From nobody Mon May 20 01:44:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=quarantine dis=quarantine) header.from=epam.com ARC-Seal: i=1; a=rsa-sha256; t=1621846851; cv=none; d=zohomail.com; s=zohoarc; b=Tef9E9ovCf8CH7x1jcbZd0q/Jnmx+6YQXM7qhCP+8BtSFaluMa7ykVUkC3jau7zp43WBqR1Z+Oyw1BbUgDZ3AQWRvPBSvVo4+gLRGyu/gNnFEoTY00g0dPNGW+N/dS9TCabjfUn9U6JJv4USO84X8dze4NlGt36TTb4TI5ozEyo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1621846851; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=mZC9o1wcSA2v8z2oT61FLa8aw8mwsjX8I6cR+ak5MVw=; b=A5raaxAQ2oEeNey/t1rNzHZf0dK+i4D0pm+bgWT/ax/AkYwUDXYKDfs5kHDgWrf4Bnb6zrFNAZCtItAA7kyc5ipPVR38eejNuv9gFVydke85hnmbGSO4bjgkfQeGLwfhT+7Z/vVKuKMkXhuzcpqlv5U9sI+Zov9idg77Q4QaTIU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=quarantine dis=quarantine) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 16218468516151017.9116028930678; Mon, 24 May 2021 02:00:51 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.131699.246008 (Exim 4.92) (envelope-from ) id 1ll6Rm-0005hu-3V; Mon, 24 May 2021 09:00:26 +0000 Received: by outflank-mailman (output) from mailman id 131699.246008; Mon, 24 May 2021 09:00:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ll6Rm-0005hn-0L; Mon, 24 May 2021 09:00:26 +0000 Received: by outflank-mailman (input) for mailman id 131699; Mon, 24 May 2021 08:01:15 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ll5WV-0000hD-Ba for xen-devel@lists.xenproject.org; Mon, 24 May 2021 08:01:15 +0000 Received: from pb-smtp2.pobox.com (unknown [64.147.108.71]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id b74c592a-deb1-419a-afce-cfda55b4e452; Mon, 24 May 2021 08:01:13 +0000 (UTC) Received: from pb-smtp2.pobox.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id 4C462B33FA; Mon, 24 May 2021 04:01:13 -0400 (EDT) (envelope-from sakib@darkstar.site) Received: from pb-smtp2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id 44D6EB33F9; Mon, 24 May 2021 04:01:13 -0400 (EDT) (envelope-from sakib@darkstar.site) Received: from localhost (unknown [95.67.114.216]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pb-smtp2.pobox.com (Postfix) with ESMTPSA id 23594B33F8; Mon, 24 May 2021 04:01:11 -0400 (EDT) (envelope-from sakib@darkstar.site) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: b74c592a-deb1-419a-afce-cfda55b4e452 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h=from:to:cc :subject:date:message-id:mime-version:content-transfer-encoding; s=sasl; bh=mCsJmtMIZvPu58czx8ZlXkLAmQ9FB2eDwle91D0METI=; b=QUDB 7yljJ6uAuxl1APj85QsfTuCLWY8hWwQrQ3nCIF0xuECvL+qtOACg1Sian5u0gmz8 Nj5jskZFrwuJ9RpDe5PdYZib13XXe5g8j8I1F+NAEXxU0YhCVysFnBqit99GDccH J8ykkIMs1e/Cd72Gaf4Ectq0DyzxVE7rXANL+CM= From: Sergiy Kibrik To: xen-devel@lists.xenproject.org Cc: Ian Jackson , Wei Liu , Sergiy Kibrik Subject: [XEN PATCH v1] libxl/arm: provide guests with random seed Date: Mon, 24 May 2021 08:00:57 +0000 Message-Id: <20210524080057.1773-1-Sergiy_Kibrik@epam.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Pobox-Relay-ID: 3417F180-BC66-11EB-99A9-74DE23BA3BAF-90055647!pb-smtp2.pobox.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @pobox.com) Content-Type: text/plain; charset="utf-8" Pass random seed via FDT, so that guests' CRNGs are better seeded early at = boot. Depending on its configuration Linux can use the seed as device randomness or to just quickly initialize CRNG. In either case this will provide extra randomness to further harden CRNG. Signed-off-by: Sergiy Kibrik --- tools/libxl/libxl_arm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/libxl/libxl_arm.c b/tools/libxl/libxl_arm.c index 34f8a29056..05c58a428c 100644 --- a/tools/libxl/libxl_arm.c +++ b/tools/libxl/libxl_arm.c @@ -342,6 +342,12 @@ static int make_chosen_node(libxl__gc *gc, void *fdt, = bool ramdisk, if (res) return res; } =20 + uint8_t seed[128]; + res =3D libxl__random_bytes(gc, seed, sizeof(seed)); + if (res) return res; + res =3D fdt_property(fdt, "rng-seed", seed, sizeof(seed)); + if (res) return res; + res =3D fdt_end_node(fdt); if (res) return res; =20 --=20 2.25.1