From patchwork Thu Mar 14 04:55:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 160295 Delivered-To: patch@linaro.org Received: by 2002:a02:5cc1:0:0:0:0:0 with SMTP id w62csp15079277jad; Wed, 13 Mar 2019 22:07:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqwIu/gV8hdY2uhnd3sq43PDwrBJBNMb0yMKGMEvx/iUDSl/cMbrSqi8zy1XXG9nectK0sy+ X-Received: by 2002:a81:2f8c:: with SMTP id v134mr35129361ywv.438.1552540020017; Wed, 13 Mar 2019 22:07:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552540020; cv=none; d=google.com; s=arc-20160816; b=gpgEEO+lpOlQDDcyG6kMWvQ2uKrYfc+a175eYQ3Vt9ufXn41CqFK+0Mj9qzdAeCbsk vTFwjscMkELdCDDx6E1DskHKNjYG4H8J/7oTKQAsUV2jHOENg+PglqvEvsPEcb696AZx 3hnMep1uMXyQvyyEF6Fc0kt+z0R1H/wO6TDGvECAKuydKEly+5culwm5CGDL0mGvjEEo MTXirb3mMFmhogSDdqaCT51GwGXZhAmyKTPYEB1nRSyHHZPC4hWrLp/YZHQIYZzm5EYH 7boEd9huGky5Cst6ksE7UDvsHd/DHfii1ylJztWNR89g3v7uiZJUbgcGes1Rqucl0QP3 o1YQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature; bh=lNgGBV08JdM/4W0wwa/93vZ9B93Qd3ysUi2+GHmW4Nw=; b=rVthWoiKvZgGlwLRq14zFpe9gzA6TGSZGhW10iNJuvzwCdx/NH8NnO5vQId7+Tl6Eo qY7daJpikqd0oGkcRFijsll3W/sNnVoEXLowEcizvoRcaa44duc0ekqeGzmLwDp9+Cj9 qYHmpNGtpm8JTi7lS1BTZMCI7OFVWAjMJcZxGcMdBvWPgaPa9Xz4jBkg6MQFQ8A2S4RR 1oQ0vGEXP3P0QlekuN6fE9M7+WGtV9HIwMVxEhoda5deDa/Lv7wE0Mo0cM5dqHZS8uLg ZCOcImFSM/Ek0W7S96w6dIdURrkPwN8LGWiKAAmiTBSa0ejI3B2VLF5gRI8TXkmBWX7x QVdQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=oUdSXLr8; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d18si7941315ywh.325.2019.03.13.22.06.59 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 13 Mar 2019 22:07:00 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=oUdSXLr8; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([127.0.0.1]:56996 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h4Ia3-0004T8-Dx for patch@linaro.org; Thu, 14 Mar 2019 01:06:59 -0400 Received: from eggs.gnu.org ([209.51.188.92]:56184) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h4IP7-0004Xa-UQ for qemu-devel@nongnu.org; Thu, 14 Mar 2019 00:55:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h4IP6-0007Pe-Uh for qemu-devel@nongnu.org; Thu, 14 Mar 2019 00:55:41 -0400 Received: from mail-pf1-x443.google.com ([2607:f8b0:4864:20::443]:36607) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h4IP6-0007P7-LM for qemu-devel@nongnu.org; Thu, 14 Mar 2019 00:55:40 -0400 Received: by mail-pf1-x443.google.com with SMTP id n22so3014183pfa.3 for ; Wed, 13 Mar 2019 21:55:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references; bh=lNgGBV08JdM/4W0wwa/93vZ9B93Qd3ysUi2+GHmW4Nw=; b=oUdSXLr8DU3aAxbrYw44qUpudvkfAguGWrANmDdab3A332d1YcqICcAAFlfdibhhh9 LsE1I9fbIXgbW5n4U3jMoJU/Dsm3F+e+XwXnKdSpMtzhQB8ZfyYP+jyWTwre6a5TPkpB OZm0TCfYaO2JmhKWQz3FvfPBx1Ha5PkfLlxCg5fJaai2eEaQo7yPZpo+apEmT7X/Vh7b 1QR9SBzpsmBciUpr1voYaH1Jw6LBI5yN6+Rg5K7YFafnpTAEA3VApW674fQR+DBxsStB Jy/74Gv5eulY6KgN89MJKhVv8up3nLXdSqfsTuvmPexgEM1hKUbWDnzyGjedBst5cPZg jWUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=lNgGBV08JdM/4W0wwa/93vZ9B93Qd3ysUi2+GHmW4Nw=; b=JItUy4/JSsxjXkN/pKVfFJ8i5lc3Jp0JSqME7OLM1giEETTpLIybt5UVDeEUf5oPDB IbEGtp2sJXtb6fYP9WnoUmD1Rq2bF2BSoI0kDRdwJbWUIVl2FmkA7BVYqz3QaXc5Klpn CU/Ra+dYH4GvHzs9jqB8ePfZGWra6EbXj/FKwB+ba7rtSAPzDnVZUel2gcKrkw4s8Cce xtqnDCAWekouyoekcfBDrvt9eGQ2wQJ3nOnp1qFiobumfNvVVvhYWpeuEipbubS/zbeP 6WA0LLRapqi4DA3XkfGO69mA8EKGFPY6qq2OLUGMRHt3bUNsveWALNj1ZolqyeJYDHWt riEQ== X-Gm-Message-State: APjAAAXpA0mLHCThsoNxAUfnIJb7tuKk61lc7rYcjJLExL2Spfz6C/WG TpP8ZXbSYwVRgb94W8DZxJPzEDnmW9k= X-Received: by 2002:a17:902:1025:: with SMTP id b34mr50271080pla.306.1552539339274; Wed, 13 Mar 2019 21:55:39 -0700 (PDT) Received: from localhost.localdomain (97-113-188-82.tukw.qwest.net. [97.113.188.82]) by smtp.gmail.com with ESMTPSA id d9sm16185027pgq.6.2019.03.13.21.55.38 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 13 Mar 2019 21:55:38 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Date: Wed, 13 Mar 2019 21:55:21 -0700 Message-Id: <20190314045526.13342-10-richard.henderson@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190314045526.13342-1-richard.henderson@linaro.org> References: <20190314045526.13342-1-richard.henderson@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::443 Subject: [Qemu-devel] [PATCH v2 09/14] util: Use qcrypto_random_bytes for qemu_getrandom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" When not requesting deterministic bytes, use our existing crypto. Signed-off-by: Richard Henderson --- util/random.c | 61 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 48 insertions(+), 13 deletions(-) -- 2.17.1 diff --git a/util/random.c b/util/random.c index 467c987a66..c2628ace80 100644 --- a/util/random.c +++ b/util/random.c @@ -14,19 +14,20 @@ #include "qemu/cutils.h" #include "qapi/error.h" #include "qemu/random.h" +#include "crypto/random.h" + static __thread GRand *thread_rand; +static bool deterministic; + /* Deterministic implementation using Glib's Mersenne Twister. */ -bool qemu_getrandom(void *buf, size_t len, bool nonblock) +static bool do_glib(void *buf, size_t len, bool nonblock) { - GRand *rand; + GRand *rand = thread_rand; size_t i; uint32_t x; - g_assert(len <= 256); - - rand = thread_rand; if (unlikely(rand == NULL)) { /* Thread not initialized for a cpu, or main w/o -seed. */ thread_rand = rand = g_rand_new(); @@ -44,18 +45,53 @@ bool qemu_getrandom(void *buf, size_t len, bool nonblock) return true; } +/* Non-deterministic implementation using crypto routines. */ +static bool do_qcrypt(void *buf, size_t len, bool nonblock) +{ + if (nonblock) { + /* + * ??? This is not non-blocking; report failure as "would block". + * That said, what does "failure" really mean, and can we in fact + * reasonably recover from it? + */ + if (qcrypto_random_bytes(buf, len, NULL) < 0) { + return false; + } + } else { + int ret = qcrypto_random_bytes(buf, len, &error_fatal); + g_assert(ret == 0); + } + return true; +} + +bool qemu_getrandom(void *buf, size_t len, bool nonblock) +{ + g_assert(len <= 256); + if (unlikely(deterministic)) { + return do_glib(buf, len, nonblock); + } else { + return do_qcrypt(buf, len, nonblock); + } +} + uint64_t qemu_seedrandom_thread_part1(void) { - uint64_t ret; - qemu_getrandom(&ret, sizeof(ret), false); - return ret; + if (deterministic) { + uint64_t ret; + do_glib(&ret, sizeof(ret), false); + return ret; + } + return 0; } void qemu_seedrandom_thread_part2(uint64_t seed) { g_assert(thread_rand == NULL); - thread_rand = g_rand_new_with_seed_array((const guint32 *)&seed, - sizeof(seed) / sizeof(guint32)); + if (deterministic) { + thread_rand = + g_rand_new_with_seed_array((const guint32 *)&seed, + sizeof(seed) / sizeof(guint32)); + } } void qemu_seedrandom_main(const char *optarg, Error **errp) @@ -64,8 +100,7 @@ void qemu_seedrandom_main(const char *optarg, Error **errp) if (parse_uint_full(optarg, &seed, 0)) { error_setg(errp, "Invalid seed number: %s", optarg); } else { - g_assert(thread_rand != NULL); - g_rand_set_seed_array(thread_rand, (const guint32 *)&seed, - sizeof(seed) / sizeof(guint32)); + deterministic = true; + qemu_seedrandom_thread_part2(seed); } }