acked-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Laurent Vivier <laurent@vivier.eu> # gpg: Signature made Wed 22 May 2019 19:36:43 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth/tags/pull-rng-20190522: (25 commits) target/i386: Implement CPUID_EXT_RDRAND target/ppc: Use qemu_guest_getrandom for DARN target/ppc: Use gen_io_start/end around DARN target/arm: Implement ARMv8.5-RNG target/arm: Put all PAC keys into a structure hw/misc/exynos4210_rng: Use qemu_guest_getrandom hw/misc/bcm2835_rng: Use qemu_guest_getrandom_nofail hw/misc/nrf51_rng: Use qemu_guest_getrandom_nofail aspeed/scu: Use qemu_guest_getrandom_nofail linux-user: Remove srand call linux-user/aarch64: Use qemu_guest_getrandom for PAUTH keys linux-user: Use qemu_guest_getrandom_nofail for AT_RANDOM linux-user: Call qcrypto_init if not using -seed linux-user: Initialize pseudo-random seeds for all guest cpus cpus: Initialize pseudo-random seeds for all guest cpus util: Add qemu_guest_getrandom and associated routines ui/vnc: Use gcrypto_random_bytes for start_auth_vnc ui/vnc: Split out authentication_failed crypto: Change the qcrypto_random_bytes buffer type to void* crypto: Use getrandom for qcrypto_random_bytes ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2025-08-10 02:54:58 -06:00 · 2019-05-23 12:57:17 +01:00 · 2019-05-23 12:57:17 +01:00 · d418238dca
commit d418238dca
parent c4600d5d41 369fd5ca66
36 changed files with 610 additions and 256 deletions
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@ -54,5 +54,6 @@ util-obj-y += iova-tree.o
 util-obj-$(CONFIG_INOTIFY1) += filemonitor-inotify.o
 util-obj-$(CONFIG_LINUX) += vfio-helpers.o
 util-obj-$(CONFIG_OPENGL) += drm.o
+util-obj-y += guest-random.o

 stub-obj-y += filemonitor-stub.o
--- a/util/guest-random.c
+++ b/util/guest-random.c
@ -0,0 +1,93 @@
+/*
+ * QEMU guest-visible random functions
+ *
+ * Copyright 2019 Linaro, Ltd.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qemu/cutils.h"
+#include "qapi/error.h"
+#include "qemu/guest-random.h"
+#include "crypto/random.h"
+
+
+static __thread GRand *thread_rand;
+static bool deterministic;
+
+
+static int glib_random_bytes(void *buf, size_t len)
+{
+    GRand *rand = thread_rand;
+    size_t i;
+    uint32_t x;
+
+    if (unlikely(rand == NULL)) {
+        /* Thread not initialized for a cpu, or main w/o -seed.  */
+        thread_rand = rand = g_rand_new();
+    }
+
+    for (i = 0; i + 4 <= len; i += 4) {
+        x = g_rand_int(rand);
+        __builtin_memcpy(buf + i, &x, 4);
+    }
+    if (i < len) {
+        x = g_rand_int(rand);
+        __builtin_memcpy(buf + i, &x, i - len);
+    }
+    return 0;
+}
+
+int qemu_guest_getrandom(void *buf, size_t len, Error **errp)
+{
+    if (unlikely(deterministic)) {
+        /* Deterministic implementation using Glib's Mersenne Twister.  */
+        return glib_random_bytes(buf, len);
+    } else {
+        /* Non-deterministic implementation using crypto routines.  */
+        return qcrypto_random_bytes(buf, len, errp);
+    }
+}
+
+void qemu_guest_getrandom_nofail(void *buf, size_t len)
+{
+    qemu_guest_getrandom(buf, len, &error_fatal);
+}
+
+uint64_t qemu_guest_random_seed_thread_part1(void)
+{
+    if (deterministic) {
+        uint64_t ret;
+        glib_random_bytes(&ret, sizeof(ret));
+        return ret;
+    }
+    return 0;
+}
+
+void qemu_guest_random_seed_thread_part2(uint64_t seed)
+{
+    g_assert(thread_rand == NULL);
+    if (deterministic) {
+        thread_rand =
+            g_rand_new_with_seed_array((const guint32 *)&seed,
+                                       sizeof(seed) / sizeof(guint32));
+    }
+}
+
+int qemu_guest_random_seed_main(const char *optarg, Error **errp)
+{
+    unsigned long long seed;
+    if (parse_uint_full(optarg, &seed, 0)) {
+        error_setg(errp, "Invalid seed number: %s", optarg);
+        return -1;
+    } else {
+        deterministic = true;
+        qemu_guest_random_seed_thread_part2(seed);
+        return 0;
+    }
+}