diff mbox series

[PULL,02/30] bcm2835_rng: Use qcrypto_random_bytes() rather than rand()

Message ID 1488218699-31035-3-git-send-email-peter.maydell@linaro.org
State Accepted
Commit 373442ea3a96249991cfad3fc0e83fca5f8558d5
Headers show
Series target-arm queue | expand

Commit Message

Peter Maydell Feb. 27, 2017, 6:04 p.m. UTC 
Switch to using qcrypto_random_bytes() rather than rand() as
our source of randomness for the BCM2835 RNG.

If qcrypto_random_bytes() fails, we don't want to return the guest a
non-random value in case they're really using it for cryptographic
purposes, so the best we can do is a fatal error.  This shouldn't
happen unless something's broken, though.

In theory we could implement this device's full FIFO and interrupt
semantics and then just stop filling the FIFO.  That's a lot of work,
though, and doesn't really give a very nice diagnostic to the user
since the guest will just seem to hang.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Reviewed-by: Daniel P. Berrange <berrange@redhat.com>

---
 hw/misc/bcm2835_rng.c | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

-- 
2.7.4
diff mbox series

Patch

diff --git a/hw/misc/bcm2835_rng.c b/hw/misc/bcm2835_rng.c
index 2242bc5..4d62143 100644
--- a/hw/misc/bcm2835_rng.c
+++ b/hw/misc/bcm2835_rng.c
@@ -9,8 +9,33 @@ 
 
 #include "qemu/osdep.h"
 #include "qemu/log.h"
+#include "qapi/error.h"
+#include "crypto/random.h"
 #include "hw/misc/bcm2835_rng.h"
 
+static uint32_t get_random_bytes(void)
+{
+    uint32_t res;
+    Error *err = NULL;
+
+    if (qcrypto_random_bytes((uint8_t *)&res, sizeof(res), &err) < 0) {
+        /* On failure we don't want to return the guest a non-random
+         * value in case they're really using it for cryptographic
+         * purposes, so the best we can do is die here.
+         * This shouldn't happen unless something's broken.
+         * In theory we could implement this device's full FIFO
+         * and interrupt semantics and then just stop filling the
+         * FIFO. That's a lot of work, though, so we assume any
+         * errors are systematic problems and trust that if we didn't
+         * fail as the guest inited then we won't fail later on
+         * mid-run.
+         */
+        error_report_err(err);
+        exit(1);
+    }
+    return res;
+}
+
 static uint64_t bcm2835_rng_read(void *opaque, hwaddr offset,
                                  unsigned size)
 {
@@ -27,7 +52,7 @@  static uint64_t bcm2835_rng_read(void *opaque, hwaddr offset,
         res = s->rng_status | (1 << 24);
         break;
     case 0x8:    /* rng_data */
-        res = rand();
+        res = get_random_bytes();
         break;
 
     default: