On Fri, Sep 30, 2022 at 04:05:20PM +0200, Jason A. Donenfeld wrote:
> With the kernel patch linked below, Linux ingests a RNG seed
> passed from the hypervisor. So, pass this for the Malta platform, and
> reinitialize it on reboot too, so that it's always fresh.
>
> Link:
> https://lore.kernel.org/linux-mips/20220930140138.575751-1-ja...@zx2c4.com/
> Signed-off-by: Jason A. Donenfeld <ja...@zx2c4.com>
> ---
> hw/mips/malta.c | 25 +++++++++++++++++++++++++
> 1 file changed, 25 insertions(+)
>
> diff --git a/hw/mips/malta.c b/hw/mips/malta.c
> index 0e932988e0..9d793b3c17 100644
> --- a/hw/mips/malta.c
> +++ b/hw/mips/malta.c
> @@ -26,6 +26,7 @@
> #include "qemu/units.h"
> #include "qemu/bitops.h"
> #include "qemu/datadir.h"
> +#include "qemu/guest-random.h"
> #include "hw/clock.h"
> #include "hw/southbridge/piix.h"
> #include "hw/isa/superio.h"
> @@ -1017,6 +1018,17 @@ static void G_GNUC_PRINTF(3, 4) prom_set(uint32_t
> *prom_buf, int index,
> va_end(ap);
> }
>
> +static void reinitialize_rng_seed(void *opaque)
> +{
> + char *rng_seed_hex = opaque;
> + uint8_t rng_seed[32];
> +
> + qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
> + for (size_t i = 0; i < sizeof(rng_seed); ++i) {
> + sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
> + }
> +}
> +
> /* Kernel */
> static uint64_t load_kernel(void)
> {
> @@ -1028,6 +1040,8 @@ static uint64_t load_kernel(void)
> long prom_size;
> int prom_index = 0;
> uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
> + uint8_t rng_seed[32];
> + char rng_seed_hex[sizeof(rng_seed) * 2 + 1];
The +1 suggests you're intending to NUL terminate, but nothing
in this patch ever initializes this last byte.
>
> #if TARGET_BIG_ENDIAN
> big_endian = 1;
> @@ -1115,9 +1129,20 @@ static uint64_t load_kernel(void)
>
> prom_set(prom_buf, prom_index++, "modetty0");
> prom_set(prom_buf, prom_index++, "38400n8r");
> +
> + qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
> + for (size_t i = 0; i < sizeof(rng_seed); ++i) {
> + sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
> + }
> + prom_set(prom_buf, prom_index++, "rngseed");
> + prom_set(prom_buf, prom_index++, "%s", rng_seed_hex);
> +
> prom_set(prom_buf, prom_index++, NULL);
>
> rom_add_blob_fixed("prom", prom_buf, prom_size, ENVP_PADDR);
> + qemu_register_reset(reinitialize_rng_seed,
> + memmem(rom_ptr(ENVP_PADDR, prom_size), prom_size,
> + rng_seed_hex, sizeof(rng_seed_hex)));
>
> g_free(prom_buf);
> return kernel_entry;
> --
> 2.37.3
>
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
