mbox series

[v2,0/8] rerandomize RNG seeds on reboot and handle record&replay

Message ID 20221011204645.1160916-1-Jason@zx2c4.com (mailing list archive)
Headers show
Series rerandomize RNG seeds on reboot and handle record&replay | expand

Message

Jason A. Donenfeld Oct. 11, 2022, 8:46 p.m. UTC
When the system reboots, the rng seed that QEMU passes should be
re-randomized, so that the new boot gets a new seed. This series wires
that up for FDT.

Then, since the record&replay subsystem makes use of reset as well, we
add a new reset cause for record&replay, so that we can avoid
re-randomizing in these cases.

Jason A. Donenfeld (8):
  device-tree: add re-randomization helper function
  arm: re-randomize rng-seed on reboot
  riscv: re-randomize rng-seed on reboot
  openrisc: re-randomize rng-seed on reboot
  rx: re-randomize rng-seed on reboot
  mips: re-randomize rng-seed on reboot
  reset: allow registering handlers that aren't called by snapshot
    loading
  reset: do not re-randomize RNG seed on snapshot load

 hw/arm/aspeed.c              |  4 ++--
 hw/arm/boot.c                |  2 ++
 hw/arm/mps2-tz.c             |  4 ++--
 hw/core/reset.c              | 15 ++++++++++++++-
 hw/hppa/machine.c            |  4 ++--
 hw/i386/microvm.c            |  4 ++--
 hw/i386/pc.c                 |  6 +++---
 hw/i386/x86.c                |  2 +-
 hw/mips/boston.c             |  3 +++
 hw/openrisc/boot.c           |  3 +++
 hw/ppc/pegasos2.c            |  4 ++--
 hw/ppc/pnv.c                 |  4 ++--
 hw/ppc/spapr.c               |  4 ++--
 hw/riscv/boot.c              |  3 +++
 hw/rx/rx-gdbsim.c            |  3 +++
 hw/s390x/s390-virtio-ccw.c   |  4 ++--
 include/hw/boards.h          |  2 +-
 include/sysemu/device_tree.h |  9 +++++++++
 include/sysemu/reset.h       |  5 ++++-
 migration/savevm.c           |  2 +-
 qapi/run-state.json          |  4 +++-
 softmmu/device_tree.c        | 21 +++++++++++++++++++++
 softmmu/runstate.c           |  4 ++--
 23 files changed, 89 insertions(+), 27 deletions(-)

Comments

Richard Henderson Oct. 13, 2022, 6:13 p.m. UTC | #1
On 10/12/22 13:46, Jason A. Donenfeld wrote:
> When the system reboots, the rng seed that QEMU passes should be
> re-randomized, so that the new boot gets a new seed. This series wires
> that up for FDT.
> 
> Then, since the record&replay subsystem makes use of reset as well, we
> add a new reset cause for record&replay, so that we can avoid
> re-randomizing in these cases.
> 
> Jason A. Donenfeld (8):
>    device-tree: add re-randomization helper function
>    arm: re-randomize rng-seed on reboot
>    riscv: re-randomize rng-seed on reboot
>    openrisc: re-randomize rng-seed on reboot
>    rx: re-randomize rng-seed on reboot
>    mips: re-randomize rng-seed on reboot
>    reset: allow registering handlers that aren't called by snapshot
>      loading
>    reset: do not re-randomize RNG seed on snapshot load

You need to invert the patch order so that the series is bisectable.
At the moment you still introduce the reported bug, then fix it in the final patch.


r~
Jason A. Donenfeld Oct. 14, 2022, 1:44 a.m. UTC | #2
On Fri, Oct 14, 2022 at 05:13:58AM +1100, Richard Henderson wrote:
> On 10/12/22 13:46, Jason A. Donenfeld wrote:
> > When the system reboots, the rng seed that QEMU passes should be
> > re-randomized, so that the new boot gets a new seed. This series wires
> > that up for FDT.
> > 
> > Then, since the record&replay subsystem makes use of reset as well, we
> > add a new reset cause for record&replay, so that we can avoid
> > re-randomizing in these cases.
> > 
> > Jason A. Donenfeld (8):
> >    device-tree: add re-randomization helper function
> >    arm: re-randomize rng-seed on reboot
> >    riscv: re-randomize rng-seed on reboot
> >    openrisc: re-randomize rng-seed on reboot
> >    rx: re-randomize rng-seed on reboot
> >    mips: re-randomize rng-seed on reboot
> >    reset: allow registering handlers that aren't called by snapshot
> >      loading
> >    reset: do not re-randomize RNG seed on snapshot load
> 
> You need to invert the patch order so that the series is bisectable.
> At the moment you still introduce the reported bug, then fix it in the final patch.

I was afraid of that. Okay, will do. v+1 coming your way.

Jason