diff mbox series

[XEN,v3] libxl/arm: provide guests with random seed

Message ID 20210706063345.91169-1-Sergiy_Kibrik@epam.com (mailing list archive)
State New, archived
Headers show
Series [XEN,v3] libxl/arm: provide guests with random seed | expand

Commit Message

Sergiy Kibrik July 6, 2021, 6:33 a.m. UTC 
Pass 128 bytes of random seed via FDT, so that guests' CRNGs are better seeded
early at boot. This is larger than ChaCha20 key size of 32, so each byte of
CRNG state will be mixed 4 times using this seed. There does not seem to be
advantage in larger seed though.

Depending on its configuration Linux can use the seed as device randomness
or to just quickly initialize CRNG.
In either case this will provide extra randomness to further harden CRNG.

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Reviewed-by: Julien Grall <julien@xen.org>

---
	Changes in V3:
		- Rebased on current master

---
 tools/libs/light/libxl_arm.c | 8 ++++++++
 1 file changed, 8 insertions(+)

Comments

Michal Orzel July 6, 2021, 8:35 a.m. UTC | #1 
On 06.07.2021 08:33, Sergiy Kibrik wrote:
> Pass 128 bytes of random seed via FDT, so that guests' CRNGs are better seeded
> early at boot. This is larger than ChaCha20 key size of 32, so each byte of
> CRNG state will be mixed 4 times using this seed. There does not seem to be
> advantage in larger seed though.
> 
> Depending on its configuration Linux can use the seed as device randomness
> or to just quickly initialize CRNG.
> In either case this will provide extra randomness to further harden CRNG.
> 
> Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
> Reviewed-by: Julien Grall <julien@xen.org>
Reviewed-by: Michal Orzel <michal.orzel@arm.com>
> 
> ---
> 	Changes in V3:
> 		- Rebased on current master
> 
> ---
Julien Grall July 6, 2021, 8:49 a.m. UTC | #2 
Hi,

On 06/07/2021 07:33, Sergiy Kibrik wrote:
> Pass 128 bytes of random seed via FDT, so that guests' CRNGs are better seeded
> early at boot. This is larger than ChaCha20 key size of 32, so each byte of
> CRNG state will be mixed 4 times using this seed. There does not seem to be
> advantage in larger seed though.
> 
> Depending on its configuration Linux can use the seed as device randomness
> or to just quickly initialize CRNG.
> In either case this will provide extra randomness to further harden CRNG.
> 
> Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
> Reviewed-by: Julien Grall <julien@xen.org>
> 
> ---
> 	Changes in V3:
> 		- Rebased on current master

Thank you for rebasing the patch. I have now committed it.

Cheers,
diff mbox series

Patch

diff --git a/tools/libs/light/libxl_arm.c b/tools/libs/light/libxl_arm.c
index e2901f13b7..e3140a6e00 100644
--- a/tools/libs/light/libxl_arm.c
+++ b/tools/libs/light/libxl_arm.c
@@ -305,6 +305,9 @@  static int make_chosen_node(libxl__gc *gc, void *fdt, bool ramdisk,
 {
     int res;
 
+    /* 1024 bit enough to mix Linux CRNG state several times */
+    uint8_t seed[128];
+
     /* See linux Documentation/devicetree/... */
     res = fdt_begin_node(fdt, "chosen");
     if (res) return res;
@@ -343,6 +346,11 @@  static int make_chosen_node(libxl__gc *gc, void *fdt, bool ramdisk,
         if (res) return res;
     }
 
+    res = libxl__random_bytes(gc, seed, sizeof(seed));
+    if (res) return res;
+    res = fdt_property(fdt, "rng-seed", seed, sizeof(seed));
+    if (res) return res;
+
     res = fdt_end_node(fdt);
     if (res) return res;