From nobody Mon Feb 9 15:13:00 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1552539982266722.7040924220297; Wed, 13 Mar 2019 22:06:22 -0700 (PDT) Received: from localhost ([127.0.0.1]:56988 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h4IZL-0003dD-5i for importer@patchew.org; Thu, 14 Mar 2019 01:06:15 -0400 Received: from eggs.gnu.org ([209.51.188.92]:56184) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h4IP7-0004Xa-UQ for qemu-devel@nongnu.org; Thu, 14 Mar 2019 00:55:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h4IP6-0007Pe-Uh for qemu-devel@nongnu.org; Thu, 14 Mar 2019 00:55:41 -0400 Received: from mail-pf1-x443.google.com ([2607:f8b0:4864:20::443]:36607) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h4IP6-0007P7-LM for qemu-devel@nongnu.org; Thu, 14 Mar 2019 00:55:40 -0400 Received: by mail-pf1-x443.google.com with SMTP id n22so3014183pfa.3 for ; Wed, 13 Mar 2019 21:55:40 -0700 (PDT) Received: from localhost.localdomain (97-113-188-82.tukw.qwest.net. [97.113.188.82]) by smtp.gmail.com with ESMTPSA id d9sm16185027pgq.6.2019.03.13.21.55.38 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 13 Mar 2019 21:55:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references; bh=lNgGBV08JdM/4W0wwa/93vZ9B93Qd3ysUi2+GHmW4Nw=; b=oUdSXLr8DU3aAxbrYw44qUpudvkfAguGWrANmDdab3A332d1YcqICcAAFlfdibhhh9 LsE1I9fbIXgbW5n4U3jMoJU/Dsm3F+e+XwXnKdSpMtzhQB8ZfyYP+jyWTwre6a5TPkpB OZm0TCfYaO2JmhKWQz3FvfPBx1Ha5PkfLlxCg5fJaai2eEaQo7yPZpo+apEmT7X/Vh7b 1QR9SBzpsmBciUpr1voYaH1Jw6LBI5yN6+Rg5K7YFafnpTAEA3VApW674fQR+DBxsStB Jy/74Gv5eulY6KgN89MJKhVv8up3nLXdSqfsTuvmPexgEM1hKUbWDnzyGjedBst5cPZg jWUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=lNgGBV08JdM/4W0wwa/93vZ9B93Qd3ysUi2+GHmW4Nw=; b=JItUy4/JSsxjXkN/pKVfFJ8i5lc3Jp0JSqME7OLM1giEETTpLIybt5UVDeEUf5oPDB IbEGtp2sJXtb6fYP9WnoUmD1Rq2bF2BSoI0kDRdwJbWUIVl2FmkA7BVYqz3QaXc5Klpn CU/Ra+dYH4GvHzs9jqB8ePfZGWra6EbXj/FKwB+ba7rtSAPzDnVZUel2gcKrkw4s8Cce xtqnDCAWekouyoekcfBDrvt9eGQ2wQJ3nOnp1qFiobumfNvVVvhYWpeuEipbubS/zbeP 6WA0LLRapqi4DA3XkfGO69mA8EKGFPY6qq2OLUGMRHt3bUNsveWALNj1ZolqyeJYDHWt riEQ== X-Gm-Message-State: APjAAAXpA0mLHCThsoNxAUfnIJb7tuKk61lc7rYcjJLExL2Spfz6C/WG TpP8ZXbSYwVRgb94W8DZxJPzEDnmW9k= X-Google-Smtp-Source: APXvYqwP3lk6mnuHJzh0q71KfI/W00v3sT5f49oztuGEscfnIM8xy7uKis/b8vRKjNZH5MSF+nSHwQ== X-Received: by 2002:a17:902:1025:: with SMTP id b34mr50271080pla.306.1552539339274; Wed, 13 Mar 2019 21:55:39 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Date: Wed, 13 Mar 2019 21:55:21 -0700 Message-Id: <20190314045526.13342-10-richard.henderson@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190314045526.13342-1-richard.henderson@linaro.org> References: <20190314045526.13342-1-richard.henderson@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::443 Subject: [Qemu-devel] [PATCH v2 09/14] util: Use qcrypto_random_bytes for qemu_getrandom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When not requesting deterministic bytes, use our existing crypto. Signed-off-by: Richard Henderson --- util/random.c | 61 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 48 insertions(+), 13 deletions(-) diff --git a/util/random.c b/util/random.c index 467c987a66..c2628ace80 100644 --- a/util/random.c +++ b/util/random.c @@ -14,19 +14,20 @@ #include "qemu/cutils.h" #include "qapi/error.h" #include "qemu/random.h" +#include "crypto/random.h" + =20 static __thread GRand *thread_rand; +static bool deterministic; + =20 /* Deterministic implementation using Glib's Mersenne Twister. */ -bool qemu_getrandom(void *buf, size_t len, bool nonblock) +static bool do_glib(void *buf, size_t len, bool nonblock) { - GRand *rand; + GRand *rand =3D thread_rand; size_t i; uint32_t x; =20 - g_assert(len <=3D 256); - - rand =3D thread_rand; if (unlikely(rand =3D=3D NULL)) { /* Thread not initialized for a cpu, or main w/o -seed. */ thread_rand =3D rand =3D g_rand_new(); @@ -44,18 +45,53 @@ bool qemu_getrandom(void *buf, size_t len, bool nonbloc= k) return true; } =20 +/* Non-deterministic implementation using crypto routines. */ +static bool do_qcrypt(void *buf, size_t len, bool nonblock) +{ + if (nonblock) { + /* + * ??? This is not non-blocking; report failure as "would block". + * That said, what does "failure" really mean, and can we in fact + * reasonably recover from it? + */ + if (qcrypto_random_bytes(buf, len, NULL) < 0) { + return false; + } + } else { + int ret =3D qcrypto_random_bytes(buf, len, &error_fatal); + g_assert(ret =3D=3D 0); + } + return true; +} + +bool qemu_getrandom(void *buf, size_t len, bool nonblock) +{ + g_assert(len <=3D 256); + if (unlikely(deterministic)) { + return do_glib(buf, len, nonblock); + } else { + return do_qcrypt(buf, len, nonblock); + } +} + uint64_t qemu_seedrandom_thread_part1(void) { - uint64_t ret; - qemu_getrandom(&ret, sizeof(ret), false); - return ret; + if (deterministic) { + uint64_t ret; + do_glib(&ret, sizeof(ret), false); + return ret; + } + return 0; } =20 void qemu_seedrandom_thread_part2(uint64_t seed) { g_assert(thread_rand =3D=3D NULL); - thread_rand =3D g_rand_new_with_seed_array((const guint32 *)&seed, - sizeof(seed) / sizeof(guint32= )); + if (deterministic) { + thread_rand =3D + g_rand_new_with_seed_array((const guint32 *)&seed, + sizeof(seed) / sizeof(guint32)); + } } =20 void qemu_seedrandom_main(const char *optarg, Error **errp) @@ -64,8 +100,7 @@ void qemu_seedrandom_main(const char *optarg, Error **er= rp) if (parse_uint_full(optarg, &seed, 0)) { error_setg(errp, "Invalid seed number: %s", optarg); } else { - g_assert(thread_rand !=3D NULL); - g_rand_set_seed_array(thread_rand, (const guint32 *)&seed, - sizeof(seed) / sizeof(guint32)); + deterministic =3D true; + qemu_seedrandom_thread_part2(seed); } } --=20 2.17.1