On 21/09/2022 12.07, Jason A. Donenfeld wrote:
In order for hosts running inside of TCG to initialize the kernel's
random number generator, we should support the PRNO_TRNG instruction,
backed in the usual way with the qemu_guest_getrandom helper. This is
confirmed working on Linux 5.19.
Cc: Thomas Huth <[email protected]>
Cc: David Hildenbrand <[email protected]>
Cc: Christian Borntraeger <[email protected]>
Cc: Richard Henderson <[email protected]>
Cc: Cornelia Huck <[email protected]>
Cc: Harald Freudenberger <[email protected]>
Cc: Holger Dengler <[email protected]>
Signed-off-by: Jason A. Donenfeld <[email protected]>
---
target/s390x/gen-features.c | 1 +
target/s390x/tcg/crypto_helper.c | 30 ++++++++++++++++++++++++++++++
2 files changed, 31 insertions(+)
Seems like this is even working fine with older Linux kernels ... your patch
accidentally broke test_s390x_devices in
tests/avocado/machine_s390_ccw_virtio.py: This test adds two virtio-rng devices
to the guest, then ejects them to see whether /dev/hwrng will be gone ... which
does not happen anymore with the prno-trng feature enabled :-)
I'm going to squash this one-liner to fix this issue:
diff a/tests/avocado/machine_s390_ccw_virtio.py
b/tests/avocado/machine_s390_ccw_virtio.py
--- a/tests/avocado/machine_s390_ccw_virtio.py
+++ b/tests/avocado/machine_s390_ccw_virtio.py
@@ -66,6 +66,7 @@ def test_s390x_devices(self):
'-kernel', kernel_path,
'-initrd', initrd_path,
'-append', kernel_command_line,
+ '-cpu', 'max,prno-trng=off',
'-device', 'virtio-net-ccw,devno=fe.1.1111',
'-device',
'virtio-rng-ccw,devno=fe.2.0000,max_revision=0,id=rn1',
Thomas
