[PATCH v4 00/11] rerandomize RNG seeds on reboot and handle record&replay

[PATCH v4 00/11] rerandomize RNG seeds on reboot and handle record&replay

[Jason A. Donenfeld]

When the system reboots, the rng seed that QEMU passes should be
re-randomized, so that the new boot gets a new seed. This series wires
that up for FDT.

Then, since the record&replay subsystem makes use of reset as well, we
add a new reset cause for record&replay, so that we can avoid
re-randomizing in these cases.

Version 4 prevents the new reset type from leaking over QAPI, documents
this alongside which version it was introduced, and adds mips and m68k
machine types to the queue.

Jason A. Donenfeld (11):
  reset: allow registering handlers that aren't called by snapshot
    loading
  device-tree: add re-randomization helper function
  x86: do not re-randomize RNG seed on snapshot load
  arm: re-randomize rng-seed on reboot
  riscv: re-randomize rng-seed on reboot
  m68k/virt: do not re-randomize RNG seed on snapshot load
  m68k/q800: do not re-randomize RNG seed on snapshot load
  mips/boston: re-randomize rng-seed on reboot
  mips/malta: pass RNG seed via env var and re-randomize on reboot
  openrisc: re-randomize rng-seed on reboot
  rx: re-randomize rng-seed on reboot

 hw/arm/aspeed.c              |  4 ++--
 hw/arm/boot.c                |  2 ++
 hw/arm/mps2-tz.c             |  4 ++--
 hw/core/reset.c              | 15 ++++++++++++++-
 hw/hppa/machine.c            |  4 ++--
 hw/i386/microvm.c            |  4 ++--
 hw/i386/pc.c                 |  6 +++---
 hw/i386/x86.c                |  2 +-
 hw/m68k/q800.c               | 33 +++++++++++++--------------------
 hw/m68k/virt.c               | 20 +++++++++++---------
 hw/mips/boston.c             |  3 +++
 hw/mips/malta.c              | 25 +++++++++++++++++++++++++
 hw/openrisc/boot.c           |  3 +++
 hw/ppc/pegasos2.c            |  4 ++--
 hw/ppc/pnv.c                 |  4 ++--
 hw/ppc/spapr.c               |  4 ++--
 hw/riscv/boot.c              |  3 +++
 hw/rx/rx-gdbsim.c            |  3 +++
 hw/s390x/s390-virtio-ccw.c   |  4 ++--
 include/hw/boards.h          |  2 +-
 include/sysemu/device_tree.h |  9 +++++++++
 include/sysemu/reset.h       |  5 ++++-
 migration/savevm.c           |  2 +-
 qapi/run-state.json          |  5 ++++-
 softmmu/device_tree.c        | 21 +++++++++++++++++++++
 softmmu/runstate.c           | 11 ++++++++---
 26 files changed, 145 insertions(+), 57 deletions(-)

-- 
2.38.1

[PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

Snapshot loading only expects to call deterministic handlers, not
non-deterministic ones. So introduce a way of registering handlers that
won't be called when reseting for snapshots.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/arm/aspeed.c            |  4 ++--
 hw/arm/mps2-tz.c           |  4 ++--
 hw/core/reset.c            | 15 ++++++++++++++-
 hw/hppa/machine.c          |  4 ++--
 hw/i386/microvm.c          |  4 ++--
 hw/i386/pc.c               |  6 +++---
 hw/ppc/pegasos2.c          |  4 ++--
 hw/ppc/pnv.c               |  4 ++--
 hw/ppc/spapr.c             |  4 ++--
 hw/s390x/s390-virtio-ccw.c |  4 ++--
 include/hw/boards.h        |  2 +-
 include/sysemu/reset.h     |  5 ++++-
 migration/savevm.c         |  2 +-
 qapi/run-state.json        |  5 ++++-
 softmmu/runstate.c         | 11 ++++++++---
 15 files changed, 51 insertions(+), 27 deletions(-)

diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
index bc3ecdb619..69cadb1c37 100644
--- a/hw/arm/aspeed.c
+++ b/hw/arm/aspeed.c
@@ -1349,12 +1349,12 @@ static void aspeed_machine_bletchley_class_init(ObjectClass *oc, void *data)
         aspeed_soc_num_cpus(amc->soc_name);
 }
 
-static void fby35_reset(MachineState *state)
+static void fby35_reset(MachineState *state, ShutdownCause reason)
 {
     AspeedMachineState *bmc = ASPEED_MACHINE(state);
     AspeedGPIOState *gpio = &bmc->soc.gpio;
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 
     /* Board ID: 7 (Class-1, 4 slots) */
     object_property_set_bool(OBJECT(gpio), "gpioV4", true, &error_fatal);
diff --git a/hw/arm/mps2-tz.c b/hw/arm/mps2-tz.c
index 394192b9b2..284c09c91d 100644
--- a/hw/arm/mps2-tz.c
+++ b/hw/arm/mps2-tz.c
@@ -1239,7 +1239,7 @@ static void mps2_set_remap(Object *obj, const char *value, Error **errp)
     }
 }
 
-static void mps2_machine_reset(MachineState *machine)
+static void mps2_machine_reset(MachineState *machine, ShutdownCause reason)
 {
     MPS2TZMachineState *mms = MPS2TZ_MACHINE(machine);
 
@@ -1249,7 +1249,7 @@ static void mps2_machine_reset(MachineState *machine)
      * reset see the correct mapping.
      */
     remap_memory(mms, mms->remap);
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 }
 
 static void mps2tz_class_init(ObjectClass *oc, void *data)
diff --git a/hw/core/reset.c b/hw/core/reset.c
index 36be82c491..bcf323d6dd 100644
--- a/hw/core/reset.c
+++ b/hw/core/reset.c
@@ -33,6 +33,7 @@ typedef struct QEMUResetEntry {
     QTAILQ_ENTRY(QEMUResetEntry) entry;
     QEMUResetHandler *func;
     void *opaque;
+    bool skip_on_snapshot_load;
 } QEMUResetEntry;
 
 static QTAILQ_HEAD(, QEMUResetEntry) reset_handlers =
@@ -47,6 +48,16 @@ void qemu_register_reset(QEMUResetHandler *func, void *opaque)
     QTAILQ_INSERT_TAIL(&reset_handlers, re, entry);
 }
 
+void qemu_register_reset_nosnapshotload(QEMUResetHandler *func, void *opaque)
+{
+    QEMUResetEntry *re = g_new0(QEMUResetEntry, 1);
+
+    re->func = func;
+    re->opaque = opaque;
+    re->skip_on_snapshot_load = true;
+    QTAILQ_INSERT_TAIL(&reset_handlers, re, entry);
+}
+
 void qemu_unregister_reset(QEMUResetHandler *func, void *opaque)
 {
     QEMUResetEntry *re;
@@ -60,12 +71,14 @@ void qemu_unregister_reset(QEMUResetHandler *func, void *opaque)
     }
 }
 
-void qemu_devices_reset(void)
+void qemu_devices_reset(ShutdownCause reason)
 {
     QEMUResetEntry *re, *nre;
 
     /* reset all devices */
     QTAILQ_FOREACH_SAFE(re, &reset_handlers, entry, nre) {
+        if (reason == SHUTDOWN_CAUSE_SNAPSHOT_LOAD && re->skip_on_snapshot_load)
+            continue;
         re->func(re->opaque);
     }
 }
diff --git a/hw/hppa/machine.c b/hw/hppa/machine.c
index e53d5f0fa7..19ea7c2c66 100644
--- a/hw/hppa/machine.c
+++ b/hw/hppa/machine.c
@@ -411,12 +411,12 @@ static void machine_hppa_init(MachineState *machine)
     cpu[0]->env.gr[19] = FW_CFG_IO_BASE;
 }
 
-static void hppa_machine_reset(MachineState *ms)
+static void hppa_machine_reset(MachineState *ms, ShutdownCause reason)
 {
     unsigned int smp_cpus = ms->smp.cpus;
     int i;
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 
     /* Start all CPUs at the firmware entry point.
      *  Monarch CPU will initialize firmware, secondary CPUs
diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
index 52f9aa9d8c..ffd1884100 100644
--- a/hw/i386/microvm.c
+++ b/hw/i386/microvm.c
@@ -467,7 +467,7 @@ static void microvm_machine_state_init(MachineState *machine)
     microvm_devices_init(mms);
 }
 
-static void microvm_machine_reset(MachineState *machine)
+static void microvm_machine_reset(MachineState *machine, ShutdownCause reason)
 {
     MicrovmMachineState *mms = MICROVM_MACHINE(machine);
     CPUState *cs;
@@ -480,7 +480,7 @@ static void microvm_machine_reset(MachineState *machine)
         mms->kernel_cmdline_fixed = true;
     }
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 
     CPU_FOREACH(cs) {
         cpu = X86_CPU(cs);
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 768982ae9a..3e86083db3 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1847,12 +1847,12 @@ static void pc_machine_initfn(Object *obj)
     cxl_machine_init(obj, &pcms->cxl_devices_state);
 }
 
-static void pc_machine_reset(MachineState *machine)
+static void pc_machine_reset(MachineState *machine, ShutdownCause reason)
 {
     CPUState *cs;
     X86CPU *cpu;
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 
     /* Reset APIC after devices have been reset to cancel
      * any changes that qemu_devices_reset() might have done.
@@ -1867,7 +1867,7 @@ static void pc_machine_reset(MachineState *machine)
 static void pc_machine_wakeup(MachineState *machine)
 {
     cpu_synchronize_all_states();
-    pc_machine_reset(machine);
+    pc_machine_reset(machine, SHUTDOWN_CAUSE_NONE);
     cpu_synchronize_all_post_reset();
 }
 
diff --git a/hw/ppc/pegasos2.c b/hw/ppc/pegasos2.c
index ecf682b148..bb4d008ba9 100644
--- a/hw/ppc/pegasos2.c
+++ b/hw/ppc/pegasos2.c
@@ -248,14 +248,14 @@ static void pegasos2_pci_config_write(Pegasos2MachineState *pm, int bus,
     pegasos2_mv_reg_write(pm, pcicfg + 4, len, val);
 }
 
-static void pegasos2_machine_reset(MachineState *machine)
+static void pegasos2_machine_reset(MachineState *machine, ShutdownCause reason)
 {
     Pegasos2MachineState *pm = PEGASOS2_MACHINE(machine);
     void *fdt;
     uint64_t d[2];
     int sz;
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
     if (!pm->vof) {
         return; /* Firmware should set up machine so nothing to do */
     }
diff --git a/hw/ppc/pnv.c b/hw/ppc/pnv.c
index 40bb573d1a..3d01e26f84 100644
--- a/hw/ppc/pnv.c
+++ b/hw/ppc/pnv.c
@@ -643,13 +643,13 @@ static void pnv_powerdown_notify(Notifier *n, void *opaque)
     }
 }
 
-static void pnv_reset(MachineState *machine)
+static void pnv_reset(MachineState *machine, ShutdownCause reason)
 {
     PnvMachineState *pnv = PNV_MACHINE(machine);
     IPMIBmc *bmc;
     void *fdt;
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 
     /*
      * The machine should provide by default an internal BMC simulator.
diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
index f79ac85ca1..66b414d2e9 100644
--- a/hw/ppc/spapr.c
+++ b/hw/ppc/spapr.c
@@ -1623,7 +1623,7 @@ void spapr_check_mmu_mode(bool guest_radix)
     }
 }
 
-static void spapr_machine_reset(MachineState *machine)
+static void spapr_machine_reset(MachineState *machine, ShutdownCause reason)
 {
     SpaprMachineState *spapr = SPAPR_MACHINE(machine);
     PowerPCCPU *first_ppc_cpu;
@@ -1649,7 +1649,7 @@ static void spapr_machine_reset(MachineState *machine)
         spapr_setup_hpt(spapr);
     }
 
-    qemu_devices_reset();
+    qemu_devices_reset(reason);
 
     spapr_ovec_cleanup(spapr->ov5_cas);
     spapr->ov5_cas = spapr_ovec_new();
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 03855c7231..8017acb1d5 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -405,7 +405,7 @@ static void s390_pv_prepare_reset(S390CcwMachineState *ms)
     s390_pv_prep_reset();
 }
 
-static void s390_machine_reset(MachineState *machine)
+static void s390_machine_reset(MachineState *machine, ShutdownCause reason)
 {
     S390CcwMachineState *ms = S390_CCW_MACHINE(machine);
     enum s390_reset reset_type;
@@ -427,7 +427,7 @@ static void s390_machine_reset(MachineState *machine)
             s390_machine_unprotect(ms);
         }
 
-        qemu_devices_reset();
+        qemu_devices_reset(reason);
         s390_crypto_reset();
 
         /* configure and start the ipl CPU only */
diff --git a/include/hw/boards.h b/include/hw/boards.h
index 311ed17e18..90f1dd3aeb 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -231,7 +231,7 @@ struct MachineClass {
     const char *deprecation_reason;
 
     void (*init)(MachineState *state);
-    void (*reset)(MachineState *state);
+    void (*reset)(MachineState *state, ShutdownCause reason);
     void (*wakeup)(MachineState *state);
     int (*kvm_type)(MachineState *machine, const char *arg);
 
diff --git a/include/sysemu/reset.h b/include/sysemu/reset.h
index 0b0d6d7598..609e4d50c2 100644
--- a/include/sysemu/reset.h
+++ b/include/sysemu/reset.h
@@ -1,10 +1,13 @@
 #ifndef QEMU_SYSEMU_RESET_H
 #define QEMU_SYSEMU_RESET_H
 
+#include "qapi/qapi-events-run-state.h"
+
 typedef void QEMUResetHandler(void *opaque);
 
 void qemu_register_reset(QEMUResetHandler *func, void *opaque);
+void qemu_register_reset_nosnapshotload(QEMUResetHandler *func, void *opaque);
 void qemu_unregister_reset(QEMUResetHandler *func, void *opaque);
-void qemu_devices_reset(void);
+void qemu_devices_reset(ShutdownCause reason);
 
 #endif
diff --git a/migration/savevm.c b/migration/savevm.c
index 48e85c052c..a0cdb714f7 100644
--- a/migration/savevm.c
+++ b/migration/savevm.c
@@ -3058,7 +3058,7 @@ bool load_snapshot(const char *name, const char *vmstate,
         goto err_drain;
     }
 
-    qemu_system_reset(SHUTDOWN_CAUSE_NONE);
+    qemu_system_reset(SHUTDOWN_CAUSE_SNAPSHOT_LOAD);
     mis->from_src_file = f;
 
     if (!yank_register_instance(MIGRATION_YANK_INSTANCE, errp)) {
diff --git a/qapi/run-state.json b/qapi/run-state.json
index 49989d30e6..e44c0de914 100644
--- a/qapi/run-state.json
+++ b/qapi/run-state.json
@@ -86,12 +86,15 @@
 #                   ignores --no-reboot. This is useful for sanitizing
 #                   hypercalls on s390 that are used during kexec/kdump/boot
 #
+# @snapshot-load: A snapshot is being loaded by the record & replay
+#                 subsystem; internal value (since 7.2)
+#
 ##
 { 'enum': 'ShutdownCause',
   # Beware, shutdown_caused_by_guest() depends on enumeration order
   'data': [ 'none', 'host-error', 'host-qmp-quit', 'host-qmp-system-reset',
             'host-signal', 'host-ui', 'guest-shutdown', 'guest-reset',
-            'guest-panic', 'subsystem-reset'] }
+            'guest-panic', 'subsystem-reset', 'snapshot-load'] }
 
 ##
 # @StatusInfo:
diff --git a/softmmu/runstate.c b/softmmu/runstate.c
index 1e68680b9d..3dd83d5e5d 100644
--- a/softmmu/runstate.c
+++ b/softmmu/runstate.c
@@ -441,11 +441,16 @@ void qemu_system_reset(ShutdownCause reason)
     cpu_synchronize_all_states();
 
     if (mc && mc->reset) {
-        mc->reset(current_machine);
+        mc->reset(current_machine, reason);
     } else {
-        qemu_devices_reset();
+        qemu_devices_reset(reason);
     }
-    if (reason && reason != SHUTDOWN_CAUSE_SUBSYSTEM_RESET) {
+    switch (reason) {
+    case SHUTDOWN_CAUSE_NONE:
+    case SHUTDOWN_CAUSE_SUBSYSTEM_RESET:
+    case SHUTDOWN_CAUSE_SNAPSHOT_LOAD:
+        break;
+    default:
         qapi_event_send_reset(shutdown_caused_by_guest(reason), reason);
     }
     cpu_synchronize_all_post_reset();
-- 
2.38.1

[PATCH v4 02/11] device-tree: add re-randomization helper function

[Jason A. Donenfeld]

When the system reboots, the rng-seed that the FDT has should be
re-randomized, so that the new boot gets a new seed. Several
architectures require this functionality, so export a function for
injecting a new seed into the given FDT.

Cc: Alistair Francis <alistair.francis@wdc.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 include/sysemu/device_tree.h |  9 +++++++++
 softmmu/device_tree.c        | 21 +++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/include/sysemu/device_tree.h b/include/sysemu/device_tree.h
index e7c5441f56..ca5339beae 100644
--- a/include/sysemu/device_tree.h
+++ b/include/sysemu/device_tree.h
@@ -197,6 +197,15 @@ int qemu_fdt_setprop_sized_cells_from_array(void *fdt,
                                                 qdt_tmp);                 \
     })
 
+
+/**
+ * qemu_fdt_randomize_seeds:
+ * @fdt: device tree blob
+ *
+ * Re-randomize all "rng-seed" properties with new seeds.
+ */
+void qemu_fdt_randomize_seeds(void *fdt);
+
 #define FDT_PCI_RANGE_RELOCATABLE          0x80000000
 #define FDT_PCI_RANGE_PREFETCHABLE         0x40000000
 #define FDT_PCI_RANGE_ALIASED              0x20000000
diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c
index ce74f3d48d..30aa3aea9f 100644
--- a/softmmu/device_tree.c
+++ b/softmmu/device_tree.c
@@ -22,6 +22,7 @@
 #include "qemu/option.h"
 #include "qemu/bswap.h"
 #include "qemu/cutils.h"
+#include "qemu/guest-random.h"
 #include "sysemu/device_tree.h"
 #include "hw/loader.h"
 #include "hw/boards.h"
@@ -680,3 +681,23 @@ void hmp_dumpdtb(Monitor *mon, const QDict *qdict)
 
     info_report("dtb dumped to %s", filename);
 }
+
+void qemu_fdt_randomize_seeds(void *fdt)
+{
+    int noffset, poffset, len;
+    const char *name;
+    uint8_t *data;
+
+    for (noffset = fdt_next_node(fdt, 0, NULL);
+         noffset >= 0;
+         noffset = fdt_next_node(fdt, noffset, NULL)) {
+        for (poffset = fdt_first_property_offset(fdt, noffset);
+             poffset >= 0;
+             poffset = fdt_next_property_offset(fdt, poffset)) {
+            data = (uint8_t *)fdt_getprop_by_offset(fdt, poffset, &name, &len);
+            if (!data || strcmp(name, "rng-seed"))
+                continue;
+            qemu_guest_getrandom_nofail(data, len);
+        }
+    }
+}
-- 
2.38.1

[PATCH v4 03/11] x86: do not re-randomize RNG seed on snapshot load

[Jason A. Donenfeld]

Snapshot loading is supposed to be deterministic, so we shouldn't
re-randomize the various seeds used.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/i386/x86.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/x86.c b/hw/i386/x86.c
index 1148f70c03..bd50a064a3 100644
--- a/hw/i386/x86.c
+++ b/hw/i386/x86.c
@@ -1111,7 +1111,7 @@ void x86_load_linux(X86MachineState *x86ms,
         setup_data->type = cpu_to_le32(SETUP_RNG_SEED);
         setup_data->len = cpu_to_le32(RNG_SEED_LENGTH);
         qemu_guest_getrandom_nofail(setup_data->data, RNG_SEED_LENGTH);
-        qemu_register_reset(reset_rng_seed, setup_data);
+        qemu_register_reset_nosnapshotload(reset_rng_seed, setup_data);
         fw_cfg_add_bytes_callback(fw_cfg, FW_CFG_KERNEL_DATA, reset_rng_seed, NULL,
                                   setup_data, kernel, kernel_size, true);
     } else {
-- 
2.38.1

[PATCH v4 04/11] arm: re-randomize rng-seed on reboot

[Jason A. Donenfeld]

When the system reboots, the rng-seed that the FDT has should be
re-randomized, so that the new boot gets a new seed. Since the FDT is in
the ROM region at this point, we add a hook right after the ROM has been
added, so that we have a pointer to that copy of the FDT.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/arm/boot.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index b0b92af188..b106f31468 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -683,6 +683,8 @@ int arm_load_dtb(hwaddr addr, const struct arm_boot_info *binfo,
      * the DTB is copied again upon reset, even if addr points into RAM.
      */
     rom_add_blob_fixed_as("dtb", fdt, size, addr, as);
+    qemu_register_reset_nosnapshotload(qemu_fdt_randomize_seeds,
+                                       rom_ptr_for_as(as, addr, size));
 
     g_free(fdt);
 
-- 
2.38.1

[PATCH v4 05/11] riscv: re-randomize rng-seed on reboot

[Jason A. Donenfeld]

When the system reboots, the rng-seed that the FDT has should be
re-randomized, so that the new boot gets a new seed. Since the FDT is in
the ROM region at this point, we add a hook right after the ROM has been
added, so that we have a pointer to that copy of the FDT.

Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Alistair Francis <alistair.francis@wdc.com>
Cc: Bin Meng <bin.meng@windriver.com>
Cc: qemu-riscv@nongnu.org
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/riscv/boot.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c
index e82bf27338..ebd351c840 100644
--- a/hw/riscv/boot.c
+++ b/hw/riscv/boot.c
@@ -30,6 +30,7 @@
 #include "sysemu/device_tree.h"
 #include "sysemu/qtest.h"
 #include "sysemu/kvm.h"
+#include "sysemu/reset.h"
 
 #include <libfdt.h>
 
@@ -241,6 +242,8 @@ uint64_t riscv_load_fdt(hwaddr dram_base, uint64_t mem_size, void *fdt)
 
     rom_add_blob_fixed_as("fdt", fdt, fdtsize, fdt_addr,
                           &address_space_memory);
+    qemu_register_reset_nosnapshotload(qemu_fdt_randomize_seeds,
+                        rom_ptr_for_as(&address_space_memory, fdt_addr, fdtsize));
 
     return fdt_addr;
 }
-- 
2.38.1

[PATCH v4 06/11] m68k/virt: do not re-randomize RNG seed on snapshot load

[Jason A. Donenfeld]

Snapshot loading is supposed to be deterministic, so we shouldn't
re-randomize the various seeds used.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/m68k/virt.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/hw/m68k/virt.c b/hw/m68k/virt.c
index 89c4108eb5..da5eafd275 100644
--- a/hw/m68k/virt.c
+++ b/hw/m68k/virt.c
@@ -89,7 +89,6 @@ typedef struct {
     M68kCPU *cpu;
     hwaddr initial_pc;
     hwaddr initial_stack;
-    struct bi_record *rng_seed;
 } ResetInfo;
 
 static void main_cpu_reset(void *opaque)
@@ -98,16 +97,18 @@ static void main_cpu_reset(void *opaque)
     M68kCPU *cpu = reset_info->cpu;
     CPUState *cs = CPU(cpu);
 
-    if (reset_info->rng_seed) {
-        qemu_guest_getrandom_nofail((void *)reset_info->rng_seed->data + 2,
-            be16_to_cpu(*(uint16_t *)reset_info->rng_seed->data));
-    }
-
     cpu_reset(cs);
     cpu->env.aregs[7] = reset_info->initial_stack;
     cpu->env.pc = reset_info->initial_pc;
 }
 
+static void rerandomize_rng_seed(void *opaque)
+{
+    struct bi_record *rng_seed = opaque;
+    qemu_guest_getrandom_nofail((void *)rng_seed->data + 2,
+                                be16_to_cpu(*(uint16_t *)rng_seed->data));
+}
+
 static void virt_init(MachineState *machine)
 {
     M68kCPU *cpu = NULL;
@@ -289,9 +290,10 @@ static void virt_init(MachineState *machine)
         BOOTINFO0(param_ptr, BI_LAST);
         rom_add_blob_fixed_as("bootinfo", param_blob, param_ptr - param_blob,
                               parameters_base, cs->as);
-        reset_info->rng_seed = rom_ptr_for_as(cs->as, parameters_base,
-                                              param_ptr - param_blob) +
-                               (param_rng_seed - param_blob);
+        qemu_register_reset_nosnapshotload(rerandomize_rng_seed,
+                            rom_ptr_for_as(cs->as, parameters_base,
+                                           param_ptr - param_blob) +
+                            (param_rng_seed - param_blob));
         g_free(param_blob);
     }
 }
-- 
2.38.1

[PATCH v4 07/11] m68k/q800: do not re-randomize RNG seed on snapshot load

[Jason A. Donenfeld]

Snapshot loading is supposed to be deterministic, so we shouldn't
re-randomize the various seeds used.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/m68k/q800.c | 33 +++++++++++++--------------------
 1 file changed, 13 insertions(+), 20 deletions(-)

diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c
index e09e244ddc..9d52ca6613 100644
--- a/hw/m68k/q800.c
+++ b/hw/m68k/q800.c
@@ -321,27 +321,23 @@ static const TypeInfo glue_info = {
     },
 };
 
-typedef struct {
-    M68kCPU *cpu;
-    struct bi_record *rng_seed;
-} ResetInfo;
-
 static void main_cpu_reset(void *opaque)
 {
-    ResetInfo *reset_info = opaque;
-    M68kCPU *cpu = reset_info->cpu;
+    M68kCPU *cpu = opaque;
     CPUState *cs = CPU(cpu);
 
-    if (reset_info->rng_seed) {
-        qemu_guest_getrandom_nofail((void *)reset_info->rng_seed->data + 2,
-            be16_to_cpu(*(uint16_t *)reset_info->rng_seed->data));
-    }
-
     cpu_reset(cs);
     cpu->env.aregs[7] = ldl_phys(cs->as, 0);
     cpu->env.pc = ldl_phys(cs->as, 4);
 }
 
+static void rerandomize_rng_seed(void *opaque)
+{
+    struct bi_record *rng_seed = opaque;
+    qemu_guest_getrandom_nofail((void *)rng_seed->data + 2,
+                                be16_to_cpu(*(uint16_t *)rng_seed->data));
+}
+
 static uint8_t fake_mac_rom[] = {
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 
@@ -397,7 +393,6 @@ static void q800_init(MachineState *machine)
     NubusBus *nubus;
     DeviceState *glue;
     DriveInfo *dinfo;
-    ResetInfo *reset_info;
     uint8_t rng_seed[32];
 
     linux_boot = (kernel_filename != NULL);
@@ -408,12 +403,9 @@ static void q800_init(MachineState *machine)
         exit(1);
     }
 
-    reset_info = g_new0(ResetInfo, 1);
-
     /* init CPUs */
     cpu = M68K_CPU(cpu_create(machine->cpu_type));
-    reset_info->cpu = cpu;
-    qemu_register_reset(main_cpu_reset, reset_info);
+    qemu_register_reset(main_cpu_reset, cpu);
 
     /* RAM */
     memory_region_add_subregion(get_system_memory(), 0, machine->ram);
@@ -687,9 +679,10 @@ static void q800_init(MachineState *machine)
         BOOTINFO0(param_ptr, BI_LAST);
         rom_add_blob_fixed_as("bootinfo", param_blob, param_ptr - param_blob,
                               parameters_base, cs->as);
-        reset_info->rng_seed = rom_ptr_for_as(cs->as, parameters_base,
-                                              param_ptr - param_blob) +
-                               (param_rng_seed - param_blob);
+        qemu_register_reset_nosnapshotload(rerandomize_rng_seed,
+                            rom_ptr_for_as(cs->as, parameters_base,
+                                           param_ptr - param_blob) +
+                            (param_rng_seed - param_blob));
         g_free(param_blob);
     } else {
         uint8_t *ptr;
-- 
2.38.1

[PATCH v4 08/11] mips/boston: re-randomize rng-seed on reboot

[Jason A. Donenfeld]

When the system reboots, the rng-seed that the FDT has should be
re-randomized, so that the new boot gets a new seed. Since the FDT is in
the ROM region at this point, we add a hook right after the ROM has been
added, so that we have a pointer to that copy of the FDT.

Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Cc: Paul Burton <paulburton@kernel.org>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/mips/boston.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/mips/boston.c b/hw/mips/boston.c
index d2ab9da1a0..cab63f43bf 100644
--- a/hw/mips/boston.c
+++ b/hw/mips/boston.c
@@ -41,6 +41,7 @@
 #include "sysemu/sysemu.h"
 #include "sysemu/qtest.h"
 #include "sysemu/runstate.h"
+#include "sysemu/reset.h"
 
 #include <libfdt.h>
 #include "qom/object.h"
@@ -810,6 +811,8 @@ static void boston_mach_init(MachineState *machine)
             /* Calculate real fdt size after filter */
             dt_size = fdt_totalsize(dtb_load_data);
             rom_add_blob_fixed("dtb", dtb_load_data, dt_size, dtb_paddr);
+            qemu_register_reset_nosnapshotload(qemu_fdt_randomize_seeds,
+                                rom_ptr(dtb_paddr, dt_size));
         } else {
             /* Try to load file as FIT */
             fit_err = load_fit(&boston_fit_loader, machine->kernel_filename, s);
-- 
2.38.1

[PATCH v4 09/11] mips/malta: pass RNG seed via env var and re-randomize on reboot

[Jason A. Donenfeld]

As of the kernel commit linked below, Linux ingests an RNG seed
passed as part of the environment block by the bootloader or firmware.
This mechanism works across all different environment block types,
generically, which pass some block via the second firmware argument. On
malta, this has been tested to work when passed as an argument from
U-Boot's linux_env_set.

As is the case on most other architectures (such as boston), when
booting with `-kernel`, QEMU, acting as the bootloader, should pass the
RNG seed, so that the machine has good entropy for Linux to consume. So
this commit implements that quite simply by using the guest random API,
which is what is used on nearly all other archs too. It also
reinitializes the seed on reboot, so that it is always fresh.

Link: https://git.kernel.org/torvalds/c/056a68cea01
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Cc: Paul Burton <paulburton@kernel.org>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/mips/malta.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/hw/mips/malta.c b/hw/mips/malta.c
index 0e932988e0..d337de920c 100644
--- a/hw/mips/malta.c
+++ b/hw/mips/malta.c
@@ -26,6 +26,7 @@
 #include "qemu/units.h"
 #include "qemu/bitops.h"
 #include "qemu/datadir.h"
+#include "qemu/guest-random.h"
 #include "hw/clock.h"
 #include "hw/southbridge/piix.h"
 #include "hw/isa/superio.h"
@@ -1017,6 +1018,17 @@ static void G_GNUC_PRINTF(3, 4) prom_set(uint32_t *prom_buf, int index,
     va_end(ap);
 }
 
+static void reinitialize_rng_seed(void *opaque)
+{
+    char *rng_seed_hex = opaque;
+    uint8_t rng_seed[32];
+
+    qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
+    for (size_t i = 0; i < sizeof(rng_seed); ++i) {
+        sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
+    }
+}
+
 /* Kernel */
 static uint64_t load_kernel(void)
 {
@@ -1028,6 +1040,8 @@ static uint64_t load_kernel(void)
     long prom_size;
     int prom_index = 0;
     uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
+    uint8_t rng_seed[32];
+    char rng_seed_hex[sizeof(rng_seed) * 2 + 1];
 
 #if TARGET_BIG_ENDIAN
     big_endian = 1;
@@ -1115,9 +1129,20 @@ static uint64_t load_kernel(void)
 
     prom_set(prom_buf, prom_index++, "modetty0");
     prom_set(prom_buf, prom_index++, "38400n8r");
+
+    qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
+    for (size_t i = 0; i < sizeof(rng_seed); ++i) {
+        sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
+    }
+    prom_set(prom_buf, prom_index++, "rngseed");
+    prom_set(prom_buf, prom_index++, "%s", rng_seed_hex);
+
     prom_set(prom_buf, prom_index++, NULL);
 
     rom_add_blob_fixed("prom", prom_buf, prom_size, ENVP_PADDR);
+    qemu_register_reset_nosnapshotload(reinitialize_rng_seed,
+                        memmem(rom_ptr(ENVP_PADDR, prom_size), prom_size,
+                               rng_seed_hex, sizeof(rng_seed_hex)));
 
     g_free(prom_buf);
     return kernel_entry;
-- 
2.38.1

[PATCH v4 10/11] openrisc: re-randomize rng-seed on reboot

[Jason A. Donenfeld]

When the system reboots, the rng-seed that the FDT has should be
re-randomized, so that the new boot gets a new seed. Since the FDT is in
the ROM region at this point, we add a hook right after the ROM has been
added, so that we have a pointer to that copy of the FDT.

Cc: Stafford Horne <shorne@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/openrisc/boot.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/openrisc/boot.c b/hw/openrisc/boot.c
index 128ccbcba2..007e80cd5a 100644
--- a/hw/openrisc/boot.c
+++ b/hw/openrisc/boot.c
@@ -14,6 +14,7 @@
 #include "hw/openrisc/boot.h"
 #include "sysemu/device_tree.h"
 #include "sysemu/qtest.h"
+#include "sysemu/reset.h"
 
 #include <libfdt.h>
 
@@ -111,6 +112,8 @@ uint32_t openrisc_load_fdt(void *fdt, hwaddr load_start,
 
     rom_add_blob_fixed_as("fdt", fdt, fdtsize, fdt_addr,
                           &address_space_memory);
+    qemu_register_reset_nosnapshotload(qemu_fdt_randomize_seeds,
+                        rom_ptr_for_as(&address_space_memory, fdt_addr, fdtsize));
 
     return fdt_addr;
 }
-- 
2.38.1

[PATCH v4 11/11] rx: re-randomize rng-seed on reboot

[Jason A. Donenfeld]

When the system reboots, the rng-seed that the FDT has should be
re-randomized, so that the new boot gets a new seed. Since the FDT is in
the ROM region at this point, we add a hook right after the ROM has been
added, so that we have a pointer to that copy of the FDT.

Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 hw/rx/rx-gdbsim.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/rx/rx-gdbsim.c b/hw/rx/rx-gdbsim.c
index 8ffe1b8035..47c17026c7 100644
--- a/hw/rx/rx-gdbsim.c
+++ b/hw/rx/rx-gdbsim.c
@@ -25,6 +25,7 @@
 #include "hw/rx/rx62n.h"
 #include "sysemu/qtest.h"
 #include "sysemu/device_tree.h"
+#include "sysemu/reset.h"
 #include "hw/boards.h"
 #include "qom/object.h"
 
@@ -148,6 +149,8 @@ static void rx_gdbsim_init(MachineState *machine)
             dtb_offset = ROUND_DOWN(machine->ram_size - dtb_size, 16);
             rom_add_blob_fixed("dtb", dtb, dtb_size,
                                SDRAM_BASE + dtb_offset);
+            qemu_register_reset_nosnapshotload(qemu_fdt_randomize_seeds,
+                                rom_ptr(SDRAM_BASE + dtb_offset, dtb_size));
             /* Set dtb address to R1 */
             RX_CPU(first_cpu)->env.regs[1] = SDRAM_BASE + dtb_offset;
         }
-- 
2.38.1

Re: [PATCH v4 05/11] riscv: re-randomize rng-seed on reboot

[Alistair Francis]

On Tue, Oct 25, 2022 at 10:47 AM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> When the system reboots, the rng-seed that the FDT has should be
> re-randomized, so that the new boot gets a new seed. Since the FDT is in
> the ROM region at this point, we add a hook right after the ROM has been
> added, so that we have a pointer to that copy of the FDT.
>
> Cc: Palmer Dabbelt <palmer@dabbelt.com>
> Cc: Alistair Francis <alistair.francis@wdc.com>
> Cc: Bin Meng <bin.meng@windriver.com>
> Cc: qemu-riscv@nongnu.org
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>

Alistair

> ---
>  hw/riscv/boot.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c
> index e82bf27338..ebd351c840 100644
> --- a/hw/riscv/boot.c
> +++ b/hw/riscv/boot.c
> @@ -30,6 +30,7 @@
>  #include "sysemu/device_tree.h"
>  #include "sysemu/qtest.h"
>  #include "sysemu/kvm.h"
> +#include "sysemu/reset.h"
>
>  #include <libfdt.h>
>
> @@ -241,6 +242,8 @@ uint64_t riscv_load_fdt(hwaddr dram_base, uint64_t mem_size, void *fdt)
>
>      rom_add_blob_fixed_as("fdt", fdt, fdtsize, fdt_addr,
>                            &address_space_memory);
> +    qemu_register_reset_nosnapshotload(qemu_fdt_randomize_seeds,
> +                        rom_ptr_for_as(&address_space_memory, fdt_addr, fdtsize));
>
>      return fdt_addr;
>  }
> --
> 2.38.1
>
>

Re: [PATCH v4 02/11] device-tree: add re-randomization helper function

[Alistair Francis]

On Tue, Oct 25, 2022 at 10:51 AM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> When the system reboots, the rng-seed that the FDT has should be
> re-randomized, so that the new boot gets a new seed. Several
> architectures require this functionality, so export a function for
> injecting a new seed into the given FDT.
>
> Cc: Alistair Francis <alistair.francis@wdc.com>
> Cc: David Gibson <david@gibson.dropbear.id.au>
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>

Alistair

> ---
>  include/sysemu/device_tree.h |  9 +++++++++
>  softmmu/device_tree.c        | 21 +++++++++++++++++++++
>  2 files changed, 30 insertions(+)
>
> diff --git a/include/sysemu/device_tree.h b/include/sysemu/device_tree.h
> index e7c5441f56..ca5339beae 100644
> --- a/include/sysemu/device_tree.h
> +++ b/include/sysemu/device_tree.h
> @@ -197,6 +197,15 @@ int qemu_fdt_setprop_sized_cells_from_array(void *fdt,
>                                                  qdt_tmp);                 \
>      })
>
> +
> +/**
> + * qemu_fdt_randomize_seeds:
> + * @fdt: device tree blob
> + *
> + * Re-randomize all "rng-seed" properties with new seeds.
> + */
> +void qemu_fdt_randomize_seeds(void *fdt);
> +
>  #define FDT_PCI_RANGE_RELOCATABLE          0x80000000
>  #define FDT_PCI_RANGE_PREFETCHABLE         0x40000000
>  #define FDT_PCI_RANGE_ALIASED              0x20000000
> diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c
> index ce74f3d48d..30aa3aea9f 100644
> --- a/softmmu/device_tree.c
> +++ b/softmmu/device_tree.c
> @@ -22,6 +22,7 @@
>  #include "qemu/option.h"
>  #include "qemu/bswap.h"
>  #include "qemu/cutils.h"
> +#include "qemu/guest-random.h"
>  #include "sysemu/device_tree.h"
>  #include "hw/loader.h"
>  #include "hw/boards.h"
> @@ -680,3 +681,23 @@ void hmp_dumpdtb(Monitor *mon, const QDict *qdict)
>
>      info_report("dtb dumped to %s", filename);
>  }
> +
> +void qemu_fdt_randomize_seeds(void *fdt)
> +{
> +    int noffset, poffset, len;
> +    const char *name;
> +    uint8_t *data;
> +
> +    for (noffset = fdt_next_node(fdt, 0, NULL);
> +         noffset >= 0;
> +         noffset = fdt_next_node(fdt, noffset, NULL)) {
> +        for (poffset = fdt_first_property_offset(fdt, noffset);
> +             poffset >= 0;
> +             poffset = fdt_next_property_offset(fdt, poffset)) {
> +            data = (uint8_t *)fdt_getprop_by_offset(fdt, poffset, &name, &len);
> +            if (!data || strcmp(name, "rng-seed"))
> +                continue;
> +            qemu_guest_getrandom_nofail(data, len);
> +        }
> +    }
> +}
> --
> 2.38.1
>
>

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Markus Armbruster]

"Jason A. Donenfeld" <Jason@zx2c4.com> writes:

> Snapshot loading only expects to call deterministic handlers, not
> non-deterministic ones. So introduce a way of registering handlers that
> won't be called when reseting for snapshots.
>
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

[...]

> diff --git a/qapi/run-state.json b/qapi/run-state.json
> index 49989d30e6..e44c0de914 100644
> --- a/qapi/run-state.json
> +++ b/qapi/run-state.json
> @@ -86,12 +86,15 @@
>  #                   ignores --no-reboot. This is useful for sanitizing
>  #                   hypercalls on s390 that are used during kexec/kdump/boot
>  #
> +# @snapshot-load: A snapshot is being loaded by the record & replay
> +#                 subsystem; internal value (since 7.2)
> +#

If "internal value" was an established way to mark parts that aren't
visible externally, this would do.  Since it isn't, it's too terse.
Suggest something like "This value is used only within QEMU.  It doesn't
occur in QMP."

>  ##
>  { 'enum': 'ShutdownCause',
>    # Beware, shutdown_caused_by_guest() depends on enumeration order
>    'data': [ 'none', 'host-error', 'host-qmp-quit', 'host-qmp-system-reset',
>              'host-signal', 'host-ui', 'guest-shutdown', 'guest-reset',
> -            'guest-panic', 'subsystem-reset'] }
> +            'guest-panic', 'subsystem-reset', 'snapshot-load'] }
>  
>  ##
>  # @StatusInfo:

[...]

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

Hi Markus,

On Tue, Oct 25, 2022 at 08:11:51AM +0200, Markus Armbruster wrote:
> > diff --git a/qapi/run-state.json b/qapi/run-state.json
> > index 49989d30e6..e44c0de914 100644
> > --- a/qapi/run-state.json
> > +++ b/qapi/run-state.json
> > @@ -86,12 +86,15 @@
> >  #                   ignores --no-reboot. This is useful for sanitizing
> >  #                   hypercalls on s390 that are used during kexec/kdump/boot
> >  #
> > +# @snapshot-load: A snapshot is being loaded by the record & replay
> > +#                 subsystem; internal value (since 7.2)
> > +#
> 
> If "internal value" was an established way to mark parts that aren't
> visible externally, this would do.  Since it isn't, it's too terse.
> Suggest something like "This value is used only within QEMU.  It doesn't
> occur in QMP."

Thanks for the precise text. I can do that for a v5, or, Peter - do you
want to just fold that in upon committing these patches?

Jason

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Peter Maydell]

On Tue, 25 Oct 2022 at 13:09, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> Hi Markus,
>
> On Tue, Oct 25, 2022 at 08:11:51AM +0200, Markus Armbruster wrote:
> > > diff --git a/qapi/run-state.json b/qapi/run-state.json
> > > index 49989d30e6..e44c0de914 100644
> > > --- a/qapi/run-state.json
> > > +++ b/qapi/run-state.json
> > > @@ -86,12 +86,15 @@
> > >  #                   ignores --no-reboot. This is useful for sanitizing
> > >  #                   hypercalls on s390 that are used during kexec/kdump/boot
> > >  #
> > > +# @snapshot-load: A snapshot is being loaded by the record & replay
> > > +#                 subsystem; internal value (since 7.2)
> > > +#
> >
> > If "internal value" was an established way to mark parts that aren't
> > visible externally, this would do.  Since it isn't, it's too terse.
> > Suggest something like "This value is used only within QEMU.  It doesn't
> > occur in QMP."
>
> Thanks for the precise text. I can do that for a v5, or, Peter - do you
> want to just fold that in upon committing these patches?

If there's no other issues with the series I'll just fold that change in.

-- PMM

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

On Tue, Oct 25, 2022 at 2:26 PM Peter Maydell <peter.maydell@linaro.org> wrote:
>
> On Tue, 25 Oct 2022 at 13:09, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >
> > Hi Markus,
> >
> > On Tue, Oct 25, 2022 at 08:11:51AM +0200, Markus Armbruster wrote:
> > > > diff --git a/qapi/run-state.json b/qapi/run-state.json
> > > > index 49989d30e6..e44c0de914 100644
> > > > --- a/qapi/run-state.json
> > > > +++ b/qapi/run-state.json
> > > > @@ -86,12 +86,15 @@
> > > >  #                   ignores --no-reboot. This is useful for sanitizing
> > > >  #                   hypercalls on s390 that are used during kexec/kdump/boot
> > > >  #
> > > > +# @snapshot-load: A snapshot is being loaded by the record & replay
> > > > +#                 subsystem; internal value (since 7.2)
> > > > +#
> > >
> > > If "internal value" was an established way to mark parts that aren't
> > > visible externally, this would do.  Since it isn't, it's too terse.
> > > Suggest something like "This value is used only within QEMU.  It doesn't
> > > occur in QMP."
> >
> > Thanks for the precise text. I can do that for a v5, or, Peter - do you
> > want to just fold that in upon committing these patches?
>
> If there's no other issues with the series I'll just fold that change in.

Great, okay. Last time when we found this original snapshot reset
issue, it surfaced because you put this somewhere that the CI ran on.
It might not be a bad idea to give this another whirl in the same CI
there.

Jason

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Peter Maydell]

On Tue, 25 Oct 2022 at 13:33, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> On Tue, Oct 25, 2022 at 2:26 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> >
> > On Tue, 25 Oct 2022 at 13:09, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > >
> > > Hi Markus,
> > >
> > > On Tue, Oct 25, 2022 at 08:11:51AM +0200, Markus Armbruster wrote:
> > > > > diff --git a/qapi/run-state.json b/qapi/run-state.json
> > > > > index 49989d30e6..e44c0de914 100644
> > > > > --- a/qapi/run-state.json
> > > > > +++ b/qapi/run-state.json
> > > > > @@ -86,12 +86,15 @@
> > > > >  #                   ignores --no-reboot. This is useful for sanitizing
> > > > >  #                   hypercalls on s390 that are used during kexec/kdump/boot
> > > > >  #
> > > > > +# @snapshot-load: A snapshot is being loaded by the record & replay
> > > > > +#                 subsystem; internal value (since 7.2)
> > > > > +#
> > > >
> > > > If "internal value" was an established way to mark parts that aren't
> > > > visible externally, this would do.  Since it isn't, it's too terse.
> > > > Suggest something like "This value is used only within QEMU.  It doesn't
> > > > occur in QMP."
> > >
> > > Thanks for the precise text. I can do that for a v5, or, Peter - do you
> > > want to just fold that in upon committing these patches?
> >
> > If there's no other issues with the series I'll just fold that change in.
>
> Great, okay. Last time when we found this original snapshot reset
> issue, it surfaced because you put this somewhere that the CI ran on.

No, I was just running "make check-avocado" locally.

thanks
-- PMM

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

On Tue, Oct 25, 2022 at 2:34 PM Peter Maydell <peter.maydell@linaro.org> wrote:
>
> On Tue, 25 Oct 2022 at 13:33, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >
> > On Tue, Oct 25, 2022 at 2:26 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> > >
> > > On Tue, 25 Oct 2022 at 13:09, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > > >
> > > > Hi Markus,
> > > >
> > > > On Tue, Oct 25, 2022 at 08:11:51AM +0200, Markus Armbruster wrote:
> > > > > > diff --git a/qapi/run-state.json b/qapi/run-state.json
> > > > > > index 49989d30e6..e44c0de914 100644
> > > > > > --- a/qapi/run-state.json
> > > > > > +++ b/qapi/run-state.json
> > > > > > @@ -86,12 +86,15 @@
> > > > > >  #                   ignores --no-reboot. This is useful for sanitizing
> > > > > >  #                   hypercalls on s390 that are used during kexec/kdump/boot
> > > > > >  #
> > > > > > +# @snapshot-load: A snapshot is being loaded by the record & replay
> > > > > > +#                 subsystem; internal value (since 7.2)
> > > > > > +#
> > > > >
> > > > > If "internal value" was an established way to mark parts that aren't
> > > > > visible externally, this would do.  Since it isn't, it's too terse.
> > > > > Suggest something like "This value is used only within QEMU.  It doesn't
> > > > > occur in QMP."
> > > >
> > > > Thanks for the precise text. I can do that for a v5, or, Peter - do you
> > > > want to just fold that in upon committing these patches?
> > >
> > > If there's no other issues with the series I'll just fold that change in.
> >
> > Great, okay. Last time when we found this original snapshot reset
> > issue, it surfaced because you put this somewhere that the CI ran on.
>
> No, I was just running "make check-avocado" locally.

Oh, okay. I'll try out a full `make check` locally then just to be sure.

Jason

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

[-- Attachment #1: Type: text/plain, Size: 2362 bytes --]

On Tue, Oct 25, 2022 at 2:42 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> On Tue, Oct 25, 2022 at 2:34 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> >
> > On Tue, 25 Oct 2022 at 13:33, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > >
> > > On Tue, Oct 25, 2022 at 2:26 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> > > >
> > > > On Tue, 25 Oct 2022 at 13:09, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > > > >
> > > > > Hi Markus,
> > > > >
> > > > > On Tue, Oct 25, 2022 at 08:11:51AM +0200, Markus Armbruster wrote:
> > > > > > > diff --git a/qapi/run-state.json b/qapi/run-state.json
> > > > > > > index 49989d30e6..e44c0de914 100644
> > > > > > > --- a/qapi/run-state.json
> > > > > > > +++ b/qapi/run-state.json
> > > > > > > @@ -86,12 +86,15 @@
> > > > > > >  #                   ignores --no-reboot. This is useful for sanitizing
> > > > > > >  #                   hypercalls on s390 that are used during kexec/kdump/boot
> > > > > > >  #
> > > > > > > +# @snapshot-load: A snapshot is being loaded by the record & replay
> > > > > > > +#                 subsystem; internal value (since 7.2)
> > > > > > > +#
> > > > > >
> > > > > > If "internal value" was an established way to mark parts that aren't
> > > > > > visible externally, this would do.  Since it isn't, it's too terse.
> > > > > > Suggest something like "This value is used only within QEMU.  It doesn't
> > > > > > occur in QMP."
> > > > >
> > > > > Thanks for the precise text. I can do that for a v5, or, Peter - do you
> > > > > want to just fold that in upon committing these patches?
> > > >
> > > > If there's no other issues with the series I'll just fold that change in.
> > >
> > > Great, okay. Last time when we found this original snapshot reset
> > > issue, it surfaced because you put this somewhere that the CI ran on.
> >
> > No, I was just running "make check-avocado" locally.
>
> Oh, okay. I'll try out a full `make check` locally then just to be sure.

Ok:                 559
Expected Fail:      0
Fail:               0
Unexpected Pass:    0
Skipped:            66
Timeout:            0

Full log written to /home/zx2c4/qemu/build/meson-logs/testlog.txt
make[1]: Leaving directory '/home/zx2c4/qemu/build'

Not sure what the 66 skipped ones are all about, but at least I saw it
doing the migration test, so that's good. Full log attached.

Jason

[-- Attachment #2: testlog.txt.zst --]
[-- Type: application/zstd, Size: 899202 bytes --]

Re: [PATCH v4 02/11] device-tree: add re-randomization helper function

[Philippe Mathieu-Daudé]

On 25/10/22 02:43, Jason A. Donenfeld wrote:
> When the system reboots, the rng-seed that the FDT has should be
> re-randomized, so that the new boot gets a new seed. Several
> architectures require this functionality, so export a function for
> injecting a new seed into the given FDT.
> 
> Cc: Alistair Francis <alistair.francis@wdc.com>
> Cc: David Gibson <david@gibson.dropbear.id.au>
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
> ---
>   include/sysemu/device_tree.h |  9 +++++++++
>   softmmu/device_tree.c        | 21 +++++++++++++++++++++
>   2 files changed, 30 insertions(+)

> +void qemu_fdt_randomize_seeds(void *fdt)
> +{
> +    int noffset, poffset, len;
> +    const char *name;
> +    uint8_t *data;
> +
> +    for (noffset = fdt_next_node(fdt, 0, NULL);
> +         noffset >= 0;
> +         noffset = fdt_next_node(fdt, noffset, NULL)) {
> +        for (poffset = fdt_first_property_offset(fdt, noffset);
> +             poffset >= 0;
> +             poffset = fdt_next_property_offset(fdt, poffset)) {
> +            data = (uint8_t *)fdt_getprop_by_offset(fdt, poffset, &name, &len);

Is this non-const cast is safe?

> +            if (!data || strcmp(name, "rng-seed"))
> +                continue;
> +            qemu_guest_getrandom_nofail(data, len);

Shouldn't we read to the stack and fill with fdt_setprop_inplace()?

> +        }
> +    }
> +}

Re: [PATCH v4 02/11] device-tree: add re-randomization helper function

[Jason A. Donenfeld]

On Tue, Oct 25, 2022 at 3:30 PM Philippe Mathieu-Daudé
<philmd@linaro.org> wrote:
>
> On 25/10/22 02:43, Jason A. Donenfeld wrote:
> > When the system reboots, the rng-seed that the FDT has should be
> > re-randomized, so that the new boot gets a new seed. Several
> > architectures require this functionality, so export a function for
> > injecting a new seed into the given FDT.
> >
> > Cc: Alistair Francis <alistair.francis@wdc.com>
> > Cc: David Gibson <david@gibson.dropbear.id.au>
> > Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
> > ---
> >   include/sysemu/device_tree.h |  9 +++++++++
> >   softmmu/device_tree.c        | 21 +++++++++++++++++++++
> >   2 files changed, 30 insertions(+)
>
> > +void qemu_fdt_randomize_seeds(void *fdt)
> > +{
> > +    int noffset, poffset, len;
> > +    const char *name;
> > +    uint8_t *data;
> > +
> > +    for (noffset = fdt_next_node(fdt, 0, NULL);
> > +         noffset >= 0;
> > +         noffset = fdt_next_node(fdt, noffset, NULL)) {
> > +        for (poffset = fdt_first_property_offset(fdt, noffset);
> > +             poffset >= 0;
> > +             poffset = fdt_next_property_offset(fdt, poffset)) {
> > +            data = (uint8_t *)fdt_getprop_by_offset(fdt, poffset, &name, &len);
>
> Is this non-const cast is safe?

This is how the libfdt/fdt_rw.c helpers of libfdt do it, so I think so.

Jason

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Peter Maydell]

On Tue, 25 Oct 2022 at 13:50, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> On Tue, Oct 25, 2022 at 2:42 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >
> > On Tue, Oct 25, 2022 at 2:34 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> > > No, I was just running "make check-avocado" locally.
> >
> > Oh, okay. I'll try out a full `make check` locally then just to be sure.

"make check" doesn't run the "make check-avocado" tests (because
they take a lot longer than most developers want for a simple
smoke test, and do things like downloading guest images for tests.)

thanks
-- PMM

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

On Tue, Oct 25, 2022 at 02:54:01PM +0100, Peter Maydell wrote:
> On Tue, 25 Oct 2022 at 13:50, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >
> > On Tue, Oct 25, 2022 at 2:42 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > >
> > > On Tue, Oct 25, 2022 at 2:34 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> > > > No, I was just running "make check-avocado" locally.
> > >
> > > Oh, okay. I'll try out a full `make check` locally then just to be sure.
> 
> "make check" doesn't run the "make check-avocado" tests (because
> they take a lot longer than most developers want for a simple
> smoke test, and do things like downloading guest images for tests.)

Ah, okay, running.

Jason

Re: [PATCH v4 01/11] reset: allow registering handlers that aren't called by snapshot loading

[Jason A. Donenfeld]

[-- Attachment #1: Type: text/plain, Size: 1051 bytes --]

On Tue, Oct 25, 2022 at 03:58:06PM +0200, Jason A. Donenfeld wrote:
> On Tue, Oct 25, 2022 at 02:54:01PM +0100, Peter Maydell wrote:
> > On Tue, 25 Oct 2022 at 13:50, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > >
> > > On Tue, Oct 25, 2022 at 2:42 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> > > >
> > > > On Tue, Oct 25, 2022 at 2:34 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> > > > > No, I was just running "make check-avocado" locally.
> > > >
> > > > Oh, okay. I'll try out a full `make check` locally then just to be sure.
> > 
> > "make check" doesn't run the "make check-avocado" tests (because
> > they take a lot longer than most developers want for a simple
> > smoke test, and do things like downloading guest images for tests.)
> 
> Ah, okay, running.

Okay, I did it and got:

    "cancel": 4,
    "errors": 1,
    "failures": 0,
    "interrupt": 7,
    "pass": 10,
    "skip": 170,

Not sure what that one error is about -- it doesn't seem related though.
results.json attached here if you want to have a look.

Jason

[-- Attachment #2: results.json.zst --]
[-- Type: application/zstd, Size: 3773 bytes --]

Re: [PATCH v4 00/11] rerandomize RNG seeds on reboot and handle record&replay

[Peter Maydell]

On Tue, 25 Oct 2022 at 01:43, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> When the system reboots, the rng seed that QEMU passes should be
> re-randomized, so that the new boot gets a new seed. This series wires
> that up for FDT.
>
> Then, since the record&replay subsystem makes use of reset as well, we
> add a new reset cause for record&replay, so that we can avoid
> re-randomizing in these cases.
>
> Version 4 prevents the new reset type from leaking over QAPI, documents
> this alongside which version it was introduced, and adds mips and m68k
> machine types to the queue.
>
> Jason A. Donenfeld (11):
>   reset: allow registering handlers that aren't called by snapshot
>     loading
>   device-tree: add re-randomization helper function
>   x86: do not re-randomize RNG seed on snapshot load
>   arm: re-randomize rng-seed on reboot
>   riscv: re-randomize rng-seed on reboot
>   m68k/virt: do not re-randomize RNG seed on snapshot load
>   m68k/q800: do not re-randomize RNG seed on snapshot load
>   mips/boston: re-randomize rng-seed on reboot
>   mips/malta: pass RNG seed via env var and re-randomize on reboot
>   openrisc: re-randomize rng-seed on reboot
>   rx: re-randomize rng-seed on reboot

Hi; I've taken all of these except the mips/malta patch into
target-arm.next. I have some comments on that one but I
don't see any reason to hold up the rest of these while we
sort those out.

thanks
-- PMM

Re: [PATCH v4 09/11] mips/malta: pass RNG seed via env var and re-randomize on reboot

[Peter Maydell]

On Tue, 25 Oct 2022 at 01:44, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> As of the kernel commit linked below, Linux ingests an RNG seed
> passed as part of the environment block by the bootloader or firmware.
> This mechanism works across all different environment block types,
> generically, which pass some block via the second firmware argument. On
> malta, this has been tested to work when passed as an argument from
> U-Boot's linux_env_set.
>
> As is the case on most other architectures (such as boston), when
> booting with `-kernel`, QEMU, acting as the bootloader, should pass the
> RNG seed, so that the machine has good entropy for Linux to consume. So
> this commit implements that quite simply by using the guest random API,
> which is what is used on nearly all other archs too. It also
> reinitializes the seed on reboot, so that it is always fresh.
>
> Link: https://git.kernel.org/torvalds/c/056a68cea01
> Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
> Cc: Paul Burton <paulburton@kernel.org>
> Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
> ---
>  hw/mips/malta.c | 25 +++++++++++++++++++++++++
>  1 file changed, 25 insertions(+)
>
> diff --git a/hw/mips/malta.c b/hw/mips/malta.c
> index 0e932988e0..d337de920c 100644
> --- a/hw/mips/malta.c
> +++ b/hw/mips/malta.c
> @@ -26,6 +26,7 @@
>  #include "qemu/units.h"
>  #include "qemu/bitops.h"
>  #include "qemu/datadir.h"
> +#include "qemu/guest-random.h"
>  #include "hw/clock.h"
>  #include "hw/southbridge/piix.h"
>  #include "hw/isa/superio.h"
> @@ -1017,6 +1018,17 @@ static void G_GNUC_PRINTF(3, 4) prom_set(uint32_t *prom_buf, int index,
>      va_end(ap);
>  }
>
> +static void reinitialize_rng_seed(void *opaque)
> +{
> +    char *rng_seed_hex = opaque;
> +    uint8_t rng_seed[32];
> +
> +    qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
> +    for (size_t i = 0; i < sizeof(rng_seed); ++i) {
> +        sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
> +    }
> +}
> +
>  /* Kernel */
>  static uint64_t load_kernel(void)
>  {
> @@ -1028,6 +1040,8 @@ static uint64_t load_kernel(void)
>      long prom_size;
>      int prom_index = 0;
>      uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
> +    uint8_t rng_seed[32];
> +    char rng_seed_hex[sizeof(rng_seed) * 2 + 1];
>
>  #if TARGET_BIG_ENDIAN
>      big_endian = 1;
> @@ -1115,9 +1129,20 @@ static uint64_t load_kernel(void)
>
>      prom_set(prom_buf, prom_index++, "modetty0");
>      prom_set(prom_buf, prom_index++, "38400n8r");
> +
> +    qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
> +    for (size_t i = 0; i < sizeof(rng_seed); ++i) {
> +        sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
> +    }
> +    prom_set(prom_buf, prom_index++, "rngseed");
> +    prom_set(prom_buf, prom_index++, "%s", rng_seed_hex);
> +
>      prom_set(prom_buf, prom_index++, NULL);
>
>      rom_add_blob_fixed("prom", prom_buf, prom_size, ENVP_PADDR);
> +    qemu_register_reset_nosnapshotload(reinitialize_rng_seed,
> +                        memmem(rom_ptr(ENVP_PADDR, prom_size), prom_size,
> +                               rng_seed_hex, sizeof(rng_seed_hex)));


So I didn't take this one patch, partly because I don't think
all our supported build platforms have memmem(), and partly
because when I then looked a bit closer at it it looks like
we're searching through the whole blob for the RNG
seed. We know where it is to start with, so I think it would
be cleaner to have prom_set return table_addr (ie the offset
into the blob of what it just wrote) so we can use it here.
(You could also reverse-engineer it from prom_buf[prom_index - 1]
but returning the offset seems a bit less awkward.)

thanks
-- PMM

Re: [PATCH v4 00/11] rerandomize RNG seeds on reboot and handle record&replay

[Jason A. Donenfeld]

On Tue, Oct 25, 2022 at 05:39:27PM +0100, Peter Maydell wrote:
> On Tue, 25 Oct 2022 at 01:43, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >
> > When the system reboots, the rng seed that QEMU passes should be
> > re-randomized, so that the new boot gets a new seed. This series wires
> > that up for FDT.
> >
> > Then, since the record&replay subsystem makes use of reset as well, we
> > add a new reset cause for record&replay, so that we can avoid
> > re-randomizing in these cases.
> >
> > Version 4 prevents the new reset type from leaking over QAPI, documents
> > this alongside which version it was introduced, and adds mips and m68k
> > machine types to the queue.
> >
> > Jason A. Donenfeld (11):
> >   reset: allow registering handlers that aren't called by snapshot
> >     loading
> >   device-tree: add re-randomization helper function
> >   x86: do not re-randomize RNG seed on snapshot load
> >   arm: re-randomize rng-seed on reboot
> >   riscv: re-randomize rng-seed on reboot
> >   m68k/virt: do not re-randomize RNG seed on snapshot load
> >   m68k/q800: do not re-randomize RNG seed on snapshot load
> >   mips/boston: re-randomize rng-seed on reboot
> >   mips/malta: pass RNG seed via env var and re-randomize on reboot
> >   openrisc: re-randomize rng-seed on reboot
> >   rx: re-randomize rng-seed on reboot
> 
> Hi; I've taken all of these except the mips/malta patch into
> target-arm.next. I have some comments on that one but I
> don't see any reason to hold up the rest of these while we
> sort those out.

Too bad. Philippe does not respond to my emails, so no discussion has
been possible. If you or someone more responsive would like to take over
in that discussion, that'd be great. Let's talk.

Jason

Re: [PATCH v4 09/11] mips/malta: pass RNG seed via env var and re-randomize on reboot

[Jason A. Donenfeld]

Hi Peter,

On Tue, Oct 25, 2022 at 6:47 PM Peter Maydell <peter.maydell@linaro.org> wrote:
> So I didn't take this one patch, partly because I don't think

No problem - I'm actually quite happy to finally have this one
reviewed. I'll send you a follow up.

> all our supported build platforms have memmem(), and partly
> because when I then looked a bit closer at it it looks like
> we're searching through the whole blob for the RNG
> seed. We know where it is to start with, so I think it would
> be cleaner to have prom_set return table_addr (ie the offset
> into the blob of what it just wrote) so we can use it here.
> (You could also reverse-engineer it from prom_buf[prom_index - 1]
> but returning the offset seems a bit less awkward.)

You're right that the memmem is a bit lazy. I'll sort out a more
direct way of doing it like I do for the other platforms.

Jason

[PATCH v5] mips/malta: pass RNG seed via env var and re-randomize on reboot

[Jason A. Donenfeld]

As of the kernel commit linked below, Linux ingests an RNG seed
passed as part of the environment block by the bootloader or firmware.
This mechanism works across all different environment block types,
generically, which pass some block via the second firmware argument. On
malta, this has been tested to work when passed as an argument from
U-Boot's linux_env_set.

As is the case on most other architectures (such as boston), when
booting with `-kernel`, QEMU, acting as the bootloader, should pass the
RNG seed, so that the machine has good entropy for Linux to consume. So
this commit implements that quite simply by using the guest random API,
which is what is used on nearly all other archs too. It also
reinitializes the seed on reboot, so that it is always fresh.

Link: https://git.kernel.org/torvalds/c/056a68cea01
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
Cc: Paul Burton <paulburton@kernel.org>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
Changes v4->v5:
- Calculate offset rather than using memmem for updating on reboot.

 hw/mips/malta.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/hw/mips/malta.c b/hw/mips/malta.c
index 0e932988e0..7c3ad0974b 100644
--- a/hw/mips/malta.c
+++ b/hw/mips/malta.c
@@ -26,6 +26,7 @@
 #include "qemu/units.h"
 #include "qemu/bitops.h"
 #include "qemu/datadir.h"
+#include "qemu/guest-random.h"
 #include "hw/clock.h"
 #include "hw/southbridge/piix.h"
 #include "hw/isa/superio.h"
@@ -1017,6 +1018,17 @@ static void G_GNUC_PRINTF(3, 4) prom_set(uint32_t *prom_buf, int index,
     va_end(ap);
 }
 
+static void reinitialize_rng_seed(void *opaque)
+{
+    char *rng_seed_hex = opaque;
+    uint8_t rng_seed[32];
+
+    qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
+    for (size_t i = 0; i < sizeof(rng_seed); ++i) {
+        sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
+    }
+}
+
 /* Kernel */
 static uint64_t load_kernel(void)
 {
@@ -1028,6 +1040,9 @@ static uint64_t load_kernel(void)
     long prom_size;
     int prom_index = 0;
     uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
+    uint8_t rng_seed[32];
+    char rng_seed_hex[sizeof(rng_seed) * 2 + 1];
+    size_t rng_seed_prom_offset;
 
 #if TARGET_BIG_ENDIAN
     big_endian = 1;
@@ -1115,9 +1130,21 @@ static uint64_t load_kernel(void)
 
     prom_set(prom_buf, prom_index++, "modetty0");
     prom_set(prom_buf, prom_index++, "38400n8r");
+
+    qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
+    for (size_t i = 0; i < sizeof(rng_seed); ++i) {
+        sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
+    }
+    prom_set(prom_buf, prom_index++, "rngseed");
+    rng_seed_prom_offset = prom_index * ENVP_ENTRY_SIZE +
+                           sizeof(uint32_t) * ENVP_NB_ENTRIES;
+    prom_set(prom_buf, prom_index++, "%s", rng_seed_hex);
+
     prom_set(prom_buf, prom_index++, NULL);
 
     rom_add_blob_fixed("prom", prom_buf, prom_size, ENVP_PADDR);
+    qemu_register_reset_nosnapshotload(reinitialize_rng_seed,
+            rom_ptr(ENVP_PADDR, prom_size) + rng_seed_prom_offset);
 
     g_free(prom_buf);
     return kernel_entry;
-- 
2.38.1