[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 14/14] x86: re-initialize RNG seed when selecting kernel
From: |
Paolo Bonzini |
Subject: |
[PULL 14/14] x86: re-initialize RNG seed when selecting kernel |
Date: |
Thu, 29 Sep 2022 18:30:14 +0200 |
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
We don't want it to be possible to re-read the RNG seed after ingesting
it, because this ruins forward secrecy. Currently, however, the setup
data section can just be re-read. Since the kernel is always read after
the setup data, use the selection of the kernel as a trigger to
re-initialize the RNG seed, just like we do on reboot, to preserve
forward secrecy.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Message-Id: <20220922152847.3670513-1-Jason@zx2c4.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hw/i386/x86.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/hw/i386/x86.c b/hw/i386/x86.c
index f9a4ddaa4a..1148f70c03 100644
--- a/hw/i386/x86.c
+++ b/hw/i386/x86.c
@@ -1112,11 +1112,14 @@ void x86_load_linux(X86MachineState *x86ms,
setup_data->len = cpu_to_le32(RNG_SEED_LENGTH);
qemu_guest_getrandom_nofail(setup_data->data, RNG_SEED_LENGTH);
qemu_register_reset(reset_rng_seed, setup_data);
+ fw_cfg_add_bytes_callback(fw_cfg, FW_CFG_KERNEL_DATA, reset_rng_seed,
NULL,
+ setup_data, kernel, kernel_size, true);
+ } else {
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_KERNEL_DATA, kernel, kernel_size);
}
fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, prot_addr);
fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_SIZE, kernel_size);
- fw_cfg_add_bytes(fw_cfg, FW_CFG_KERNEL_DATA, kernel, kernel_size);
sev_load_ctx.kernel_data = (char *)kernel;
sev_load_ctx.kernel_size = kernel_size;
--
2.37.3
- [PULL 05/14] qboot: rebuild based on latest commit, (continued)
- [PULL 05/14] qboot: rebuild based on latest commit, Paolo Bonzini, 2022/09/29
- [PULL 02/14] x86: use typedef for SetupData struct, Paolo Bonzini, 2022/09/29
- [PULL 03/14] x86: reinitialize RNG seed on system reboot, Paolo Bonzini, 2022/09/29
- [PULL 08/14] ui: fix path to dbus-display1.h, Paolo Bonzini, 2022/09/29
- [PULL 04/14] x86: re-enable rng seeding via SetupData, Paolo Bonzini, 2022/09/29
- [PULL 09/14] meson: require 0.61.3, Paolo Bonzini, 2022/09/29
- [PULL 10/14] meson: multiple names can be passed to dependency(), Paolo Bonzini, 2022/09/29
- [PULL 11/14] configure, meson: move C++ compiler detection to meson.build, Paolo Bonzini, 2022/09/29
- [PULL 12/14] configure, meson: move linker flag detection to meson, Paolo Bonzini, 2022/09/29
- [PULL 13/14] target/i386/kvm: fix kvmclock_current_nsec: Assertion `time.tsc_timestamp <= migration_tsc' failed, Paolo Bonzini, 2022/09/29
- [PULL 14/14] x86: re-initialize RNG seed when selecting kernel,
Paolo Bonzini <=
- Re: [PULL 00/14] x86 + misc changes for 2022-09-29, Stefan Hajnoczi, 2022/09/29