[for-4.1,1/7] util: Add qemu_getrandom and support functions

Message ID	20190313062630.30568-2-richard.henderson@linaro.org
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Date: Tue, 12 Mar 2019 23:26:24 -0700 Message-Id: <20190313062630.30568-2-richard.henderson@linaro.org> In-Reply-To: <20190313062630.30568-1-richard.henderson@linaro.org> References: <20190313062630.30568-1-richard.henderson@linaro.org> Subject: [Qemu-devel] [PATCH for-4.1 1/7] util: Add qemu_getrandom and support functions Precedence: list Cc: peter.maydell@linaro.org, david@redhat.com, laurent@vivier.eu, armbru@redhat.com, kraxel@redhat.com, pbonzini@redhat.com, david@gibson.dropbear.id.au Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	Add qemu_getrandom and ARMv8.5-RNG \| expand [for-4.1,0/7] Add qemu_getrandom and ARMv8.5-RNG [for-4.1,1/7] util: Add qemu_getrandom and support functions [for-4.1,2/7] util: Use getrandom for qemu_getrandom if available [for-4.1,3/7] linux-user: Use qemu_getrandom for AT_RANDOM [for-4.1,4/7] linux-user/aarch64: Use qemu_getrandom for arm_init_pauth_key [for-4.1,5/7] linux-user: Remove srand call [for-4.1,6/7] ui/vnc: Use qemu_getrandom for make_challenge [for-4.1,7/7] target/arm: Implement ARMv8.5-RNG

diff --git a/include/qemu/random.h b/include/qemu/random.h new file mode 100644 index 0000000000..9d88008288 --- /dev/null +++ b/include/qemu/random.h @@ -0,0 +1,58 @@ +/* + * QEMU random functions + * + * Copyright 2019 Linaro, Ltd. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + */ + +#ifndef QEMU_RANDOM_H +#define QEMU_RANDOM_H + +/** + * qemu_seedrandom_main(const char *optarg, Error **errp) + * @optarg: a non-NULL pointer to a C string + * @errp: an Error handler + * + * The @optarg value is that which accompanies the -seed argument. + * This forces qemu_getrandom into deterministic mode. + */ +void qemu_seedrandom_main(const char *optarg, Error **errp); + +/** + * qemu_seedrandom_thread_part1(void) + * + * If qemu_getrandom is in deterministic mode, returns an + * independant seed for the new thread. Otherwise returns 0. + */ +uint64_t qemu_seedrandom_thread_part1(void); + +/** + * qemu_seedrandom_thread_part2(uint64_t seed) + * @seed: a value for the new thread. + * + * If qemu_getrandom is in deterministic mode, this stores an + * independant seed for the new thread. Otherwise a no-op. + */ +void qemu_seedrandom_thread_part2(uint64_t seed); + +/** + * qemu_getrandom(void *buf, size_t len, bool nonblock) + * @buf: a buffer of bytes to be written + * @len: the number of bytes in @buf + * @nonblock: do not delay if the entropy pool is low + * + * Fills len bytes in buf with random data. If nonblock is false, + * this may require a delay while the entropy pool fills. Returns + * true if the call is successful, but the only non-successful case + * is when nonblock is true. + * + * The value of len must be <= 256, so that the BSD getentropy(3) + * function can be used to implement this. + */ +bool qemu_getrandom(void *buf, size_t len, bool nonblock); + +#endif /* QEMU_RANDOM_H */ diff --git a/include/qom/cpu.h b/include/qom/cpu.h index 1d6099e5d4..343cc6d51e 100644 --- a/include/qom/cpu.h +++ b/include/qom/cpu.h @@ -372,6 +372,7 @@ struct CPUState { int singlestep_enabled; int64_t icount_budget; int64_t icount_extra; + uint64_t random_seed; sigjmp_buf jmp_env; QemuMutex work_mutex; diff --git a/cpus.c b/cpus.c index e83f72b48b..b5d3f46220 100644 --- a/cpus.c +++ b/cpus.c @@ -49,6 +49,7 @@ #include "qemu/option.h" #include "qemu/bitmap.h" #include "qemu/seqlock.h" +#include "qemu/random.h" #include "tcg.h" #include "hw/nmi.h" #include "sysemu/replay.h" @@ -1275,6 +1276,7 @@ static void *qemu_kvm_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1318,6 +1320,7 @@ static void *qemu_dummy_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { qemu_mutex_unlock_iothread(); @@ -1477,6 +1480,7 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg) cpu->created = true; cpu->can_do_io = 1; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); /* wait for initial kick-off after machine start */ while (first_cpu->stopped) { @@ -1591,6 +1595,7 @@ static void *qemu_hax_cpu_thread_fn(void *arg) hax_init_vcpu(cpu); qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1630,6 +1635,7 @@ static void *qemu_hvf_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1670,6 +1676,7 @@ static void *qemu_whpx_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1723,6 +1730,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg) cpu->can_do_io = 1; current_cpu = cpu; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); /* process any pending work */ cpu->exit_request = 1; @@ -2070,6 +2078,7 @@ void qemu_init_vcpu(CPUState *cpu) cpu->nr_cores = smp_cores; cpu->nr_threads = smp_threads; cpu->stopped = true; + cpu->random_seed = qemu_seedrandom_thread_part1(); if (!cpu->as) { /* If the target cpu hasn't set up any address spaces itself, diff --git a/linux-user/main.c b/linux-user/main.c index a0aba9cb1e..37300230f5 100644 --- a/linux-user/main.c +++ b/linux-user/main.c @@ -33,6 +33,7 @@ #include "tcg.h" #include "qemu/timer.h" #include "qemu/envlist.h" +#include "qemu/random.h" #include "elf.h" #include "trace/control.h" #include "target_elf.h" @@ -291,13 +292,7 @@ static void handle_arg_pagesize(const char *arg) static void handle_arg_randseed(const char *arg) { - unsigned long long seed; - - if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) { - fprintf(stderr, "Invalid seed number: %s\n", arg); - exit(EXIT_FAILURE); - } - srand(seed); + qemu_seedrandom_main(arg, &error_fatal); } static void handle_arg_gdb(const char *arg) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 208fd1813d..18d98f5a08 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -110,6 +110,7 @@ #include "uname.h" #include "qemu.h" +#include "qemu/random.h" #include "fd-trans.h" #ifndef CLONE_IO @@ -5448,6 +5449,7 @@ static void *clone_func(void *arg) put_user_u32(info->tid, info->child_tidptr); if (info->parent_tidptr) put_user_u32(info->tid, info->parent_tidptr); + qemu_seedrandom_thread_part2(cpu->random_seed); /* Enable signals. */ sigprocmask(SIG_SETMASK, &info->sigmask, NULL); /* Signal to the parent that we're ready. */ @@ -5534,6 +5536,7 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp, initializing, so temporarily block all signals. */ sigfillset(&sigmask); sigprocmask(SIG_BLOCK, &sigmask, &info.sigmask); + cpu->random_seed = qemu_seedrandom_thread_part1(); /* If this is our first additional thread, we need to ensure we * generate code for parallel execution and flush old translations. diff --git a/util/random.c b/util/random.c new file mode 100644 index 0000000000..ded8725a3b --- /dev/null +++ b/util/random.c @@ -0,0 +1,76 @@ +/* + * QEMU random functions + * + * Copyright 2019 Linaro, Ltd. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + */ + +#include "qemu/osdep.h" +#include "qemu-common.h" +#include "qemu/cutils.h" +#include "qapi/error.h" +#include "qemu/random.h" + + +/* + * While jrand48 is not technically thread safe, jrand48_r is glibc specific. + * However, the only other global state are the A and C values, which are + * otherwise constant. The only way to muck with those is with lcong48(3). + * So if we don't do that, jrand48 *is* thread-safe. + */ +static __thread uint16_t xsubi[3]; + +/* Deterministic implementation using libc functions. */ +bool qemu_getrandom(void *buf, size_t len, bool nonblock) +{ + size_t i; + uint32_t val; + + g_assert_cmpuint(len, <=, 256); + + for (i = 0; i + 4 <= len; i += 4) { + val = jrand48(xsubi); + __builtin_memcpy(buf + i, &val, 4); + } + if (i < len) { + val = jrand48(xsubi); + __builtin_memcpy(buf + i, &val, len - i); + } + + return true; +} + +uint64_t qemu_seedrandom_thread_part1(void) +{ + uint64_t ret; + qemu_getrandom(&ret, sizeof(ret), false); + return ret; +} + +void qemu_seedrandom_thread_part2(uint64_t seed) +{ + xsubi[0] = seed; + xsubi[1] = seed >> 16; + xsubi[2] = seed >> 32; +} + +void qemu_seedrandom_main(const char *optarg, Error **errp) +{ + unsigned long long seed; + if (parse_uint_full(optarg, &seed, 0)) { + error_setg(errp, "Invalid seed number: %s", optarg); + } else { + qemu_seedrandom_thread_part2(seed); + } +} + +static void __attribute__((constructor)) initialize(void) +{ + /* Make sure A and C parameters are initialized. */ + srand48(0); + qemu_seedrandom_thread_part2(time(NULL) + getpid() * 1500450271ull); +} diff --git a/vl.c b/vl.c index 027b853d92..5daf12f74a 100644 --- a/vl.c +++ b/vl.c @@ -128,6 +128,7 @@ int main(int argc, char **argv) #include "qapi/qapi-commands-ui.h" #include "qapi/qmp/qerror.h" #include "sysemu/iothread.h" +#include "qemu/random.h" #define MAX_VIRTIO_CONSOLES 1 @@ -3330,6 +3331,9 @@ int main(int argc, char **argv, char **envp) case QEMU_OPTION_DFILTER: qemu_set_dfilter_ranges(optarg, &error_fatal); break; + case QEMU_OPTION_seed: + qemu_seedrandom_main(optarg, &error_fatal); + break; case QEMU_OPTION_s: add_device_config(DEV_GDB, "tcp::" DEFAULT_GDBSTUB_PORT); break; diff --git a/qemu-options.hx b/qemu-options.hx index 8693f5fa3c..a45ae70d33 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -3598,6 +3598,16 @@ the 0x200 sized block starting at 0xffffffc000080000 and another 0x1000 sized block starting at 0xffffffc00005f000. ETEXI +DEF("seed", HAS_ARG, QEMU_OPTION_seed, \ + "-seed number seed the psudorandom number generator\n", + QEMU_ARCH_ALL) +STEXI +@item -seed @var{number} +@findex -seed +Force qemu to use a deterministic pseudo random number generator, +seeded with @var{number}. +ETEXI + DEF("L", HAS_ARG, QEMU_OPTION_L, \ "-L path set the directory for the BIOS, VGA BIOS and keymaps\n", QEMU_ARCH_ALL) diff --git a/util/Makefile.objs b/util/Makefile.objs index 835fcd69e2..bc7405c535 100644 --- a/util/Makefile.objs +++ b/util/Makefile.objs @@ -53,5 +53,6 @@ util-obj-y += iova-tree.o util-obj-$(CONFIG_INOTIFY1) += filemonitor-inotify.o util-obj-$(CONFIG_LINUX) += vfio-helpers.o util-obj-$(CONFIG_OPENGL) += drm.o +util-obj-y += random.o stub-obj-y += filemonitor-stub.o

[for-4.1,1/7] util: Add qemu_getrandom and support functions

Commit Message

Comments

Patch