system/qemu
system/qemu
1
0
Fork 0
mirror of https://gitlab.com/qemu-project/qemu synced 2024-07-21 02:15:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

hw/misc/bcm2835_rng: Use qemu_guest_getrandom_nofail

Browse source 
The random number is intended for use by the guest.  As such, we should
honor the -seed argument for reproducibility.  Use the *_nofail routine
instead of rolling our own error handling locally.

Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This commit is contained in:
Richard Henderson 2019-03-14 15:56:52 -07:00
parent 19173fd335
commit 3090c980ed
1 changed files with 14 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
hw/misc/bcm2835_rng.c
View file

@ -9,30 +9,26 @@
#include "qemu/osdep.h"
#include "qemu/log.h"
#include "qapi/error.h"
#include "crypto/random.h"
#include "qemu/guest-random.h"
#include "hw/misc/bcm2835_rng.h"
static uint32_t get_random_bytes(void)
{
uint32_t res;
Error *err = NULL;
if (qcrypto_random_bytes((uint8_t *)&res, sizeof(res), &err) < 0) {
/* On failure we don't want to return the guest a non-random
* value in case they're really using it for cryptographic
* purposes, so the best we can do is die here.
* This shouldn't happen unless something's broken.
* In theory we could implement this device's full FIFO
* and interrupt semantics and then just stop filling the
* FIFO. That's a lot of work, though, so we assume any
* errors are systematic problems and trust that if we didn't
* fail as the guest inited then we won't fail later on
* mid-run.
*/
error_report_err(err);
exit(1);
}
/*
* On failure we don't want to return the guest a non-random
* value in case they're really using it for cryptographic
* purposes, so the best we can do is die here.
* This shouldn't happen unless something's broken.
* In theory we could implement this device's full FIFO
* and interrupt semantics and then just stop filling the
* FIFO. That's a lot of work, though, so we assume any
* errors are systematic problems and trust that if we didn't
* fail as the guest inited then we won't fail later on
* mid-run.
*/
qemu_guest_getrandom_nofail(&res, sizeof(res));
return res;
}