From: "Michael S. Tsirkin" <mst@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-devel@nongnu.org, "Jason A . Donenfeld" <Jason@zx2c4.com>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
"Laurent Vivier" <laurent@vivier.eu>
Subject: Re: [PATCH 4/4] hw/i386: pass RNG seed via setup_data entry
Date: Thu, 21 Jul 2022 10:47:57 -0400 [thread overview]
Message-ID: <20220721104321-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <20220721122937.729959-5-pbonzini@redhat.com>
On Thu, Jul 21, 2022 at 02:29:37PM +0200, Paolo Bonzini wrote:
> From: "Jason A. Donenfeld" <Jason@zx2c4.com>
>
> Tiny machines optimized for fast boot time generally don't use EFI,
> which means a random seed has to be supplied some other way. For this
> purpose, Linux (≥5.20) supports passing a seed in the setup_data table
> with SETUP_RNG_SEED, specially intended for hypervisors, kexec, and
> specialized bootloaders. The linked commit shows the upstream kernel
> implementation.
>
> Link: https://git.kernel.org/tip/tip/c/68b8e9713c8
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
> Message-Id: <20220719115300.104095-1-Jason@zx2c4.com>
> [Mostly rewritten to preserve guest ABI, but still starting from Jason's
> code. - Paolo]
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> hw/i386/pc.c | 1 +
> hw/i386/x86.c | 31 ++++++++++++++++++++
> include/hw/i386/x86.h | 2 ++
> include/standard-headers/asm-x86/bootparam.h | 1 +
> 4 files changed, 35 insertions(+)
>
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index 774cb2bf07..d456fbb166 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -112,6 +112,7 @@ const size_t pc_compat_7_0_len = G_N_ELEMENTS(pc_compat_7_0);
>
> GlobalProperty pc_compat_6_2[] = {
> { "virtio-mem", "unplugged-inaccessible", "off" },
> + { TYPE_X86_MACHINE, "linuxboot-seed", "off" },
> };
> const size_t pc_compat_6_2_len = G_N_ELEMENTS(pc_compat_6_2);
>
> diff --git a/hw/i386/x86.c b/hw/i386/x86.c
> index 564bf3834b..c5d01e084a 100644
> --- a/hw/i386/x86.c
> +++ b/hw/i386/x86.c
> @@ -26,6 +26,7 @@
> #include "qemu/cutils.h"
> #include "qemu/units.h"
> #include "qemu/datadir.h"
> +#include "qemu/guest-random.h"
> #include "qapi/error.h"
> #include "qapi/qmp/qerror.h"
> #include "qapi/qapi-visit-common.h"
> @@ -1088,6 +1089,12 @@ void x86_load_linux(X86MachineState *x86ms,
> }
> fclose(f);
>
> + if (x86ms->linuxboot_seed != ON_OFF_AUTO_OFF &&
> + (data.protocol >= 0x209 || x86ms->linuxboot_seed == ON_OFF_AUTO_ON)) {
> + void *seed = add_setup_data(&data, 32, SETUP_RNG_SEED);
> + qemu_guest_getrandom_nofail(seed, 32);
> + }
> +
> /* append dtb to kernel */
> if (dtb_filename) {
> dtb_size = get_image_size(dtb_filename);
> @@ -1247,6 +1254,23 @@ static void x86_machine_set_smm(Object *obj, Visitor *v, const char *name,
> visit_type_OnOffAuto(v, name, &x86ms->smm, errp);
> }
>
> +static void x86_machine_get_linuxboot_seed(Object *obj, Visitor *v, const char *name,
> + void *opaque, Error **errp)
> +{
> + X86MachineState *x86ms = X86_MACHINE(obj);
> + OnOffAuto linuxboot_seed = x86ms->linuxboot_seed;
> +
> + visit_type_OnOffAuto(v, name, &linuxboot_seed, errp);
> +}
> +
> +static void x86_machine_set_linuxboot_seed(Object *obj, Visitor *v, const char *name,
> + void *opaque, Error **errp)
> +{
> + X86MachineState *x86ms = X86_MACHINE(obj);
> +
> + visit_type_OnOffAuto(v, name, &x86ms->linuxboot_seed, errp);
> +}
> +
> bool x86_machine_is_acpi_enabled(const X86MachineState *x86ms)
> {
> if (x86ms->acpi == ON_OFF_AUTO_OFF) {
> @@ -1397,6 +1421,7 @@ static void x86_machine_initfn(Object *obj)
> x86ms->acpi = ON_OFF_AUTO_AUTO;
> x86ms->pit = ON_OFF_AUTO_AUTO;
> x86ms->pic = ON_OFF_AUTO_AUTO;
> + x86ms->linuxboot_seed = ON_OFF_AUTO_AUTO;
> x86ms->pci_irq_mask = ACPI_BUILD_PCI_IRQS;
> x86ms->oem_id = g_strndup(ACPI_BUILD_APPNAME6, 6);
> x86ms->oem_table_id = g_strndup(ACPI_BUILD_APPNAME8, 8);
> @@ -1435,6 +1460,12 @@ static void x86_machine_class_init(ObjectClass *oc, void *data)
> object_class_property_set_description(oc, X86_MACHINE_PIT,
> "Enable i8254 PIT");
>
> + object_class_property_add(oc, X86_MACHINE_LINUXBOOT_SEED, "OnOffAuto",
> + x86_machine_get_linuxboot_seed, x86_machine_set_linuxboot_seed,
> + NULL, NULL);
> + object_class_property_set_description(oc, X86_MACHINE_LINUXBOOT_SEED,
> + "Pass random number seed to -kernel Linux image");
> +
> object_class_property_add(oc, X86_MACHINE_PIC, "OnOffAuto",
> x86_machine_get_pic,
> x86_machine_set_pic,
> diff --git a/include/hw/i386/x86.h b/include/hw/i386/x86.h
> index 9089bdd99c..edf0f6799e 100644
> --- a/include/hw/i386/x86.h
> +++ b/include/hw/i386/x86.h
> @@ -67,6 +67,7 @@ struct X86MachineState {
> OnOffAuto acpi;
> OnOffAuto pit;
> OnOffAuto pic;
> + OnOffAuto linuxboot_seed;
>
> char *oem_id;
> char *oem_table_id;
> @@ -91,6 +92,7 @@ struct X86MachineState {
> #define X86_MACHINE_OEM_ID "x-oem-id"
> #define X86_MACHINE_OEM_TABLE_ID "x-oem-table-id"
> #define X86_MACHINE_BUS_LOCK_RATELIMIT "bus-lock-ratelimit"
> +#define X86_MACHINE_LINUXBOOT_SEED "linuxboot-seed"
I am guessing we should prefix this with "x-" so we don't commit
to a user interface.
>
> #define TYPE_X86_MACHINE MACHINE_TYPE_NAME("x86")
> OBJECT_DECLARE_TYPE(X86MachineState, X86MachineClass, X86_MACHINE)
> diff --git a/include/standard-headers/asm-x86/bootparam.h b/include/standard-headers/asm-x86/bootparam.h
> index 072e2ed546..b2aaad10e5 100644
> --- a/include/standard-headers/asm-x86/bootparam.h
> +++ b/include/standard-headers/asm-x86/bootparam.h
> @@ -10,6 +10,7 @@
> #define SETUP_EFI 4
> #define SETUP_APPLE_PROPERTIES 5
> #define SETUP_JAILHOUSE 6
> +#define SETUP_RNG_SEED 9
>
> #define SETUP_INDIRECT (1<<31)
>
> --
> 2.36.1
next prev parent reply other threads:[~2022-07-21 14:49 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-21 12:29 [PATCH 0/4] Refactor x86_load_linux and pass RNG seed via setup_data entry Paolo Bonzini
2022-07-21 12:29 ` [PATCH 1/4] hw/i386: extract PVH load to a separate function Paolo Bonzini
2022-07-21 12:29 ` [PATCH 2/4] hw/i386: define a struct for Linux boot protocol data Paolo Bonzini
2022-07-21 12:29 ` [PATCH 3/4] hw/i386: extract handling of setup data linked list Paolo Bonzini
2022-07-21 12:29 ` [PATCH 4/4] hw/i386: pass RNG seed via setup_data entry Paolo Bonzini
2022-07-21 13:02 ` Jason A. Donenfeld
2022-07-21 14:47 ` Michael S. Tsirkin [this message]
2022-07-21 15:15 ` Jason A. Donenfeld
2022-07-21 14:52 ` [PATCH 0/4] Refactor x86_load_linux and " Michael S. Tsirkin
2022-07-21 15:11 ` Jason A. Donenfeld
2022-07-21 15:29 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220721104321-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=Jason@zx2c4.com \
--cc=eduardo@habkost.net \
--cc=f4bug@amsat.org \
--cc=laurent@vivier.eu \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.