[v2,08/14] util: Add qemu_getrandom and support functions

Message ID	20190314045526.13342-9-richard.henderson@linaro.org
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Date: Wed, 13 Mar 2019 21:55:20 -0700 Message-Id: <20190314045526.13342-9-richard.henderson@linaro.org> In-Reply-To: <20190314045526.13342-1-richard.henderson@linaro.org> References: <20190314045526.13342-1-richard.henderson@linaro.org> Subject: [Qemu-devel] [PATCH v2 08/14] util: Add qemu_getrandom and support functions Precedence: list Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	Add qemu_getrandom and ARMv8.5-RNG \| expand [v2,00/14] Add qemu_getrandom and ARMv8.5-RNG [v2,01/14] crypto: Merge crypto-obj-y into libqemuutil.a [v2,02/14] crypto: Reverse code blocks in random-platform.c [v2,03/14] crypto: Do not fail for EINTR during qcrypto_random_bytes [v2,04/14] crypto: Use O_CLOEXEC in qcrypto_random_init [v2,05/14] crypto: Use getrandom for qcrypto_random_bytes [v2,06/14] crypto: Change the qcrypto_random_bytes buffer type to void* [v2,07/14] ui/vnc: Use qcrypto_random_bytes for make_challenge [v2,08/14] util: Add qemu_getrandom and support functions [v2,09/14] util: Use qcrypto_random_bytes for qemu_getrandom [v2,10/14] linux-user: Call qcrypto_init if not using -seed [v2,11/14] linux-user: Use qemu_getrandom for AT_RANDOM [v2,12/14] linux-user/aarch64: Use qemu_getrandom for arm_init_pauth_key [v2,13/14] linux-user: Remove srand call [v2,14/14] target/arm: Implement ARMv8.5-RNG

On Wed, Mar 13, 2019 at 09:55:20PM -0700, Richard Henderson wrote: > Initialize the system from system and linux-user arguments. > Propagate deterministic seeds when creating new cpu threads. > > Signed-off-by: Richard Henderson <richard.henderson@linaro.org> > --- > include/qemu/random.h | 58 +++++++++++++++++++++++++++++++++++ I'm still not a fan of putting this stuff into such a generic header as qemu/random.h, or calling it qemu_getrandom(). I'd prefer something that make it clear that this is only for the CPU emulation / userspace emulator usage. Can we call it cpu-random.h perhaps, and qemu_cpu_getrandom() > include/qom/cpu.h | 1 + > cpus.c | 9 ++++++ > linux-user/main.c | 21 ++++++------- > linux-user/syscall.c | 3 ++ > util/random.c | 71 +++++++++++++++++++++++++++++++++++++++++++ > vl.c | 4 +++ > qemu-options.hx | 10 ++++++ > util/Makefile.objs | 1 + > 9 files changed, 167 insertions(+), 11 deletions(-) > create mode 100644 include/qemu/random.h > create mode 100644 util/random.c > > diff --git a/include/qemu/random.h b/include/qemu/random.h > new file mode 100644 > index 0000000000..9d88008288 > --- /dev/null > +++ b/include/qemu/random.h > @@ -0,0 +1,58 @@ > +/* > + * QEMU random functions Can we put a comment here saying it is only for use by TCG emulation and userspace emulator helpers, and point people to crypto/random.h for the preferred general purpose API. Even though this is backed by the qcrypto_random by default, it could be surprising if the -seed arg affected other callers. > + * > + * Copyright 2019 Linaro, Ltd. > + * > + * This program is free software; you can redistribute it and/or modify it > + * under the terms of the GNU General Public License as published by the Free > + * Software Foundation; either version 2 of the License, or (at your option) > + * any later version. > + */ > + > +#ifndef QEMU_RANDOM_H > +#define QEMU_RANDOM_H > + > +/** > + * qemu_seedrandom_main(const char *optarg, Error **errp) > + * @optarg: a non-NULL pointer to a C string > + * @errp: an Error handler > + * > + * The @optarg value is that which accompanies the -seed argument. > + * This forces qemu_getrandom into deterministic mode. > + */ > +void qemu_seedrandom_main(const char *optarg, Error **errp); > + > +/** > + * qemu_seedrandom_thread_part1(void) > + * > + * If qemu_getrandom is in deterministic mode, returns an > + * independant seed for the new thread. Otherwise returns 0. > + */ > +uint64_t qemu_seedrandom_thread_part1(void); > + > +/** > + * qemu_seedrandom_thread_part2(uint64_t seed) > + * @seed: a value for the new thread. > + * > + * If qemu_getrandom is in deterministic mode, this stores an > + * independant seed for the new thread. Otherwise a no-op. > + */ > +void qemu_seedrandom_thread_part2(uint64_t seed); > + > +/** > + * qemu_getrandom(void *buf, size_t len, bool nonblock) > + * @buf: a buffer of bytes to be written > + * @len: the number of bytes in @buf > + * @nonblock: do not delay if the entropy pool is low > + * > + * Fills len bytes in buf with random data. If nonblock is false, > + * this may require a delay while the entropy pool fills. Returns > + * true if the call is successful, but the only non-successful case > + * is when nonblock is true. > + * > + * The value of len must be <= 256, so that the BSD getentropy(3) > + * function can be used to implement this. > + */ > +bool qemu_getrandom(void *buf, size_t len, bool nonblock); > + > +#endif /* QEMU_RANDOM_H */ I'm concerned that having this in a file qemu/ramdom.h will still give a misleading impression that this is intended for general purpose usage. IIUC this is really designed for use by the e deterministic > diff --git a/include/qom/cpu.h b/include/qom/cpu.h > index 1d6099e5d4..343cc6d51e 100644 > --- a/include/qom/cpu.h > +++ b/include/qom/cpu.h > @@ -372,6 +372,7 @@ struct CPUState { > int singlestep_enabled; > int64_t icount_budget; > int64_t icount_extra; > + uint64_t random_seed; > sigjmp_buf jmp_env; > > QemuMutex work_mutex; > diff --git a/cpus.c b/cpus.c > index e83f72b48b..b5d3f46220 100644 > --- a/cpus.c > +++ b/cpus.c > @@ -49,6 +49,7 @@ > #include "qemu/option.h" > #include "qemu/bitmap.h" > #include "qemu/seqlock.h" > +#include "qemu/random.h" > #include "tcg.h" > #include "hw/nmi.h" > #include "sysemu/replay.h" > @@ -1275,6 +1276,7 @@ static void *qemu_kvm_cpu_thread_fn(void *arg) > /* signal CPU creation */ > cpu->created = true; > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > do { > if (cpu_can_run(cpu)) { > @@ -1318,6 +1320,7 @@ static void *qemu_dummy_cpu_thread_fn(void *arg) > /* signal CPU creation */ > cpu->created = true; > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > do { > qemu_mutex_unlock_iothread(); > @@ -1477,6 +1480,7 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg) > cpu->created = true; > cpu->can_do_io = 1; > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > /* wait for initial kick-off after machine start */ > while (first_cpu->stopped) { > @@ -1591,6 +1595,7 @@ static void *qemu_hax_cpu_thread_fn(void *arg) > > hax_init_vcpu(cpu); > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > do { > if (cpu_can_run(cpu)) { > @@ -1630,6 +1635,7 @@ static void *qemu_hvf_cpu_thread_fn(void *arg) > /* signal CPU creation */ > cpu->created = true; > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > do { > if (cpu_can_run(cpu)) { > @@ -1670,6 +1676,7 @@ static void *qemu_whpx_cpu_thread_fn(void *arg) > /* signal CPU creation */ > cpu->created = true; > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > do { > if (cpu_can_run(cpu)) { > @@ -1723,6 +1730,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg) > cpu->can_do_io = 1; > current_cpu = cpu; > qemu_cond_signal(&qemu_cpu_cond); > + qemu_seedrandom_thread_part2(cpu->random_seed); > > /* process any pending work */ > cpu->exit_request = 1; > @@ -2070,6 +2078,7 @@ void qemu_init_vcpu(CPUState *cpu) > cpu->nr_cores = smp_cores; > cpu->nr_threads = smp_threads; > cpu->stopped = true; > + cpu->random_seed = qemu_seedrandom_thread_part1(); > > if (!cpu->as) { > /* If the target cpu hasn't set up any address spaces itself, It isn't clear that we should be needing these seeds in anything other than the TCG codepath. > diff --git a/linux-user/main.c b/linux-user/main.c > index a0aba9cb1e..9682e81610 100644 > --- a/linux-user/main.c > +++ b/linux-user/main.c > @@ -33,6 +33,7 @@ > #include "tcg.h" > #include "qemu/timer.h" > #include "qemu/envlist.h" > +#include "qemu/random.h" > #include "elf.h" > #include "trace/control.h" > #include "target_elf.h" > @@ -47,6 +48,7 @@ static int gdbstub_port; > static envlist_t *envlist; > static const char *cpu_model; > static const char *cpu_type; > +static const char *seed_optarg; > unsigned long mmap_min_addr; > unsigned long guest_base; > int have_guest_base; > @@ -289,15 +291,9 @@ static void handle_arg_pagesize(const char *arg) > } > } > > -static void handle_arg_randseed(const char *arg) > +static void handle_arg_seed(const char *arg) > { > - unsigned long long seed; > - > - if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) { > - fprintf(stderr, "Invalid seed number: %s\n", arg); > - exit(EXIT_FAILURE); > - } > - srand(seed); > + seed_optarg = arg; > } > > static void handle_arg_gdb(const char *arg) > @@ -432,7 +428,7 @@ static const struct qemu_argument arg_table[] = { > "", "run in singlestep mode"}, > {"strace", "QEMU_STRACE", false, handle_arg_strace, > "", "log system calls"}, > - {"seed", "QEMU_RAND_SEED", true, handle_arg_randseed, > + {"seed", "QEMU_RAND_SEED", true, handle_arg_seed, > "", "Seed for pseudo-random number generator"}, > {"trace", "QEMU_TRACE", true, handle_arg_trace, > "", "[[enable=]<pattern>][,events=<file>][,file=<file>]"}, > @@ -687,8 +683,11 @@ int main(int argc, char **argv, char **envp) > do_strace = 1; > } > > - if (getenv("QEMU_RAND_SEED")) { > - handle_arg_randseed(getenv("QEMU_RAND_SEED")); > + if (seed_optarg == NULL) { > + seed_optarg = getenv("QEMU_RAND_SEED"); > + } > + if (seed_optarg != NULL) { > + qemu_seedrandom_main(seed_optarg, &error_fatal); > } > > target_environ = envlist_to_environ(envlist, NULL); > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index 208fd1813d..18d98f5a08 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -110,6 +110,7 @@ > #include "uname.h" > > #include "qemu.h" > +#include "qemu/random.h" > #include "fd-trans.h" > > #ifndef CLONE_IO > @@ -5448,6 +5449,7 @@ static void *clone_func(void *arg) > put_user_u32(info->tid, info->child_tidptr); > if (info->parent_tidptr) > put_user_u32(info->tid, info->parent_tidptr); > + qemu_seedrandom_thread_part2(cpu->random_seed); > /* Enable signals. */ > sigprocmask(SIG_SETMASK, &info->sigmask, NULL); > /* Signal to the parent that we're ready. */ > @@ -5534,6 +5536,7 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp, > initializing, so temporarily block all signals. */ > sigfillset(&sigmask); > sigprocmask(SIG_BLOCK, &sigmask, &info.sigmask); > + cpu->random_seed = qemu_seedrandom_thread_part1(); > > /* If this is our first additional thread, we need to ensure we > * generate code for parallel execution and flush old translations. > diff --git a/util/random.c b/util/random.c > new file mode 100644 > index 0000000000..467c987a66 > --- /dev/null > +++ b/util/random.c > @@ -0,0 +1,71 @@ > +/* > + * QEMU random functions > + * > + * Copyright 2019 Linaro, Ltd. > + * > + * This program is free software; you can redistribute it and/or modify it > + * under the terms of the GNU General Public License as published by the Free > + * Software Foundation; either version 2 of the License, or (at your option) > + * any later version. > + */ > + > +#include "qemu/osdep.h" > +#include "qemu-common.h" > +#include "qemu/cutils.h" > +#include "qapi/error.h" > +#include "qemu/random.h" > + > +static __thread GRand *thread_rand; > + > +/* Deterministic implementation using Glib's Mersenne Twister. */ > +bool qemu_getrandom(void *buf, size_t len, bool nonblock) > +{ > + GRand *rand; > + size_t i; > + uint32_t x; > + > + g_assert(len <= 256); > + > + rand = thread_rand; > + if (unlikely(rand == NULL)) { > + /* Thread not initialized for a cpu, or main w/o -seed. */ > + thread_rand = rand = g_rand_new(); > + } > + > + for (i = 0; i + 4 <= len; i += 4) { > + x = g_rand_int(rand); > + __builtin_memcpy(buf + i, &x, 4); > + } > + if (i < len) { > + x = g_rand_int(rand); > + __builtin_memcpy(buf + i, &x, i - len); > + } > + > + return true; > +} > + > +uint64_t qemu_seedrandom_thread_part1(void) > +{ > + uint64_t ret; > + qemu_getrandom(&ret, sizeof(ret), false); > + return ret; > +} > + > +void qemu_seedrandom_thread_part2(uint64_t seed) > +{ > + g_assert(thread_rand == NULL); > + thread_rand = g_rand_new_with_seed_array((const guint32 *)&seed, > + sizeof(seed) / sizeof(guint32)); > +} > + > +void qemu_seedrandom_main(const char *optarg, Error **errp) > +{ > + unsigned long long seed; > + if (parse_uint_full(optarg, &seed, 0)) { > + error_setg(errp, "Invalid seed number: %s", optarg); > + } else { > + g_assert(thread_rand != NULL); > + g_rand_set_seed_array(thread_rand, (const guint32 *)&seed, > + sizeof(seed) / sizeof(guint32)); > + } > +} > diff --git a/vl.c b/vl.c > index c1d5484e12..0438b72f95 100644 > --- a/vl.c > +++ b/vl.c > @@ -128,6 +128,7 @@ int main(int argc, char **argv) > #include "qapi/qapi-commands-ui.h" > #include "qapi/qmp/qerror.h" > #include "sysemu/iothread.h" > +#include "qemu/random.h" > > #define MAX_VIRTIO_CONSOLES 1 > > @@ -3330,6 +3331,9 @@ int main(int argc, char **argv, char **envp) > case QEMU_OPTION_DFILTER: > qemu_set_dfilter_ranges(optarg, &error_fatal); > break; > + case QEMU_OPTION_seed: > + qemu_seedrandom_main(optarg, &error_fatal); > + break; > case QEMU_OPTION_s: > add_device_config(DEV_GDB, "tcp::" DEFAULT_GDBSTUB_PORT); > break; > diff --git a/qemu-options.hx b/qemu-options.hx > index 08749a3391..ed70de67d8 100644 > --- a/qemu-options.hx > +++ b/qemu-options.hx > @@ -3601,6 +3601,16 @@ the 0x200 sized block starting at 0xffffffc000080000 and another 0x1000 sized > block starting at 0xffffffc00005f000. > ETEXI > > +DEF("seed", HAS_ARG, QEMU_OPTION_seed, \ > + "-seed number seed the pseudo-random number generator\n", Perhaps -cpu-rand-seed so indicate its only for the CPU emulation parts ? > + QEMU_ARCH_ALL) > +STEXI > +@item -seed @var{number} > +@findex -seed > +Force qemu to use a deterministic pseudo-random number generator, > +seeded with @var{number}. > +ETEXI > + > DEF("L", HAS_ARG, QEMU_OPTION_L, \ > "-L path set the directory for the BIOS, VGA BIOS and keymaps\n", > QEMU_ARCH_ALL) > diff --git a/util/Makefile.objs b/util/Makefile.objs > index 835fcd69e2..bc7405c535 100644 > --- a/util/Makefile.objs > +++ b/util/Makefile.objs > @@ -53,5 +53,6 @@ util-obj-y += iova-tree.o > util-obj-$(CONFIG_INOTIFY1) += filemonitor-inotify.o > util-obj-$(CONFIG_LINUX) += vfio-helpers.o > util-obj-$(CONFIG_OPENGL) += drm.o > +util-obj-y += random.o Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

diff --git a/include/qemu/random.h b/include/qemu/random.h new file mode 100644 index 0000000000..9d88008288 --- /dev/null +++ b/include/qemu/random.h @@ -0,0 +1,58 @@ +/* + * QEMU random functions + * + * Copyright 2019 Linaro, Ltd. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + */ + +#ifndef QEMU_RANDOM_H +#define QEMU_RANDOM_H + +/** + * qemu_seedrandom_main(const char *optarg, Error **errp) + * @optarg: a non-NULL pointer to a C string + * @errp: an Error handler + * + * The @optarg value is that which accompanies the -seed argument. + * This forces qemu_getrandom into deterministic mode. + */ +void qemu_seedrandom_main(const char *optarg, Error **errp); + +/** + * qemu_seedrandom_thread_part1(void) + * + * If qemu_getrandom is in deterministic mode, returns an + * independant seed for the new thread. Otherwise returns 0. + */ +uint64_t qemu_seedrandom_thread_part1(void); + +/** + * qemu_seedrandom_thread_part2(uint64_t seed) + * @seed: a value for the new thread. + * + * If qemu_getrandom is in deterministic mode, this stores an + * independant seed for the new thread. Otherwise a no-op. + */ +void qemu_seedrandom_thread_part2(uint64_t seed); + +/** + * qemu_getrandom(void *buf, size_t len, bool nonblock) + * @buf: a buffer of bytes to be written + * @len: the number of bytes in @buf + * @nonblock: do not delay if the entropy pool is low + * + * Fills len bytes in buf with random data. If nonblock is false, + * this may require a delay while the entropy pool fills. Returns + * true if the call is successful, but the only non-successful case + * is when nonblock is true. + * + * The value of len must be <= 256, so that the BSD getentropy(3) + * function can be used to implement this. + */ +bool qemu_getrandom(void *buf, size_t len, bool nonblock); + +#endif /* QEMU_RANDOM_H */ diff --git a/include/qom/cpu.h b/include/qom/cpu.h index 1d6099e5d4..343cc6d51e 100644 --- a/include/qom/cpu.h +++ b/include/qom/cpu.h @@ -372,6 +372,7 @@ struct CPUState { int singlestep_enabled; int64_t icount_budget; int64_t icount_extra; + uint64_t random_seed; sigjmp_buf jmp_env; QemuMutex work_mutex; diff --git a/cpus.c b/cpus.c index e83f72b48b..b5d3f46220 100644 --- a/cpus.c +++ b/cpus.c @@ -49,6 +49,7 @@ #include "qemu/option.h" #include "qemu/bitmap.h" #include "qemu/seqlock.h" +#include "qemu/random.h" #include "tcg.h" #include "hw/nmi.h" #include "sysemu/replay.h" @@ -1275,6 +1276,7 @@ static void *qemu_kvm_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1318,6 +1320,7 @@ static void *qemu_dummy_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { qemu_mutex_unlock_iothread(); @@ -1477,6 +1480,7 @@ static void *qemu_tcg_rr_cpu_thread_fn(void *arg) cpu->created = true; cpu->can_do_io = 1; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); /* wait for initial kick-off after machine start */ while (first_cpu->stopped) { @@ -1591,6 +1595,7 @@ static void *qemu_hax_cpu_thread_fn(void *arg) hax_init_vcpu(cpu); qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1630,6 +1635,7 @@ static void *qemu_hvf_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1670,6 +1676,7 @@ static void *qemu_whpx_cpu_thread_fn(void *arg) /* signal CPU creation */ cpu->created = true; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); do { if (cpu_can_run(cpu)) { @@ -1723,6 +1730,7 @@ static void *qemu_tcg_cpu_thread_fn(void *arg) cpu->can_do_io = 1; current_cpu = cpu; qemu_cond_signal(&qemu_cpu_cond); + qemu_seedrandom_thread_part2(cpu->random_seed); /* process any pending work */ cpu->exit_request = 1; @@ -2070,6 +2078,7 @@ void qemu_init_vcpu(CPUState *cpu) cpu->nr_cores = smp_cores; cpu->nr_threads = smp_threads; cpu->stopped = true; + cpu->random_seed = qemu_seedrandom_thread_part1(); if (!cpu->as) { /* If the target cpu hasn't set up any address spaces itself, diff --git a/linux-user/main.c b/linux-user/main.c index a0aba9cb1e..9682e81610 100644 --- a/linux-user/main.c +++ b/linux-user/main.c @@ -33,6 +33,7 @@ #include "tcg.h" #include "qemu/timer.h" #include "qemu/envlist.h" +#include "qemu/random.h" #include "elf.h" #include "trace/control.h" #include "target_elf.h" @@ -47,6 +48,7 @@ static int gdbstub_port; static envlist_t *envlist; static const char *cpu_model; static const char *cpu_type; +static const char *seed_optarg; unsigned long mmap_min_addr; unsigned long guest_base; int have_guest_base; @@ -289,15 +291,9 @@ static void handle_arg_pagesize(const char *arg) } } -static void handle_arg_randseed(const char *arg) +static void handle_arg_seed(const char *arg) { - unsigned long long seed; - - if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) { - fprintf(stderr, "Invalid seed number: %s\n", arg); - exit(EXIT_FAILURE); - } - srand(seed); + seed_optarg = arg; } static void handle_arg_gdb(const char *arg) @@ -432,7 +428,7 @@ static const struct qemu_argument arg_table[] = { "", "run in singlestep mode"}, {"strace", "QEMU_STRACE", false, handle_arg_strace, "", "log system calls"}, - {"seed", "QEMU_RAND_SEED", true, handle_arg_randseed, + {"seed", "QEMU_RAND_SEED", true, handle_arg_seed, "", "Seed for pseudo-random number generator"}, {"trace", "QEMU_TRACE", true, handle_arg_trace, "", "[[enable=]<pattern>][,events=<file>][,file=<file>]"}, @@ -687,8 +683,11 @@ int main(int argc, char **argv, char **envp) do_strace = 1; } - if (getenv("QEMU_RAND_SEED")) { - handle_arg_randseed(getenv("QEMU_RAND_SEED")); + if (seed_optarg == NULL) { + seed_optarg = getenv("QEMU_RAND_SEED"); + } + if (seed_optarg != NULL) { + qemu_seedrandom_main(seed_optarg, &error_fatal); } target_environ = envlist_to_environ(envlist, NULL); diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 208fd1813d..18d98f5a08 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -110,6 +110,7 @@ #include "uname.h" #include "qemu.h" +#include "qemu/random.h" #include "fd-trans.h" #ifndef CLONE_IO @@ -5448,6 +5449,7 @@ static void *clone_func(void *arg) put_user_u32(info->tid, info->child_tidptr); if (info->parent_tidptr) put_user_u32(info->tid, info->parent_tidptr); + qemu_seedrandom_thread_part2(cpu->random_seed); /* Enable signals. */ sigprocmask(SIG_SETMASK, &info->sigmask, NULL); /* Signal to the parent that we're ready. */ @@ -5534,6 +5536,7 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp, initializing, so temporarily block all signals. */ sigfillset(&sigmask); sigprocmask(SIG_BLOCK, &sigmask, &info.sigmask); + cpu->random_seed = qemu_seedrandom_thread_part1(); /* If this is our first additional thread, we need to ensure we * generate code for parallel execution and flush old translations. diff --git a/util/random.c b/util/random.c new file mode 100644 index 0000000000..467c987a66 --- /dev/null +++ b/util/random.c @@ -0,0 +1,71 @@ +/* + * QEMU random functions + * + * Copyright 2019 Linaro, Ltd. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + */ + +#include "qemu/osdep.h" +#include "qemu-common.h" +#include "qemu/cutils.h" +#include "qapi/error.h" +#include "qemu/random.h" + +static __thread GRand *thread_rand; + +/* Deterministic implementation using Glib's Mersenne Twister. */ +bool qemu_getrandom(void *buf, size_t len, bool nonblock) +{ + GRand *rand; + size_t i; + uint32_t x; + + g_assert(len <= 256); + + rand = thread_rand; + if (unlikely(rand == NULL)) { + /* Thread not initialized for a cpu, or main w/o -seed. */ + thread_rand = rand = g_rand_new(); + } + + for (i = 0; i + 4 <= len; i += 4) { + x = g_rand_int(rand); + __builtin_memcpy(buf + i, &x, 4); + } + if (i < len) { + x = g_rand_int(rand); + __builtin_memcpy(buf + i, &x, i - len); + } + + return true; +} + +uint64_t qemu_seedrandom_thread_part1(void) +{ + uint64_t ret; + qemu_getrandom(&ret, sizeof(ret), false); + return ret; +} + +void qemu_seedrandom_thread_part2(uint64_t seed) +{ + g_assert(thread_rand == NULL); + thread_rand = g_rand_new_with_seed_array((const guint32 *)&seed, + sizeof(seed) / sizeof(guint32)); +} + +void qemu_seedrandom_main(const char *optarg, Error **errp) +{ + unsigned long long seed; + if (parse_uint_full(optarg, &seed, 0)) { + error_setg(errp, "Invalid seed number: %s", optarg); + } else { + g_assert(thread_rand != NULL); + g_rand_set_seed_array(thread_rand, (const guint32 *)&seed, + sizeof(seed) / sizeof(guint32)); + } +} diff --git a/vl.c b/vl.c index c1d5484e12..0438b72f95 100644 --- a/vl.c +++ b/vl.c @@ -128,6 +128,7 @@ int main(int argc, char **argv) #include "qapi/qapi-commands-ui.h" #include "qapi/qmp/qerror.h" #include "sysemu/iothread.h" +#include "qemu/random.h" #define MAX_VIRTIO_CONSOLES 1 @@ -3330,6 +3331,9 @@ int main(int argc, char **argv, char **envp) case QEMU_OPTION_DFILTER: qemu_set_dfilter_ranges(optarg, &error_fatal); break; + case QEMU_OPTION_seed: + qemu_seedrandom_main(optarg, &error_fatal); + break; case QEMU_OPTION_s: add_device_config(DEV_GDB, "tcp::" DEFAULT_GDBSTUB_PORT); break; diff --git a/qemu-options.hx b/qemu-options.hx index 08749a3391..ed70de67d8 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -3601,6 +3601,16 @@ the 0x200 sized block starting at 0xffffffc000080000 and another 0x1000 sized block starting at 0xffffffc00005f000. ETEXI +DEF("seed", HAS_ARG, QEMU_OPTION_seed, \ + "-seed number seed the pseudo-random number generator\n", + QEMU_ARCH_ALL) +STEXI +@item -seed @var{number} +@findex -seed +Force qemu to use a deterministic pseudo-random number generator, +seeded with @var{number}. +ETEXI + DEF("L", HAS_ARG, QEMU_OPTION_L, \ "-L path set the directory for the BIOS, VGA BIOS and keymaps\n", QEMU_ARCH_ALL) diff --git a/util/Makefile.objs b/util/Makefile.objs index 835fcd69e2..bc7405c535 100644 --- a/util/Makefile.objs +++ b/util/Makefile.objs @@ -53,5 +53,6 @@ util-obj-y += iova-tree.o util-obj-$(CONFIG_INOTIFY1) += filemonitor-inotify.o util-obj-$(CONFIG_LINUX) += vfio-helpers.o util-obj-$(CONFIG_OPENGL) += drm.o +util-obj-y += random.o stub-obj-y += filemonitor-stub.o

[v2,08/14] util: Add qemu_getrandom and support functions

Commit Message

Comments

Patch