Introduce qemu_guest_getrandom.
Use qemu_guest_getrandom in aspeed, nrf51, bcm2835, exynos4210 rng devices. Use qemu_guest_getrandom in target/ppc darn instruction. Support ARMv8.5-RNG extension. Support x86 RDRAND extension. Acked-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Laurent Vivier <laurent@vivier.eu> -----BEGIN PGP SIGNATURE----- iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAlzllrsdHHJpY2hhcmQu aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9/qAgAuYpF/gHrkfT+IFrw OsgV1pPdhh+opxp44ayIQ6VC64voij0k/NnmC3/BxRv89yPqchvA6m0c2jzfGuwZ ICpDt7LvFTrG9k8X9vEXbOTfh5dS/5g1o0LXiGU9RmMaC/5z2ZIabxU8K1Ti3+X0 P3B5s65rRQ8fPzOAMLEjeaHYQ/AOX/CNsmgFDve+d0b9tJY99UVO3Pb0h3+eR0s3 /4AHWG+IACGX7MVgFIfkEbGVnwboNiT20MUq3Exn2yGgg0IbLfoUazOnbfRz9jkX kbN6nAZ+WDynf31SvvkEL/P6W5medf58ufJOiBB8opIp1E4WDdM30V8RkkPOyj4z YOBmSw== =2RnL -----END PGP SIGNATURE----- Merge remote-tracking branch 'remotes/rth/tags/pull-rng-20190522' into staging Introduce qemu_guest_getrandom. Use qemu_guest_getrandom in aspeed, nrf51, bcm2835, exynos4210 rng devices. Use qemu_guest_getrandom in target/ppc darn instruction. Support ARMv8.5-RNG extension. Support x86 RDRAND extension. Acked-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Laurent Vivier <laurent@vivier.eu> # gpg: Signature made Wed 22 May 2019 19:36:43 BST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * remotes/rth/tags/pull-rng-20190522: (25 commits) target/i386: Implement CPUID_EXT_RDRAND target/ppc: Use qemu_guest_getrandom for DARN target/ppc: Use gen_io_start/end around DARN target/arm: Implement ARMv8.5-RNG target/arm: Put all PAC keys into a structure hw/misc/exynos4210_rng: Use qemu_guest_getrandom hw/misc/bcm2835_rng: Use qemu_guest_getrandom_nofail hw/misc/nrf51_rng: Use qemu_guest_getrandom_nofail aspeed/scu: Use qemu_guest_getrandom_nofail linux-user: Remove srand call linux-user/aarch64: Use qemu_guest_getrandom for PAUTH keys linux-user: Use qemu_guest_getrandom_nofail for AT_RANDOM linux-user: Call qcrypto_init if not using -seed linux-user: Initialize pseudo-random seeds for all guest cpus cpus: Initialize pseudo-random seeds for all guest cpus util: Add qemu_guest_getrandom and associated routines ui/vnc: Use gcrypto_random_bytes for start_auth_vnc ui/vnc: Split out authentication_failed crypto: Change the qcrypto_random_bytes buffer type to void* crypto: Use getrandom for qcrypto_random_bytes ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
commit
d418238dca
4
Makefile
4
Makefile
@ -413,7 +413,7 @@ dummy := $(call unnest-vars,, \
|
||||
block-obj-y \
|
||||
block-obj-m \
|
||||
crypto-obj-y \
|
||||
crypto-aes-obj-y \
|
||||
crypto-user-obj-y \
|
||||
qom-obj-y \
|
||||
io-obj-y \
|
||||
common-obj-y \
|
||||
@ -487,7 +487,7 @@ subdir-slirp: .git-submodule-status
|
||||
$(call quiet-command,$(MAKE) -C $(SRC_PATH)/slirp BUILD_DIR="$(BUILD_DIR)/slirp" CC="$(CC)" AR="$(AR)" LD="$(LD)" RANLIB="$(RANLIB)" CFLAGS="$(QEMU_CFLAGS) $(CFLAGS)" LDFLAGS="$(LDFLAGS)")
|
||||
|
||||
$(SUBDIR_RULES): libqemuutil.a $(common-obj-y) \
|
||||
$(qom-obj-y) $(crypto-aes-obj-$(CONFIG_USER_ONLY))
|
||||
$(qom-obj-y) $(crypto-user-obj-$(CONFIG_USER_ONLY))
|
||||
|
||||
ROMSUBDIR_RULES=$(patsubst %,romsubdir-%, $(ROMS))
|
||||
# Only keep -O and -g cflags
|
||||
|
@ -25,7 +25,7 @@ block-obj-m = block/
|
||||
# crypto-obj-y is code used by both qemu system emulation and qemu-img
|
||||
|
||||
crypto-obj-y = crypto/
|
||||
crypto-aes-obj-y = crypto/
|
||||
crypto-user-obj-y = crypto/
|
||||
|
||||
#######################################################################
|
||||
# qom-obj-y is code used by both qemu system emulation and qemu-img
|
||||
|
@ -180,7 +180,7 @@ dummy := $(call unnest-vars,.., \
|
||||
block-obj-m \
|
||||
chardev-obj-y \
|
||||
crypto-obj-y \
|
||||
crypto-aes-obj-y \
|
||||
crypto-user-obj-y \
|
||||
qom-obj-y \
|
||||
io-obj-y \
|
||||
common-obj-y \
|
||||
@ -189,7 +189,7 @@ all-obj-y += $(common-obj-y)
|
||||
all-obj-y += $(qom-obj-y)
|
||||
all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y)
|
||||
all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y) $(chardev-obj-y)
|
||||
all-obj-$(CONFIG_USER_ONLY) += $(crypto-aes-obj-y)
|
||||
all-obj-$(CONFIG_USER_ONLY) += $(crypto-user-obj-y)
|
||||
all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y)
|
||||
all-obj-$(CONFIG_SOFTMMU) += $(io-obj-y)
|
||||
|
||||
|
87
configure
vendored
87
configure
vendored
@ -2784,17 +2784,23 @@ fi
|
||||
# GNUTLS probe
|
||||
|
||||
if test "$gnutls" != "no"; then
|
||||
pass="no"
|
||||
if $pkg_config --exists "gnutls >= 3.1.18"; then
|
||||
gnutls_cflags=$($pkg_config --cflags gnutls)
|
||||
gnutls_libs=$($pkg_config --libs gnutls)
|
||||
libs_softmmu="$gnutls_libs $libs_softmmu"
|
||||
libs_tools="$gnutls_libs $libs_tools"
|
||||
QEMU_CFLAGS="$QEMU_CFLAGS $gnutls_cflags"
|
||||
gnutls="yes"
|
||||
elif test "$gnutls" = "yes"; then
|
||||
# Packaging for the static libraries is not always correct.
|
||||
# At least ubuntu 18.04 ships only shared libraries.
|
||||
write_c_skeleton
|
||||
if compile_prog "" "$gnutls_libs" ; then
|
||||
LIBS="$gnutls_libs $LIBS"
|
||||
QEMU_CFLAGS="$QEMU_CFLAGS $gnutls_cflags"
|
||||
pass="yes"
|
||||
fi
|
||||
fi
|
||||
if test "$pass" = "no" && test "$gnutls" = "yes"; then
|
||||
feature_not_found "gnutls" "Install gnutls devel >= 3.1.18"
|
||||
else
|
||||
gnutls="no"
|
||||
gnutls="$pass"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -2849,43 +2855,52 @@ has_libgcrypt() {
|
||||
|
||||
|
||||
if test "$nettle" != "no"; then
|
||||
pass="no"
|
||||
if $pkg_config --exists "nettle >= 2.7.1"; then
|
||||
nettle_cflags=$($pkg_config --cflags nettle)
|
||||
nettle_libs=$($pkg_config --libs nettle)
|
||||
nettle_version=$($pkg_config --modversion nettle)
|
||||
libs_softmmu="$nettle_libs $libs_softmmu"
|
||||
libs_tools="$nettle_libs $libs_tools"
|
||||
QEMU_CFLAGS="$QEMU_CFLAGS $nettle_cflags"
|
||||
nettle="yes"
|
||||
|
||||
if test -z "$gcrypt"; then
|
||||
gcrypt="no"
|
||||
# Link test to make sure the given libraries work (e.g for static).
|
||||
write_c_skeleton
|
||||
if compile_prog "" "$nettle_libs" ; then
|
||||
LIBS="$nettle_libs $LIBS"
|
||||
QEMU_CFLAGS="$QEMU_CFLAGS $nettle_cflags"
|
||||
if test -z "$gcrypt"; then
|
||||
gcrypt="no"
|
||||
fi
|
||||
pass="yes"
|
||||
fi
|
||||
fi
|
||||
if test "$pass" = "no" && test "$nettle" = "yes"; then
|
||||
feature_not_found "nettle" "Install nettle devel >= 2.7.1"
|
||||
else
|
||||
if test "$nettle" = "yes"; then
|
||||
feature_not_found "nettle" "Install nettle devel >= 2.7.1"
|
||||
else
|
||||
nettle="no"
|
||||
fi
|
||||
nettle="$pass"
|
||||
fi
|
||||
fi
|
||||
|
||||
if test "$gcrypt" != "no"; then
|
||||
pass="no"
|
||||
if has_libgcrypt; then
|
||||
gcrypt_cflags=$(libgcrypt-config --cflags)
|
||||
gcrypt_libs=$(libgcrypt-config --libs)
|
||||
# Debian has remove -lgpg-error from libgcrypt-config
|
||||
# Debian has removed -lgpg-error from libgcrypt-config
|
||||
# as it "spreads unnecessary dependencies" which in
|
||||
# turn breaks static builds...
|
||||
if test "$static" = "yes"
|
||||
then
|
||||
gcrypt_libs="$gcrypt_libs -lgpg-error"
|
||||
fi
|
||||
libs_softmmu="$gcrypt_libs $libs_softmmu"
|
||||
libs_tools="$gcrypt_libs $libs_tools"
|
||||
QEMU_CFLAGS="$QEMU_CFLAGS $gcrypt_cflags"
|
||||
gcrypt="yes"
|
||||
|
||||
# Link test to make sure the given libraries work (e.g for static).
|
||||
write_c_skeleton
|
||||
if compile_prog "" "$gcrypt_libs" ; then
|
||||
LIBS="$gcrypt_libs $LIBS"
|
||||
QEMU_CFLAGS="$QEMU_CFLAGS $gcrypt_cflags"
|
||||
pass="yes"
|
||||
fi
|
||||
fi
|
||||
if test "$pass" = "yes"; then
|
||||
gcrypt="yes"
|
||||
cat > $TMPC << EOF
|
||||
#include <gcrypt.h>
|
||||
int main(void) {
|
||||
@ -2898,12 +2913,10 @@ EOF
|
||||
if compile_prog "$gcrypt_cflags" "$gcrypt_libs" ; then
|
||||
gcrypt_hmac=yes
|
||||
fi
|
||||
elif test "$gcrypt" = "yes"; then
|
||||
feature_not_found "gcrypt" "Install gcrypt devel >= 1.5.0"
|
||||
else
|
||||
if test "$gcrypt" = "yes"; then
|
||||
feature_not_found "gcrypt" "Install gcrypt devel >= 1.5.0"
|
||||
else
|
||||
gcrypt="no"
|
||||
fi
|
||||
gcrypt="no"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -5802,6 +5815,20 @@ if compile_prog "" "" ; then
|
||||
have_utmpx=yes
|
||||
fi
|
||||
|
||||
##########################################
|
||||
# check for getrandom()
|
||||
|
||||
have_getrandom=no
|
||||
cat > $TMPC << EOF
|
||||
#include <sys/random.h>
|
||||
int main(void) {
|
||||
return getrandom(0, 0, GRND_NONBLOCK);
|
||||
}
|
||||
EOF
|
||||
if compile_prog "" "" ; then
|
||||
have_getrandom=yes
|
||||
fi
|
||||
|
||||
##########################################
|
||||
# checks for sanitizers
|
||||
|
||||
@ -7191,7 +7218,9 @@ fi
|
||||
if test "$have_utmpx" = "yes" ; then
|
||||
echo "HAVE_UTMPX=y" >> $config_host_mak
|
||||
fi
|
||||
|
||||
if test "$have_getrandom" = "yes" ; then
|
||||
echo "CONFIG_GETRANDOM=y" >> $config_host_mak
|
||||
fi
|
||||
if test "$ivshmem" = "yes" ; then
|
||||
echo "CONFIG_IVSHMEM=y" >> $config_host_mak
|
||||
fi
|
||||
|
9
cpus.c
9
cpus.c
@ -50,6 +50,7 @@
|
||||
#include "qemu/option.h"
|
||||
#include "qemu/bitmap.h"
|
||||
#include "qemu/seqlock.h"
|
||||
#include "qemu/guest-random.h"
|
||||
#include "tcg.h"
|
||||
#include "hw/nmi.h"
|
||||
#include "sysemu/replay.h"
|
||||
@ -1276,6 +1277,7 @@ static void *qemu_kvm_cpu_thread_fn(void *arg)
|
||||
/* signal CPU creation */
|
||||
cpu->created = true;
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
do {
|
||||
if (cpu_can_run(cpu)) {
|
||||
@ -1319,6 +1321,7 @@ static void *qemu_dummy_cpu_thread_fn(void *arg)
|
||||
/* signal CPU creation */
|
||||
cpu->created = true;
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
do {
|
||||
qemu_mutex_unlock_iothread();
|
||||
@ -1478,6 +1481,7 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg)
|
||||
cpu->created = true;
|
||||
cpu->can_do_io = 1;
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
/* wait for initial kick-off after machine start */
|
||||
while (first_cpu->stopped) {
|
||||
@ -1592,6 +1596,7 @@ static void *qemu_hax_cpu_thread_fn(void *arg)
|
||||
|
||||
hax_init_vcpu(cpu);
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
do {
|
||||
if (cpu_can_run(cpu)) {
|
||||
@ -1631,6 +1636,7 @@ static void *qemu_hvf_cpu_thread_fn(void *arg)
|
||||
/* signal CPU creation */
|
||||
cpu->created = true;
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
do {
|
||||
if (cpu_can_run(cpu)) {
|
||||
@ -1671,6 +1677,7 @@ static void *qemu_whpx_cpu_thread_fn(void *arg)
|
||||
/* signal CPU creation */
|
||||
cpu->created = true;
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
do {
|
||||
if (cpu_can_run(cpu)) {
|
||||
@ -1724,6 +1731,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg)
|
||||
cpu->can_do_io = 1;
|
||||
current_cpu = cpu;
|
||||
qemu_cond_signal(&qemu_cpu_cond);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
|
||||
/* process any pending work */
|
||||
cpu->exit_request = 1;
|
||||
@ -2071,6 +2079,7 @@ void qemu_init_vcpu(CPUState *cpu)
|
||||
cpu->nr_cores = smp_cores;
|
||||
cpu->nr_threads = smp_threads;
|
||||
cpu->stopped = true;
|
||||
cpu->random_seed = qemu_guest_random_seed_thread_part1();
|
||||
|
||||
if (!cpu->as) {
|
||||
/* If the target cpu hasn't set up any address spaces itself,
|
||||
|
@ -19,9 +19,10 @@ crypto-obj-y += tlscredspsk.o
|
||||
crypto-obj-y += tlscredsx509.o
|
||||
crypto-obj-y += tlssession.o
|
||||
crypto-obj-y += secret.o
|
||||
crypto-obj-$(CONFIG_GCRYPT) += random-gcrypt.o
|
||||
crypto-obj-$(if $(CONFIG_GCRYPT),n,$(CONFIG_GNUTLS)) += random-gnutls.o
|
||||
crypto-obj-$(if $(CONFIG_GCRYPT),n,$(if $(CONFIG_GNUTLS),n,y)) += random-platform.o
|
||||
crypto-rng-obj-$(CONFIG_GCRYPT) += random-gcrypt.o
|
||||
crypto-rng-obj-$(if $(CONFIG_GCRYPT),n,$(CONFIG_GNUTLS)) += random-gnutls.o
|
||||
crypto-rng-obj-$(if $(CONFIG_GCRYPT),n,$(if $(CONFIG_GNUTLS),n,y)) += random-platform.o
|
||||
crypto-obj-y += $(crypto-rng-obj-y)
|
||||
crypto-obj-y += pbkdf.o
|
||||
crypto-obj-$(CONFIG_NETTLE) += pbkdf-nettle.o
|
||||
crypto-obj-$(if $(CONFIG_NETTLE),n,$(CONFIG_GCRYPT)) += pbkdf-gcrypt.o
|
||||
@ -35,7 +36,7 @@ crypto-obj-y += block.o
|
||||
crypto-obj-y += block-qcow.o
|
||||
crypto-obj-y += block-luks.o
|
||||
|
||||
# Let the userspace emulators avoid linking gnutls/etc
|
||||
crypto-aes-obj-y = aes.o
|
||||
# Let the userspace emulators avoid linking stuff they won't use.
|
||||
crypto-user-obj-y = aes.o $(crypto-rng-obj-y) init.o
|
||||
|
||||
stub-obj-y += pbkdf-stub.o
|
||||
|
@ -24,7 +24,7 @@
|
||||
|
||||
#include <gcrypt.h>
|
||||
|
||||
int qcrypto_random_bytes(uint8_t *buf,
|
||||
int qcrypto_random_bytes(void *buf,
|
||||
size_t buflen,
|
||||
Error **errp G_GNUC_UNUSED)
|
||||
{
|
||||
|
@ -26,7 +26,7 @@
|
||||
#include <gnutls/gnutls.h>
|
||||
#include <gnutls/crypto.h>
|
||||
|
||||
int qcrypto_random_bytes(uint8_t *buf,
|
||||
int qcrypto_random_bytes(void *buf,
|
||||
size_t buflen,
|
||||
Error **errp)
|
||||
{
|
||||
|
@ -27,68 +27,88 @@
|
||||
#include <wincrypt.h>
|
||||
static HCRYPTPROV hCryptProv;
|
||||
#else
|
||||
static int fd; /* a file handle to either /dev/urandom or /dev/random */
|
||||
# ifdef CONFIG_GETRANDOM
|
||||
# include <sys/random.h>
|
||||
# endif
|
||||
/* This is -1 for getrandom(), or a file handle for /dev/{u,}random. */
|
||||
static int fd;
|
||||
#endif
|
||||
|
||||
int qcrypto_random_init(Error **errp)
|
||||
{
|
||||
#ifndef _WIN32
|
||||
/* TBD perhaps also add support for BSD getentropy / Linux
|
||||
* getrandom syscalls directly */
|
||||
fd = open("/dev/urandom", O_RDONLY);
|
||||
if (fd == -1 && errno == ENOENT) {
|
||||
fd = open("/dev/random", O_RDONLY);
|
||||
}
|
||||
|
||||
if (fd < 0) {
|
||||
error_setg(errp, "No /dev/urandom or /dev/random found");
|
||||
return -1;
|
||||
}
|
||||
#else
|
||||
#ifdef _WIN32
|
||||
if (!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL,
|
||||
CRYPT_SILENT | CRYPT_VERIFYCONTEXT)) {
|
||||
error_setg_win32(errp, GetLastError(),
|
||||
"Unable to create cryptographic provider");
|
||||
return -1;
|
||||
}
|
||||
#else
|
||||
# ifdef CONFIG_GETRANDOM
|
||||
if (getrandom(NULL, 0, 0) == 0) {
|
||||
/* Use getrandom() */
|
||||
fd = -1;
|
||||
return 0;
|
||||
}
|
||||
/* Fall through to /dev/urandom case. */
|
||||
# endif
|
||||
fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
|
||||
if (fd == -1 && errno == ENOENT) {
|
||||
fd = open("/dev/random", O_RDONLY | O_CLOEXEC);
|
||||
}
|
||||
if (fd < 0) {
|
||||
error_setg_errno(errp, errno, "No /dev/urandom or /dev/random");
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,
|
||||
size_t buflen G_GNUC_UNUSED,
|
||||
int qcrypto_random_bytes(void *buf,
|
||||
size_t buflen,
|
||||
Error **errp)
|
||||
{
|
||||
#ifndef _WIN32
|
||||
int ret = -1;
|
||||
int got;
|
||||
|
||||
while (buflen > 0) {
|
||||
got = read(fd, buf, buflen);
|
||||
if (got < 0) {
|
||||
error_setg_errno(errp, errno,
|
||||
"Unable to read random bytes");
|
||||
goto cleanup;
|
||||
} else if (!got) {
|
||||
error_setg(errp,
|
||||
"Unexpected EOF reading random bytes");
|
||||
goto cleanup;
|
||||
}
|
||||
buflen -= got;
|
||||
buf += got;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
cleanup:
|
||||
return ret;
|
||||
#else
|
||||
#ifdef _WIN32
|
||||
if (!CryptGenRandom(hCryptProv, buflen, buf)) {
|
||||
error_setg_win32(errp, GetLastError(),
|
||||
"Unable to read random bytes");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
#else
|
||||
# ifdef CONFIG_GETRANDOM
|
||||
if (likely(fd < 0)) {
|
||||
while (1) {
|
||||
ssize_t got = getrandom(buf, buflen, 0);
|
||||
if (likely(got == buflen)) {
|
||||
return 0;
|
||||
}
|
||||
if (got >= 0) {
|
||||
buflen -= got;
|
||||
buf += got;
|
||||
} else if (errno != EINTR) {
|
||||
error_setg_errno(errp, errno, "getrandom");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
/* Fall through to /dev/urandom case. */
|
||||
# endif
|
||||
while (1) {
|
||||
ssize_t got = read(fd, buf, buflen);
|
||||
if (likely(got == buflen)) {
|
||||
return 0;
|
||||
}
|
||||
if (got > 0) {
|
||||
buflen -= got;
|
||||
buf += got;
|
||||
} else if (got == 0) {
|
||||
error_setg(errp, "Unexpected EOF reading random bytes");
|
||||
return -1;
|
||||
} else if (errno != EINTR) {
|
||||
error_setg_errno(errp, errno, "Unable to read random bytes");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
@ -16,7 +16,7 @@
|
||||
#include "qapi/visitor.h"
|
||||
#include "qemu/bitops.h"
|
||||
#include "qemu/log.h"
|
||||
#include "crypto/random.h"
|
||||
#include "qemu/guest-random.h"
|
||||
#include "trace.h"
|
||||
|
||||
#define TO_REG(offset) ((offset) >> 2)
|
||||
@ -157,14 +157,8 @@ static const uint32_t ast2500_a1_resets[ASPEED_SCU_NR_REGS] = {
|
||||
|
||||
static uint32_t aspeed_scu_get_random(void)
|
||||
{
|
||||
Error *err = NULL;
|
||||
uint32_t num;
|
||||
|
||||
if (qcrypto_random_bytes((uint8_t *)&num, sizeof(num), &err)) {
|
||||
error_report_err(err);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
qemu_guest_getrandom_nofail(&num, sizeof(num));
|
||||
return num;
|
||||
}
|
||||
|
||||
|
@ -9,30 +9,26 @@
|
||||
|
||||
#include "qemu/osdep.h"
|
||||
#include "qemu/log.h"
|
||||
#include "qapi/error.h"
|
||||
#include "crypto/random.h"
|
||||
#include "qemu/guest-random.h"
|
||||
#include "hw/misc/bcm2835_rng.h"
|
||||
|
||||
static uint32_t get_random_bytes(void)
|
||||
{
|
||||
uint32_t res;
|
||||
Error *err = NULL;
|
||||
|
||||
if (qcrypto_random_bytes((uint8_t *)&res, sizeof(res), &err) < 0) {
|
||||
/* On failure we don't want to return the guest a non-random
|
||||
* value in case they're really using it for cryptographic
|
||||
* purposes, so the best we can do is die here.
|
||||
* This shouldn't happen unless something's broken.
|
||||
* In theory we could implement this device's full FIFO
|
||||
* and interrupt semantics and then just stop filling the
|
||||
* FIFO. That's a lot of work, though, so we assume any
|
||||
* errors are systematic problems and trust that if we didn't
|
||||
* fail as the guest inited then we won't fail later on
|
||||
* mid-run.
|
||||
*/
|
||||
error_report_err(err);
|
||||
exit(1);
|
||||
}
|
||||
/*
|
||||
* On failure we don't want to return the guest a non-random
|
||||
* value in case they're really using it for cryptographic
|
||||
* purposes, so the best we can do is die here.
|
||||
* This shouldn't happen unless something's broken.
|
||||
* In theory we could implement this device's full FIFO
|
||||
* and interrupt semantics and then just stop filling the
|
||||
* FIFO. That's a lot of work, though, so we assume any
|
||||
* errors are systematic problems and trust that if we didn't
|
||||
* fail as the guest inited then we won't fail later on
|
||||
* mid-run.
|
||||
*/
|
||||
qemu_guest_getrandom_nofail(&res, sizeof(res));
|
||||
return res;
|
||||
}
|
||||
|
||||
|
@ -18,10 +18,10 @@
|
||||
*/
|
||||
|
||||
#include "qemu/osdep.h"
|
||||
#include "crypto/random.h"
|
||||
#include "hw/sysbus.h"
|
||||
#include "qapi/error.h"
|
||||
#include "qemu/log.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
#define DEBUG_EXYNOS_RNG 0
|
||||
|
||||
@ -109,7 +109,6 @@ static void exynos4210_rng_set_seed(Exynos4210RngState *s, unsigned int i,
|
||||
static void exynos4210_rng_run_engine(Exynos4210RngState *s)
|
||||
{
|
||||
Error *err = NULL;
|
||||
int ret;
|
||||
|
||||
/* Seed set? */
|
||||
if ((s->reg_status & EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE) == 0) {
|
||||
@ -127,13 +126,11 @@ static void exynos4210_rng_run_engine(Exynos4210RngState *s)
|
||||
}
|
||||
|
||||
/* Get randoms */
|
||||
ret = qcrypto_random_bytes((uint8_t *)s->randr_value,
|
||||
sizeof(s->randr_value), &err);
|
||||
if (!ret) {
|
||||
if (qemu_guest_getrandom(s->randr_value, sizeof(s->randr_value), &err)) {
|
||||
error_report_err(err);
|
||||
} else {
|
||||
/* Notify that PRNG is ready */
|
||||
s->reg_status |= EXYNOS4210_RNG_STATUS_PRNG_DONE;
|
||||
} else {
|
||||
error_report_err(err);
|
||||
}
|
||||
|
||||
out:
|
||||
|
@ -14,7 +14,7 @@
|
||||
#include "qapi/error.h"
|
||||
#include "hw/arm/nrf51.h"
|
||||
#include "hw/misc/nrf51_rng.h"
|
||||
#include "crypto/random.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
static void update_irq(NRF51RNGState *s)
|
||||
{
|
||||
@ -145,7 +145,7 @@ static void nrf51_rng_timer_expire(void *opaque)
|
||||
{
|
||||
NRF51RNGState *s = NRF51_RNG(opaque);
|
||||
|
||||
qcrypto_random_bytes(&s->value, 1, &error_abort);
|
||||
qemu_guest_getrandom_nofail(&s->value, 1);
|
||||
|
||||
s->event_valrdy = 1;
|
||||
qemu_set_irq(s->eep_valrdy, 1);
|
||||
|
@ -34,7 +34,7 @@
|
||||
*
|
||||
* Returns 0 on success, -1 on error
|
||||
*/
|
||||
int qcrypto_random_bytes(uint8_t *buf,
|
||||
int qcrypto_random_bytes(void *buf,
|
||||
size_t buflen,
|
||||
Error **errp);
|
||||
|
||||
|
68
include/qemu/guest-random.h
Normal file
68
include/qemu/guest-random.h
Normal file
@ -0,0 +1,68 @@
|
||||
/*
|
||||
* QEMU guest-visible random functions
|
||||
*
|
||||
* Copyright 2019 Linaro, Ltd.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the Free
|
||||
* Software Foundation; either version 2 of the License, or (at your option)
|
||||
* any later version.
|
||||
*/
|
||||
|
||||
#ifndef QEMU_GUEST_RANDOM_H
|
||||
#define QEMU_GUEST_RANDOM_H
|
||||
|
||||
/**
|
||||
* qemu_guest_random_seed_main(const char *optarg, Error **errp)
|
||||
* @optarg: a non-NULL pointer to a C string
|
||||
* @errp: an error indicator
|
||||
*
|
||||
* The @optarg value is that which accompanies the -seed argument.
|
||||
* This forces qemu_guest_getrandom into deterministic mode.
|
||||
*
|
||||
* Returns 0 on success, < 0 on failure while setting *errp.
|
||||
*/
|
||||
int qemu_guest_random_seed_main(const char *optarg, Error **errp);
|
||||
|
||||
/**
|
||||
* qemu_guest_random_seed_thread_part1(void)
|
||||
*
|
||||
* If qemu_getrandom is in deterministic mode, returns an
|
||||
* independent seed for the new thread. Otherwise returns 0.
|
||||
*/
|
||||
uint64_t qemu_guest_random_seed_thread_part1(void);
|
||||
|
||||
/**
|
||||
* qemu_guest_random_seed_thread_part2(uint64_t seed)
|
||||
* @seed: a value for the new thread.
|
||||
*
|
||||
* If qemu_guest_getrandom is in deterministic mode, this stores an
|
||||
* independent seed for the new thread. Otherwise a no-op.
|
||||
*/
|
||||
void qemu_guest_random_seed_thread_part2(uint64_t seed);
|
||||
|
||||
/**
|
||||
* qemu_guest_getrandom(void *buf, size_t len, Error **errp)
|
||||
* @buf: a buffer of bytes to be written
|
||||
* @len: the number of bytes in @buf
|
||||
* @errp: an error indicator
|
||||
*
|
||||
* Fills len bytes in buf with random data. This should only be used
|
||||
* for data presented to the guest. Host-side crypto services should
|
||||
* use qcrypto_random_bytes.
|
||||
*
|
||||
* Returns 0 on success, < 0 on failure while setting *errp.
|
||||
*/
|
||||
int qemu_guest_getrandom(void *buf, size_t len, Error **errp);
|
||||
|
||||
/**
|
||||
* qemu_guest_getrandom_nofail(void *buf, size_t len)
|
||||
* @buf: a buffer of bytes to be written
|
||||
* @len: the number of bytes in @buf
|
||||
*
|
||||
* Like qemu_guest_getrandom, but will assert for failure.
|
||||
* Use this when there is no reasonable recovery.
|
||||
*/
|
||||
void qemu_guest_getrandom_nofail(void *buf, size_t len);
|
||||
|
||||
#endif /* QEMU_GUEST_RANDOM_H */
|
@ -375,6 +375,7 @@ struct CPUState {
|
||||
int singlestep_enabled;
|
||||
int64_t icount_budget;
|
||||
int64_t icount_extra;
|
||||
uint64_t random_seed;
|
||||
sigjmp_buf jmp_env;
|
||||
|
||||
QemuMutex work_mutex;
|
||||
|
@ -20,6 +20,7 @@
|
||||
#include "qemu/osdep.h"
|
||||
#include "qemu.h"
|
||||
#include "cpu_loop-common.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
#define get_user_code_u32(x, gaddr, env) \
|
||||
({ abi_long __r = get_user_u32((x), (gaddr)); \
|
||||
@ -147,24 +148,6 @@ void cpu_loop(CPUARMState *env)
|
||||
}
|
||||
}
|
||||
|
||||
static uint64_t arm_rand64(void)
|
||||
{
|
||||
int shift = 64 - clz64(RAND_MAX);
|
||||
int i, n = 64 / shift + (64 % shift != 0);
|
||||
uint64_t ret = 0;
|
||||
|
||||
for (i = 0; i < n; i++) {
|
||||
ret = (ret << shift) | rand();
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
void arm_init_pauth_key(ARMPACKey *key)
|
||||
{
|
||||
key->lo = arm_rand64();
|
||||
key->hi = arm_rand64();
|
||||
}
|
||||
|
||||
void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
|
||||
{
|
||||
ARMCPU *cpu = arm_env_get_cpu(env);
|
||||
@ -192,11 +175,7 @@ void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
|
||||
#endif
|
||||
|
||||
if (cpu_isar_feature(aa64_pauth, cpu)) {
|
||||
arm_init_pauth_key(&env->apia_key);
|
||||
arm_init_pauth_key(&env->apib_key);
|
||||
arm_init_pauth_key(&env->apda_key);
|
||||
arm_init_pauth_key(&env->apdb_key);
|
||||
arm_init_pauth_key(&env->apga_key);
|
||||
qemu_guest_getrandom_nofail(&env->keys, sizeof(env->keys));
|
||||
}
|
||||
|
||||
ts->stack_base = info->start_stack;
|
||||
|
@ -29,6 +29,4 @@ struct target_pt_regs {
|
||||
# define TARGET_PR_PAC_APDBKEY (1 << 3)
|
||||
# define TARGET_PR_PAC_APGAKEY (1 << 4)
|
||||
|
||||
void arm_init_pauth_key(ARMPACKey *key);
|
||||
|
||||
#endif /* AARCH64_TARGET_SYSCALL_H */
|
||||
|
@ -7,6 +7,7 @@
|
||||
#include "qemu.h"
|
||||
#include "disas/disas.h"
|
||||
#include "qemu/path.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
#ifdef _ARCH_PPC64
|
||||
#undef ARCH_DLINFO
|
||||
@ -1883,12 +1884,9 @@ static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
|
||||
}
|
||||
|
||||
/*
|
||||
* Generate 16 random bytes for userspace PRNG seeding (not
|
||||
* cryptically secure but it's not the aim of QEMU).
|
||||
* Generate 16 random bytes for userspace PRNG seeding.
|
||||
*/
|
||||
for (i = 0; i < 16; i++) {
|
||||
k_rand_bytes[i] = rand();
|
||||
}
|
||||
qemu_guest_getrandom_nofail(k_rand_bytes, sizeof(k_rand_bytes));
|
||||
if (STACK_GROWS_DOWN) {
|
||||
sp -= 16;
|
||||
u_rand_bytes = sp;
|
||||
|
@ -34,10 +34,12 @@
|
||||
#include "tcg.h"
|
||||
#include "qemu/timer.h"
|
||||
#include "qemu/envlist.h"
|
||||
#include "qemu/guest-random.h"
|
||||
#include "elf.h"
|
||||
#include "trace/control.h"
|
||||
#include "target_elf.h"
|
||||
#include "cpu_loop-common.h"
|
||||
#include "crypto/init.h"
|
||||
|
||||
char *exec_path;
|
||||
|
||||
@ -48,6 +50,7 @@ static int gdbstub_port;
|
||||
static envlist_t *envlist;
|
||||
static const char *cpu_model;
|
||||
static const char *cpu_type;
|
||||
static const char *seed_optarg;
|
||||
unsigned long mmap_min_addr;
|
||||
unsigned long guest_base;
|
||||
int have_guest_base;
|
||||
@ -290,15 +293,9 @@ static void handle_arg_pagesize(const char *arg)
|
||||
}
|
||||
}
|
||||
|
||||
static void handle_arg_randseed(const char *arg)
|
||||
static void handle_arg_seed(const char *arg)
|
||||
{
|
||||
unsigned long long seed;
|
||||
|
||||
if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) {
|
||||
fprintf(stderr, "Invalid seed number: %s\n", arg);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
srand(seed);
|
||||
seed_optarg = arg;
|
||||
}
|
||||
|
||||
static void handle_arg_gdb(const char *arg)
|
||||
@ -433,7 +430,7 @@ static const struct qemu_argument arg_table[] = {
|
||||
"", "run in singlestep mode"},
|
||||
{"strace", "QEMU_STRACE", false, handle_arg_strace,
|
||||
"", "log system calls"},
|
||||
{"seed", "QEMU_RAND_SEED", true, handle_arg_randseed,
|
||||
{"seed", "QEMU_RAND_SEED", true, handle_arg_seed,
|
||||
"", "Seed for pseudo-random number generator"},
|
||||
{"trace", "QEMU_TRACE", true, handle_arg_trace,
|
||||
"", "[[enable=]<pattern>][,events=<file>][,file=<file>]"},
|
||||
@ -626,8 +623,6 @@ int main(int argc, char **argv, char **envp)
|
||||
|
||||
cpu_model = NULL;
|
||||
|
||||
srand(time(NULL));
|
||||
|
||||
qemu_add_opts(&qemu_trace_opts);
|
||||
|
||||
optind = parse_args(argc, argv);
|
||||
@ -689,8 +684,20 @@ int main(int argc, char **argv, char **envp)
|
||||
do_strace = 1;
|
||||
}
|
||||
|
||||
if (getenv("QEMU_RAND_SEED")) {
|
||||
handle_arg_randseed(getenv("QEMU_RAND_SEED"));
|
||||
if (seed_optarg == NULL) {
|
||||
seed_optarg = getenv("QEMU_RAND_SEED");
|
||||
}
|
||||
{
|
||||
Error *err = NULL;
|
||||
if (seed_optarg != NULL) {
|
||||
qemu_guest_random_seed_main(seed_optarg, &err);
|
||||
} else {
|
||||
qcrypto_init(&err);
|
||||
}
|
||||
if (err) {
|
||||
error_reportf_err(err, "cannot initialize crypto: ");
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
target_environ = envlist_to_environ(envlist, NULL);
|
||||
|
@ -107,6 +107,8 @@
|
||||
#include "uname.h"
|
||||
|
||||
#include "qemu.h"
|
||||
#include "qemu/guest-random.h"
|
||||
#include "qapi/error.h"
|
||||
#include "fd-trans.h"
|
||||
|
||||
#ifndef CLONE_IO
|
||||
@ -5482,6 +5484,7 @@ static void *clone_func(void *arg)
|
||||
put_user_u32(info->tid, info->child_tidptr);
|
||||
if (info->parent_tidptr)
|
||||
put_user_u32(info->tid, info->parent_tidptr);
|
||||
qemu_guest_random_seed_thread_part2(cpu->random_seed);
|
||||
/* Enable signals. */
|
||||
sigprocmask(SIG_SETMASK, &info->sigmask, NULL);
|
||||
/* Signal to the parent that we're ready. */
|
||||
@ -5568,6 +5571,7 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
|
||||
initializing, so temporarily block all signals. */
|
||||
sigfillset(&sigmask);
|
||||
sigprocmask(SIG_BLOCK, &sigmask, &info.sigmask);
|
||||
cpu->random_seed = qemu_guest_random_seed_thread_part1();
|
||||
|
||||
/* If this is our first additional thread, we need to ensure we
|
||||
* generate code for parallel execution and flush old translations.
|
||||
@ -9762,25 +9766,45 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
|
||||
int all = (TARGET_PR_PAC_APIAKEY | TARGET_PR_PAC_APIBKEY |
|
||||
TARGET_PR_PAC_APDAKEY | TARGET_PR_PAC_APDBKEY |
|
||||
TARGET_PR_PAC_APGAKEY);
|
||||
int ret = 0;
|
||||
Error *err = NULL;
|
||||
|
||||
if (arg2 == 0) {
|
||||
arg2 = all;
|
||||
} else if (arg2 & ~all) {
|
||||
return -TARGET_EINVAL;
|
||||
}
|
||||
if (arg2 & TARGET_PR_PAC_APIAKEY) {
|
||||
arm_init_pauth_key(&env->apia_key);
|
||||
ret |= qemu_guest_getrandom(&env->keys.apia,
|
||||
sizeof(ARMPACKey), &err);
|
||||
}
|
||||
if (arg2 & TARGET_PR_PAC_APIBKEY) {
|
||||
arm_init_pauth_key(&env->apib_key);
|
||||
ret |= qemu_guest_getrandom(&env->keys.apib,
|
||||
sizeof(ARMPACKey), &err);
|
||||
}
|
||||
if (arg2 & TARGET_PR_PAC_APDAKEY) {
|
||||
arm_init_pauth_key(&env->apda_key);
|
||||
ret |= qemu_guest_getrandom(&env->keys.apda,
|
||||
sizeof(ARMPACKey), &err);
|
||||
}
|
||||
if (arg2 & TARGET_PR_PAC_APDBKEY) {
|
||||
arm_init_pauth_key(&env->apdb_key);
|
||||
ret |= qemu_guest_getrandom(&env->keys.apdb,
|
||||
sizeof(ARMPACKey), &err);
|
||||
}
|
||||
if (arg2 & TARGET_PR_PAC_APGAKEY) {
|
||||
arm_init_pauth_key(&env->apga_key);
|
||||
ret |= qemu_guest_getrandom(&env->keys.apga,
|
||||
sizeof(ARMPACKey), &err);
|
||||
}
|
||||
if (ret != 0) {
|
||||
/*
|
||||
* Some unknown failure in the crypto. The best
|
||||
* we can do is log it and fail the syscall.
|
||||
* The real syscall cannot fail this way.
|
||||
*/
|
||||
qemu_log_mask(LOG_UNIMP,
|
||||
"PR_PAC_RESET_KEYS: Crypto failure: %s",
|
||||
error_get_pretty(err));
|
||||
error_free(err);
|
||||
return -TARGET_EIO;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
@ -3641,6 +3641,16 @@ the 0x200 sized block starting at 0xffffffc000080000 and another 0x1000 sized
|
||||
block starting at 0xffffffc00005f000.
|
||||
ETEXI
|
||||
|
||||
DEF("seed", HAS_ARG, QEMU_OPTION_seed, \
|
||||
"-seed number seed the pseudo-random number generator\n",
|
||||
QEMU_ARCH_ALL)
|
||||
STEXI
|
||||
@item -seed @var{number}
|
||||
@findex -seed
|
||||
Force the guest to use a deterministic pseudo-random number generator, seeded
|
||||
with @var{number}. This does not affect crypto routines within the host.
|
||||
ETEXI
|
||||
|
||||
DEF("L", HAS_ARG, QEMU_OPTION_L, \
|
||||
"-L path set the directory for the BIOS, VGA BIOS and keymaps\n",
|
||||
QEMU_ARCH_ALL)
|
||||
|
@ -636,11 +636,13 @@ typedef struct CPUARMState {
|
||||
} iwmmxt;
|
||||
|
||||
#ifdef TARGET_AARCH64
|
||||
ARMPACKey apia_key;
|
||||
ARMPACKey apib_key;
|
||||
ARMPACKey apda_key;
|
||||
ARMPACKey apdb_key;
|
||||
ARMPACKey apga_key;
|
||||
struct {
|
||||
ARMPACKey apia;
|
||||
ARMPACKey apib;
|
||||
ARMPACKey apda;
|
||||
ARMPACKey apdb;
|
||||
ARMPACKey apga;
|
||||
} keys;
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_USER_ONLY)
|
||||
@ -3519,6 +3521,11 @@ static inline bool isar_feature_aa64_condm_5(const ARMISARegisters *id)
|
||||
return FIELD_EX64(id->id_aa64isar0, ID_AA64ISAR0, TS) >= 2;
|
||||
}
|
||||
|
||||
static inline bool isar_feature_aa64_rndr(const ARMISARegisters *id)
|
||||
{
|
||||
return FIELD_EX64(id->id_aa64isar0, ID_AA64ISAR0, RNDR) != 0;
|
||||
}
|
||||
|
||||
static inline bool isar_feature_aa64_jscvt(const ARMISARegisters *id)
|
||||
{
|
||||
return FIELD_EX64(id->id_aa64isar1, ID_AA64ISAR1, JSCVT) != 0;
|
||||
|
@ -310,6 +310,7 @@ static void aarch64_max_initfn(Object *obj)
|
||||
t = FIELD_DP64(t, ID_AA64ISAR0, DP, 1);
|
||||
t = FIELD_DP64(t, ID_AA64ISAR0, FHM, 1);
|
||||
t = FIELD_DP64(t, ID_AA64ISAR0, TS, 2); /* v8.5-CondM */
|
||||
t = FIELD_DP64(t, ID_AA64ISAR0, RNDR, 1);
|
||||
cpu->isar.id_aa64isar0 = t;
|
||||
|
||||
t = cpu->isar.id_aa64isar1;
|
||||
|
@ -22,6 +22,8 @@
|
||||
#include "fpu/softfloat.h"
|
||||
#include "qemu/range.h"
|
||||
#include "qapi/qapi-commands-target.h"
|
||||
#include "qapi/error.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
#define ARM_CPU_FREQ 1000000000 /* FIXME: 1 GHz, should be configurable */
|
||||
|
||||
@ -5707,43 +5709,82 @@ static const ARMCPRegInfo pauth_reginfo[] = {
|
||||
{ .name = "APDAKEYLO_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 0,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apda_key.lo) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apda.lo) },
|
||||
{ .name = "APDAKEYHI_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 1,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apda_key.hi) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apda.hi) },
|
||||
{ .name = "APDBKEYLO_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 2,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apdb_key.lo) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apdb.lo) },
|
||||
{ .name = "APDBKEYHI_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 3,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apdb_key.hi) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apdb.hi) },
|
||||
{ .name = "APGAKEYLO_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 3, .opc2 = 0,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apga_key.lo) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apga.lo) },
|
||||
{ .name = "APGAKEYHI_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 3, .opc2 = 1,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apga_key.hi) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apga.hi) },
|
||||
{ .name = "APIAKEYLO_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 0,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apia_key.lo) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apia.lo) },
|
||||
{ .name = "APIAKEYHI_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 1,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apia_key.hi) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apia.hi) },
|
||||
{ .name = "APIBKEYLO_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 2,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apib_key.lo) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apib.lo) },
|
||||
{ .name = "APIBKEYHI_EL1", .state = ARM_CP_STATE_AA64,
|
||||
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 3,
|
||||
.access = PL1_RW, .accessfn = access_pauth,
|
||||
.fieldoffset = offsetof(CPUARMState, apib_key.hi) },
|
||||
.fieldoffset = offsetof(CPUARMState, keys.apib.hi) },
|
||||
REGINFO_SENTINEL
|
||||
};
|
||||
|
||||
static uint64_t rndr_readfn(CPUARMState *env, const ARMCPRegInfo *ri)
|
||||
{
|
||||
Error *err = NULL;
|
||||
uint64_t ret;
|
||||
|
||||
/* Success sets NZCV = 0000. */
|
||||
env->NF = env->CF = env->VF = 0, env->ZF = 1;
|
||||
|
||||
if (qemu_guest_getrandom(&ret, sizeof(ret), &err) < 0) {
|
||||
/*
|
||||
* ??? Failed, for unknown reasons in the crypto subsystem.
|
||||
* The best we can do is log the reason and return the
|
||||
* timed-out indication to the guest. There is no reason
|
||||
* we know to expect this failure to be transitory, so the
|
||||
* guest may well hang retrying the operation.
|
||||
*/
|
||||
qemu_log_mask(LOG_UNIMP, "%s: Crypto failure: %s",
|
||||
ri->name, error_get_pretty(err));
|
||||
error_free(err);
|
||||
|
||||
env->ZF = 0; /* NZCF = 0100 */
|
||||
return 0;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* We do not support re-seeding, so the two registers operate the same. */
|
||||
static const ARMCPRegInfo rndr_reginfo[] = {
|
||||
{ .name = "RNDR", .state = ARM_CP_STATE_AA64,
|
||||
.type = ARM_CP_NO_RAW | ARM_CP_SUPPRESS_TB_END | ARM_CP_IO,
|
||||
.opc0 = 3, .opc1 = 3, .crn = 2, .crm = 4, .opc2 = 0,
|
||||
.access = PL0_R, .readfn = rndr_readfn },
|
||||
{ .name = "RNDRRS", .state = ARM_CP_STATE_AA64,
|
||||
.type = ARM_CP_NO_RAW | ARM_CP_SUPPRESS_TB_END | ARM_CP_IO,
|
||||
.opc0 = 3, .opc1 = 3, .crn = 2, .crm = 4, .opc2 = 1,
|
||||
.access = PL0_R, .readfn = rndr_readfn },
|
||||
REGINFO_SENTINEL
|
||||
};
|
||||
#endif
|
||||
@ -6690,6 +6731,9 @@ void register_cp_regs_for_features(ARMCPU *cpu)
|
||||
if (cpu_isar_feature(aa64_pauth, cpu)) {
|
||||
define_arm_cp_regs(cpu, pauth_reginfo);
|
||||
}
|
||||
if (cpu_isar_feature(aa64_rndr, cpu)) {
|
||||
define_arm_cp_regs(cpu, rndr_reginfo);
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
@ -403,7 +403,7 @@ uint64_t HELPER(pacia)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_addpac(env, x, y, &env->apia_key, false);
|
||||
return pauth_addpac(env, x, y, &env->keys.apia, false);
|
||||
}
|
||||
|
||||
uint64_t HELPER(pacib)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -413,7 +413,7 @@ uint64_t HELPER(pacib)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_addpac(env, x, y, &env->apib_key, false);
|
||||
return pauth_addpac(env, x, y, &env->keys.apib, false);
|
||||
}
|
||||
|
||||
uint64_t HELPER(pacda)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -423,7 +423,7 @@ uint64_t HELPER(pacda)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_addpac(env, x, y, &env->apda_key, true);
|
||||
return pauth_addpac(env, x, y, &env->keys.apda, true);
|
||||
}
|
||||
|
||||
uint64_t HELPER(pacdb)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -433,7 +433,7 @@ uint64_t HELPER(pacdb)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_addpac(env, x, y, &env->apdb_key, true);
|
||||
return pauth_addpac(env, x, y, &env->keys.apdb, true);
|
||||
}
|
||||
|
||||
uint64_t HELPER(pacga)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -441,7 +441,7 @@ uint64_t HELPER(pacga)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
uint64_t pac;
|
||||
|
||||
pauth_check_trap(env, arm_current_el(env), GETPC());
|
||||
pac = pauth_computepac(x, y, env->apga_key);
|
||||
pac = pauth_computepac(x, y, env->keys.apga);
|
||||
|
||||
return pac & 0xffffffff00000000ull;
|
||||
}
|
||||
@ -453,7 +453,7 @@ uint64_t HELPER(autia)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_auth(env, x, y, &env->apia_key, false, 0);
|
||||
return pauth_auth(env, x, y, &env->keys.apia, false, 0);
|
||||
}
|
||||
|
||||
uint64_t HELPER(autib)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -463,7 +463,7 @@ uint64_t HELPER(autib)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_auth(env, x, y, &env->apib_key, false, 1);
|
||||
return pauth_auth(env, x, y, &env->keys.apib, false, 1);
|
||||
}
|
||||
|
||||
uint64_t HELPER(autda)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -473,7 +473,7 @@ uint64_t HELPER(autda)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_auth(env, x, y, &env->apda_key, true, 0);
|
||||
return pauth_auth(env, x, y, &env->keys.apda, true, 0);
|
||||
}
|
||||
|
||||
uint64_t HELPER(autdb)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
@ -483,7 +483,7 @@ uint64_t HELPER(autdb)(CPUARMState *env, uint64_t x, uint64_t y)
|
||||
return x;
|
||||
}
|
||||
pauth_check_trap(env, el, GETPC());
|
||||
return pauth_auth(env, x, y, &env->apdb_key, true, 1);
|
||||
return pauth_auth(env, x, y, &env->keys.apdb, true, 1);
|
||||
}
|
||||
|
||||
uint64_t HELPER(xpaci)(CPUARMState *env, uint64_t a)
|
||||
|
@ -730,13 +730,14 @@ static void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
|
||||
CPUID_EXT_MONITOR | CPUID_EXT_SSSE3 | CPUID_EXT_CX16 | \
|
||||
CPUID_EXT_SSE41 | CPUID_EXT_SSE42 | CPUID_EXT_POPCNT | \
|
||||
CPUID_EXT_XSAVE | /* CPUID_EXT_OSXSAVE is dynamic */ \
|
||||
CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR)
|
||||
CPUID_EXT_MOVBE | CPUID_EXT_AES | CPUID_EXT_HYPERVISOR | \
|
||||
CPUID_EXT_RDRAND)
|
||||
/* missing:
|
||||
CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_SMX,
|
||||
CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_CID, CPUID_EXT_FMA,
|
||||
CPUID_EXT_XTPR, CPUID_EXT_PDCM, CPUID_EXT_PCID, CPUID_EXT_DCA,
|
||||
CPUID_EXT_X2APIC, CPUID_EXT_TSC_DEADLINE_TIMER, CPUID_EXT_AVX,
|
||||
CPUID_EXT_F16C, CPUID_EXT_RDRAND */
|
||||
CPUID_EXT_F16C */
|
||||
|
||||
#ifdef TARGET_X86_64
|
||||
#define TCG_EXT2_X86_64_FEATURES (CPUID_EXT2_SYSCALL | CPUID_EXT2_LM)
|
||||
|
@ -226,3 +226,5 @@ DEF_HELPER_3(rcrl, tl, env, tl, tl)
|
||||
DEF_HELPER_3(rclq, tl, env, tl, tl)
|
||||
DEF_HELPER_3(rcrq, tl, env, tl, tl)
|
||||
#endif
|
||||
|
||||
DEF_HELPER_1(rdrand, tl, env)
|
||||
|
@ -22,6 +22,8 @@
|
||||
#include "exec/exec-all.h"
|
||||
#include "qemu/host-utils.h"
|
||||
#include "exec/helper-proto.h"
|
||||
#include "qapi/error.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
//#define DEBUG_MULDIV
|
||||
|
||||
@ -470,3 +472,22 @@ void helper_cr4_testbit(CPUX86State *env, uint32_t bit)
|
||||
raise_exception_ra(env, EXCP06_ILLOP, GETPC());
|
||||
}
|
||||
}
|
||||
|
||||
target_ulong HELPER(rdrand)(CPUX86State *env)
|
||||
{
|
||||
Error *err = NULL;
|
||||
target_ulong ret;
|
||||
|
||||
if (qemu_guest_getrandom(&ret, sizeof(ret), &err) < 0) {
|
||||
qemu_log_mask(LOG_UNIMP, "rdrand: Crypto failure: %s",
|
||||
error_get_pretty(err));
|
||||
error_free(err);
|
||||
/* Failure clears CF and all other flags, and returns 0. */
|
||||
env->cc_src = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Success sets CF and clears all others. */
|
||||
env->cc_src = CC_C;
|
||||
return ret;
|
||||
}
|
||||
|
@ -5332,31 +5332,63 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
|
||||
case 0x1c7: /* cmpxchg8b */
|
||||
modrm = x86_ldub_code(env, s);
|
||||
mod = (modrm >> 6) & 3;
|
||||
if ((mod == 3) || ((modrm & 0x38) != 0x8))
|
||||
goto illegal_op;
|
||||
#ifdef TARGET_X86_64
|
||||
if (dflag == MO_64) {
|
||||
if (!(s->cpuid_ext_features & CPUID_EXT_CX16))
|
||||
switch ((modrm >> 3) & 7) {
|
||||
case 1: /* CMPXCHG8, CMPXCHG16 */
|
||||
if (mod == 3) {
|
||||
goto illegal_op;
|
||||
gen_lea_modrm(env, s, modrm);
|
||||
if ((s->prefix & PREFIX_LOCK) && (tb_cflags(s->base.tb) & CF_PARALLEL)) {
|
||||
gen_helper_cmpxchg16b(cpu_env, s->A0);
|
||||
} else {
|
||||
gen_helper_cmpxchg16b_unlocked(cpu_env, s->A0);
|
||||
}
|
||||
} else
|
||||
#ifdef TARGET_X86_64
|
||||
if (dflag == MO_64) {
|
||||
if (!(s->cpuid_ext_features & CPUID_EXT_CX16)) {
|
||||
goto illegal_op;
|
||||
}
|
||||
gen_lea_modrm(env, s, modrm);
|
||||
if ((s->prefix & PREFIX_LOCK) &&
|
||||
(tb_cflags(s->base.tb) & CF_PARALLEL)) {
|
||||
gen_helper_cmpxchg16b(cpu_env, s->A0);
|
||||
} else {
|
||||
gen_helper_cmpxchg16b_unlocked(cpu_env, s->A0);
|
||||
}
|
||||
set_cc_op(s, CC_OP_EFLAGS);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
{
|
||||
if (!(s->cpuid_features & CPUID_CX8))
|
||||
if (!(s->cpuid_features & CPUID_CX8)) {
|
||||
goto illegal_op;
|
||||
}
|
||||
gen_lea_modrm(env, s, modrm);
|
||||
if ((s->prefix & PREFIX_LOCK) && (tb_cflags(s->base.tb) & CF_PARALLEL)) {
|
||||
if ((s->prefix & PREFIX_LOCK) &&
|
||||
(tb_cflags(s->base.tb) & CF_PARALLEL)) {
|
||||
gen_helper_cmpxchg8b(cpu_env, s->A0);
|
||||
} else {
|
||||
gen_helper_cmpxchg8b_unlocked(cpu_env, s->A0);
|
||||
}
|
||||
set_cc_op(s, CC_OP_EFLAGS);
|
||||
break;
|
||||
|
||||
case 7: /* RDSEED */
|
||||
case 6: /* RDRAND */
|
||||
if (mod != 3 ||
|
||||
(s->prefix & (PREFIX_LOCK | PREFIX_REPZ | PREFIX_REPNZ)) ||
|
||||
!(s->cpuid_ext_features & CPUID_EXT_RDRAND)) {
|
||||
goto illegal_op;
|
||||
}
|
||||
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
|
||||
gen_io_start();
|
||||
}
|
||||
gen_helper_rdrand(s->T0, cpu_env);
|
||||
rm = (modrm & 7) | REX_B(s);
|
||||
gen_op_mov_reg_v(s, dflag, rm, s->T0);
|
||||
set_cc_op(s, CC_OP_EFLAGS);
|
||||
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
|
||||
gen_io_end();
|
||||
gen_jmp(s, s->pc - s->cs_base);
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
goto illegal_op;
|
||||
}
|
||||
set_cc_op(s, CC_OP_EFLAGS);
|
||||
break;
|
||||
|
||||
/**************************/
|
||||
|
@ -23,6 +23,8 @@
|
||||
#include "exec/helper-proto.h"
|
||||
#include "crypto/aes.h"
|
||||
#include "fpu/softfloat.h"
|
||||
#include "qapi/error.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
#include "helper_regs.h"
|
||||
/*****************************************************************************/
|
||||
@ -158,25 +160,38 @@ uint32_t helper_cmpeqb(target_ulong ra, target_ulong rb)
|
||||
#undef hasvalue
|
||||
|
||||
/*
|
||||
* Return invalid random number.
|
||||
*
|
||||
* FIXME: Add rng backend or other mechanism to get cryptographically suitable
|
||||
* random number
|
||||
* Return a random number.
|
||||
*/
|
||||
target_ulong helper_darn32(void)
|
||||
uint64_t helper_darn32(void)
|
||||
{
|
||||
return -1;
|
||||
Error *err = NULL;
|
||||
uint32_t ret;
|
||||
|
||||
if (qemu_guest_getrandom(&ret, sizeof(ret), &err) < 0) {
|
||||
qemu_log_mask(LOG_UNIMP, "darn: Crypto failure: %s",
|
||||
error_get_pretty(err));
|
||||
error_free(err);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
target_ulong helper_darn64(void)
|
||||
uint64_t helper_darn64(void)
|
||||
{
|
||||
return -1;
|
||||
Error *err = NULL;
|
||||
uint64_t ret;
|
||||
|
||||
if (qemu_guest_getrandom(&ret, sizeof(ret), &err) < 0) {
|
||||
qemu_log_mask(LOG_UNIMP, "darn: Crypto failure: %s",
|
||||
error_get_pretty(err));
|
||||
error_free(err);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(TARGET_PPC64)
|
||||
|
||||
uint64_t helper_bpermd(uint64_t rs, uint64_t rb)
|
||||
{
|
||||
int i;
|
||||
|
@ -1847,13 +1847,22 @@ static void gen_darn(DisasContext *ctx)
|
||||
{
|
||||
int l = L(ctx->opcode);
|
||||
|
||||
if (l == 0) {
|
||||
gen_helper_darn32(cpu_gpr[rD(ctx->opcode)]);
|
||||
} else if (l <= 2) {
|
||||
/* Return 64-bit random for both CRN and RRN */
|
||||
gen_helper_darn64(cpu_gpr[rD(ctx->opcode)]);
|
||||
} else {
|
||||
if (l > 2) {
|
||||
tcg_gen_movi_i64(cpu_gpr[rD(ctx->opcode)], -1);
|
||||
} else {
|
||||
if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
|
||||
gen_io_start();
|
||||
}
|
||||
if (l == 0) {
|
||||
gen_helper_darn32(cpu_gpr[rD(ctx->opcode)]);
|
||||
} else {
|
||||
/* Return 64-bit random for both CRN and RRN */
|
||||
gen_helper_darn64(cpu_gpr[rD(ctx->opcode)]);
|
||||
}
|
||||
if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
|
||||
gen_io_end();
|
||||
gen_stop_exception(ctx);
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
53
ui/vnc.c
53
ui/vnc.c
@ -43,6 +43,7 @@
|
||||
#include "crypto/hash.h"
|
||||
#include "crypto/tlscredsanon.h"
|
||||
#include "crypto/tlscredsx509.h"
|
||||
#include "crypto/random.h"
|
||||
#include "qom/object_interfaces.h"
|
||||
#include "qemu/cutils.h"
|
||||
#include "io/dns-resolver.h"
|
||||
@ -2535,14 +2536,16 @@ void start_client_init(VncState *vs)
|
||||
vnc_read_when(vs, protocol_client_init, 1);
|
||||
}
|
||||
|
||||
static void make_challenge(VncState *vs)
|
||||
static void authentication_failed(VncState *vs)
|
||||
{
|
||||
int i;
|
||||
|
||||
srand(time(NULL)+getpid()+getpid()*987654+rand());
|
||||
|
||||
for (i = 0 ; i < sizeof(vs->challenge) ; i++)
|
||||
vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
|
||||
vnc_write_u32(vs, 1); /* Reject auth */
|
||||
if (vs->minor >= 8) {
|
||||
static const char err[] = "Authentication failed";
|
||||
vnc_write_u32(vs, sizeof(err));
|
||||
vnc_write(vs, err, sizeof(err));
|
||||
}
|
||||
vnc_flush(vs);
|
||||
vnc_client_error(vs);
|
||||
}
|
||||
|
||||
static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
|
||||
@ -2609,21 +2612,23 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
|
||||
return 0;
|
||||
|
||||
reject:
|
||||
vnc_write_u32(vs, 1); /* Reject auth */
|
||||
if (vs->minor >= 8) {
|
||||
static const char err[] = "Authentication failed";
|
||||
vnc_write_u32(vs, sizeof(err));
|
||||
vnc_write(vs, err, sizeof(err));
|
||||
}
|
||||
vnc_flush(vs);
|
||||
vnc_client_error(vs);
|
||||
authentication_failed(vs);
|
||||
qcrypto_cipher_free(cipher);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void start_auth_vnc(VncState *vs)
|
||||
{
|
||||
make_challenge(vs);
|
||||
Error *err = NULL;
|
||||
|
||||
if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) {
|
||||
trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes",
|
||||
error_get_pretty(err));
|
||||
error_free(err);
|
||||
authentication_failed(vs);
|
||||
return;
|
||||
}
|
||||
|
||||
/* Send client a 'random' challenge */
|
||||
vnc_write(vs, vs->challenge, sizeof(vs->challenge));
|
||||
vnc_flush(vs);
|
||||
@ -2638,13 +2643,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
|
||||
* must pick the one we sent. Verify this */
|
||||
if (data[0] != vs->auth) { /* Reject auth */
|
||||
trace_vnc_auth_reject(vs, vs->auth, (int)data[0]);
|
||||
vnc_write_u32(vs, 1);
|
||||
if (vs->minor >= 8) {
|
||||
static const char err[] = "Authentication failed";
|
||||
vnc_write_u32(vs, sizeof(err));
|
||||
vnc_write(vs, err, sizeof(err));
|
||||
}
|
||||
vnc_client_error(vs);
|
||||
authentication_failed(vs);
|
||||
} else { /* Accept requested auth */
|
||||
trace_vnc_auth_start(vs, vs->auth);
|
||||
switch (vs->auth) {
|
||||
@ -2673,13 +2672,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
|
||||
|
||||
default: /* Should not be possible, but just in case */
|
||||
trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", "");
|
||||
vnc_write_u8(vs, 1);
|
||||
if (vs->minor >= 8) {
|
||||
static const char err[] = "Authentication failed";
|
||||
vnc_write_u32(vs, sizeof(err));
|
||||
vnc_write(vs, err, sizeof(err));
|
||||
}
|
||||
vnc_client_error(vs);
|
||||
authentication_failed(vs);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
|
@ -54,5 +54,6 @@ util-obj-y += iova-tree.o
|
||||
util-obj-$(CONFIG_INOTIFY1) += filemonitor-inotify.o
|
||||
util-obj-$(CONFIG_LINUX) += vfio-helpers.o
|
||||
util-obj-$(CONFIG_OPENGL) += drm.o
|
||||
util-obj-y += guest-random.o
|
||||
|
||||
stub-obj-y += filemonitor-stub.o
|
||||
|
93
util/guest-random.c
Normal file
93
util/guest-random.c
Normal file
@ -0,0 +1,93 @@
|
||||
/*
|
||||
* QEMU guest-visible random functions
|
||||
*
|
||||
* Copyright 2019 Linaro, Ltd.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the Free
|
||||
* Software Foundation; either version 2 of the License, or (at your option)
|
||||
* any later version.
|
||||
*/
|
||||
|
||||
#include "qemu/osdep.h"
|
||||
#include "qemu-common.h"
|
||||
#include "qemu/cutils.h"
|
||||
#include "qapi/error.h"
|
||||
#include "qemu/guest-random.h"
|
||||
#include "crypto/random.h"
|
||||
|
||||
|
||||
static __thread GRand *thread_rand;
|
||||
static bool deterministic;
|
||||
|
||||
|
||||
static int glib_random_bytes(void *buf, size_t len)
|
||||
{
|
||||
GRand *rand = thread_rand;
|
||||
size_t i;
|
||||
uint32_t x;
|
||||
|
||||
if (unlikely(rand == NULL)) {
|
||||
/* Thread not initialized for a cpu, or main w/o -seed. */
|
||||
thread_rand = rand = g_rand_new();
|
||||
}
|
||||
|
||||
for (i = 0; i + 4 <= len; i += 4) {
|
||||
x = g_rand_int(rand);
|
||||
__builtin_memcpy(buf + i, &x, 4);
|
||||
}
|
||||
if (i < len) {
|
||||
x = g_rand_int(rand);
|
||||
__builtin_memcpy(buf + i, &x, i - len);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int qemu_guest_getrandom(void *buf, size_t len, Error **errp)
|
||||
{
|
||||
if (unlikely(deterministic)) {
|
||||
/* Deterministic implementation using Glib's Mersenne Twister. */
|
||||
return glib_random_bytes(buf, len);
|
||||
} else {
|
||||
/* Non-deterministic implementation using crypto routines. */
|
||||
return qcrypto_random_bytes(buf, len, errp);
|
||||
}
|
||||
}
|
||||
|
||||
void qemu_guest_getrandom_nofail(void *buf, size_t len)
|
||||
{
|
||||
qemu_guest_getrandom(buf, len, &error_fatal);
|
||||
}
|
||||
|
||||
uint64_t qemu_guest_random_seed_thread_part1(void)
|
||||
{
|
||||
if (deterministic) {
|
||||
uint64_t ret;
|
||||
glib_random_bytes(&ret, sizeof(ret));
|
||||
return ret;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
void qemu_guest_random_seed_thread_part2(uint64_t seed)
|
||||
{
|
||||
g_assert(thread_rand == NULL);
|
||||
if (deterministic) {
|
||||
thread_rand =
|
||||
g_rand_new_with_seed_array((const guint32 *)&seed,
|
||||
sizeof(seed) / sizeof(guint32));
|
||||
}
|
||||
}
|
||||
|
||||
int qemu_guest_random_seed_main(const char *optarg, Error **errp)
|
||||
{
|
||||
unsigned long long seed;
|
||||
if (parse_uint_full(optarg, &seed, 0)) {
|
||||
error_setg(errp, "Invalid seed number: %s", optarg);
|
||||
return -1;
|
||||
} else {
|
||||
deterministic = true;
|
||||
qemu_guest_random_seed_thread_part2(seed);
|
||||
return 0;
|
||||
}
|
||||
}
|
4
vl.c
4
vl.c
@ -128,6 +128,7 @@ int main(int argc, char **argv)
|
||||
#include "qapi/qapi-commands-ui.h"
|
||||
#include "qapi/qmp/qerror.h"
|
||||
#include "sysemu/iothread.h"
|
||||
#include "qemu/guest-random.h"
|
||||
|
||||
#define MAX_VIRTIO_CONSOLES 1
|
||||
|
||||
@ -3349,6 +3350,9 @@ int main(int argc, char **argv, char **envp)
|
||||
case QEMU_OPTION_DFILTER:
|
||||
qemu_set_dfilter_ranges(optarg, &error_fatal);
|
||||
break;
|
||||
case QEMU_OPTION_seed:
|
||||
qemu_guest_random_seed_main(optarg, &error_fatal);
|
||||
break;
|
||||
case QEMU_OPTION_s:
|
||||
add_device_config(DEV_GDB, "tcp::" DEFAULT_GDBSTUB_PORT);
|
||||
break;
|
||||
|
Loading…
Reference in New Issue
Block a user