aboutsummaryrefslogtreecommitdiff
path: root/linux-user
diff options
context:
space:
mode:
Diffstat (limited to 'linux-user')
-rw-r--r--linux-user/aarch64/cpu_loop.c25
-rw-r--r--linux-user/aarch64/target_syscall.h2
-rw-r--r--linux-user/elfload.c8
-rw-r--r--linux-user/main.c33
-rw-r--r--linux-user/syscall.c34
5 files changed, 54 insertions, 48 deletions
diff --git a/linux-user/aarch64/cpu_loop.c b/linux-user/aarch64/cpu_loop.c
index d75fd9d3e2..2f2f63e3e8 100644
--- a/linux-user/aarch64/cpu_loop.c
+++ b/linux-user/aarch64/cpu_loop.c
@@ -20,6 +20,7 @@
#include "qemu/osdep.h"
#include "qemu.h"
#include "cpu_loop-common.h"
+#include "qemu/guest-random.h"
#define get_user_code_u32(x, gaddr, env) \
({ abi_long __r = get_user_u32((x), (gaddr)); \
@@ -147,24 +148,6 @@ void cpu_loop(CPUARMState *env)
}
}
-static uint64_t arm_rand64(void)
-{
- int shift = 64 - clz64(RAND_MAX);
- int i, n = 64 / shift + (64 % shift != 0);
- uint64_t ret = 0;
-
- for (i = 0; i < n; i++) {
- ret = (ret << shift) | rand();
- }
- return ret;
-}
-
-void arm_init_pauth_key(ARMPACKey *key)
-{
- key->lo = arm_rand64();
- key->hi = arm_rand64();
-}
-
void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
{
ARMCPU *cpu = arm_env_get_cpu(env);
@@ -192,11 +175,7 @@ void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
#endif
if (cpu_isar_feature(aa64_pauth, cpu)) {
- arm_init_pauth_key(&env->apia_key);
- arm_init_pauth_key(&env->apib_key);
- arm_init_pauth_key(&env->apda_key);
- arm_init_pauth_key(&env->apdb_key);
- arm_init_pauth_key(&env->apga_key);
+ qemu_guest_getrandom_nofail(&env->keys, sizeof(env->keys));
}
ts->stack_base = info->start_stack;
diff --git a/linux-user/aarch64/target_syscall.h b/linux-user/aarch64/target_syscall.h
index b595e5da82..995e475c73 100644
--- a/linux-user/aarch64/target_syscall.h
+++ b/linux-user/aarch64/target_syscall.h
@@ -29,6 +29,4 @@ struct target_pt_regs {
# define TARGET_PR_PAC_APDBKEY (1 << 3)
# define TARGET_PR_PAC_APGAKEY (1 << 4)
-void arm_init_pauth_key(ARMPACKey *key);
-
#endif /* AARCH64_TARGET_SYSCALL_H */
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index a23aa4493e..a57b7049dd 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -8,6 +8,7 @@
#include "qemu.h"
#include "disas/disas.h"
#include "qemu/path.h"
+#include "qemu/guest-random.h"
#ifdef _ARCH_PPC64
#undef ARCH_DLINFO
@@ -1884,12 +1885,9 @@ static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
}
/*
- * Generate 16 random bytes for userspace PRNG seeding (not
- * cryptically secure but it's not the aim of QEMU).
+ * Generate 16 random bytes for userspace PRNG seeding.
*/
- for (i = 0; i < 16; i++) {
- k_rand_bytes[i] = rand();
- }
+ qemu_guest_getrandom_nofail(k_rand_bytes, sizeof(k_rand_bytes));
if (STACK_GROWS_DOWN) {
sp -= 16;
u_rand_bytes = sp;
diff --git a/linux-user/main.c b/linux-user/main.c
index 3d2230320b..689bcf436d 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -34,10 +34,12 @@
#include "tcg.h"
#include "qemu/timer.h"
#include "qemu/envlist.h"
+#include "qemu/guest-random.h"
#include "elf.h"
#include "trace/control.h"
#include "target_elf.h"
#include "cpu_loop-common.h"
+#include "crypto/init.h"
char *exec_path;
@@ -48,6 +50,7 @@ static int gdbstub_port;
static envlist_t *envlist;
static const char *cpu_model;
static const char *cpu_type;
+static const char *seed_optarg;
unsigned long mmap_min_addr;
unsigned long guest_base;
int have_guest_base;
@@ -290,15 +293,9 @@ static void handle_arg_pagesize(const char *arg)
}
}
-static void handle_arg_randseed(const char *arg)
+static void handle_arg_seed(const char *arg)
{
- unsigned long long seed;
-
- if (parse_uint_full(arg, &seed, 0) != 0 || seed > UINT_MAX) {
- fprintf(stderr, "Invalid seed number: %s\n", arg);
- exit(EXIT_FAILURE);
- }
- srand(seed);
+ seed_optarg = arg;
}
static void handle_arg_gdb(const char *arg)
@@ -433,7 +430,7 @@ static const struct qemu_argument arg_table[] = {
"", "run in singlestep mode"},
{"strace", "QEMU_STRACE", false, handle_arg_strace,
"", "log system calls"},
- {"seed", "QEMU_RAND_SEED", true, handle_arg_randseed,
+ {"seed", "QEMU_RAND_SEED", true, handle_arg_seed,
"", "Seed for pseudo-random number generator"},
{"trace", "QEMU_TRACE", true, handle_arg_trace,
"", "[[enable=]<pattern>][,events=<file>][,file=<file>]"},
@@ -626,8 +623,6 @@ int main(int argc, char **argv, char **envp)
cpu_model = NULL;
- srand(time(NULL));
-
qemu_add_opts(&qemu_trace_opts);
optind = parse_args(argc, argv);
@@ -689,8 +684,20 @@ int main(int argc, char **argv, char **envp)
do_strace = 1;
}
- if (getenv("QEMU_RAND_SEED")) {
- handle_arg_randseed(getenv("QEMU_RAND_SEED"));
+ if (seed_optarg == NULL) {
+ seed_optarg = getenv("QEMU_RAND_SEED");
+ }
+ {
+ Error *err = NULL;
+ if (seed_optarg != NULL) {
+ qemu_guest_random_seed_main(seed_optarg, &err);
+ } else {
+ qcrypto_init(&err);
+ }
+ if (err) {
+ error_reportf_err(err, "cannot initialize crypto: ");
+ exit(1);
+ }
}
target_environ = envlist_to_environ(envlist, NULL);
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 0d6c764502..55212585e0 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -107,6 +107,8 @@
#include "uname.h"
#include "qemu.h"
+#include "qemu/guest-random.h"
+#include "qapi/error.h"
#include "fd-trans.h"
#ifndef CLONE_IO
@@ -5483,6 +5485,7 @@ static void *clone_func(void *arg)
put_user_u32(info->tid, info->child_tidptr);
if (info->parent_tidptr)
put_user_u32(info->tid, info->parent_tidptr);
+ qemu_guest_random_seed_thread_part2(cpu->random_seed);
/* Enable signals. */
sigprocmask(SIG_SETMASK, &info->sigmask, NULL);
/* Signal to the parent that we're ready. */
@@ -5569,6 +5572,7 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
initializing, so temporarily block all signals. */
sigfillset(&sigmask);
sigprocmask(SIG_BLOCK, &sigmask, &info.sigmask);
+ cpu->random_seed = qemu_guest_random_seed_thread_part1();
/* If this is our first additional thread, we need to ensure we
* generate code for parallel execution and flush old translations.
@@ -9807,25 +9811,45 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
int all = (TARGET_PR_PAC_APIAKEY | TARGET_PR_PAC_APIBKEY |
TARGET_PR_PAC_APDAKEY | TARGET_PR_PAC_APDBKEY |
TARGET_PR_PAC_APGAKEY);
+ int ret = 0;
+ Error *err = NULL;
+
if (arg2 == 0) {
arg2 = all;
} else if (arg2 & ~all) {
return -TARGET_EINVAL;
}
if (arg2 & TARGET_PR_PAC_APIAKEY) {
- arm_init_pauth_key(&env->apia_key);
+ ret |= qemu_guest_getrandom(&env->keys.apia,
+ sizeof(ARMPACKey), &err);
}
if (arg2 & TARGET_PR_PAC_APIBKEY) {
- arm_init_pauth_key(&env->apib_key);
+ ret |= qemu_guest_getrandom(&env->keys.apib,
+ sizeof(ARMPACKey), &err);
}
if (arg2 & TARGET_PR_PAC_APDAKEY) {
- arm_init_pauth_key(&env->apda_key);
+ ret |= qemu_guest_getrandom(&env->keys.apda,
+ sizeof(ARMPACKey), &err);
}
if (arg2 & TARGET_PR_PAC_APDBKEY) {
- arm_init_pauth_key(&env->apdb_key);
+ ret |= qemu_guest_getrandom(&env->keys.apdb,
+ sizeof(ARMPACKey), &err);
}
if (arg2 & TARGET_PR_PAC_APGAKEY) {
- arm_init_pauth_key(&env->apga_key);
+ ret |= qemu_guest_getrandom(&env->keys.apga,
+ sizeof(ARMPACKey), &err);
+ }
+ if (ret != 0) {
+ /*
+ * Some unknown failure in the crypto. The best
+ * we can do is log it and fail the syscall.
+ * The real syscall cannot fail this way.
+ */
+ qemu_log_mask(LOG_UNIMP,
+ "PR_PAC_RESET_KEYS: Crypto failure: %s",
+ error_get_pretty(err));
+ error_free(err);
+ return -TARGET_EIO;
}
return 0;
}
generated by cgit v1.2.3 (git 2.26.2) at 2025-01-19 23:23:50 +0000