kvmvapic: Catch invalid ROM size
[qemu-kvm.git] / backends / rng-egd.c
blob9e5a5366f7f69399f76dbf612905b0c98b963d30
1 /*
2 * QEMU Random Number Generator Backend
4 * Copyright IBM, Corp. 2012
6 * Authors:
7 * Anthony Liguori <aliguori@us.ibm.com>
9 * This work is licensed under the terms of the GNU GPL, version 2 or later.
10 * See the COPYING file in the top-level directory.
13 #include "sysemu/rng.h"
14 #include "sysemu/char.h"
15 #include "qapi/qmp/qerror.h"
16 #include "hw/qdev.h" /* just for DEFINE_PROP_CHR */
18 #define TYPE_RNG_EGD "rng-egd"
19 #define RNG_EGD(obj) OBJECT_CHECK(RngEgd, (obj), TYPE_RNG_EGD)
21 typedef struct RngEgd
23 RngBackend parent;
25 CharDriverState *chr;
26 char *chr_name;
28 GSList *requests;
29 } RngEgd;
31 typedef struct RngRequest
33 EntropyReceiveFunc *receive_entropy;
34 uint8_t *data;
35 void *opaque;
36 size_t offset;
37 size_t size;
38 } RngRequest;
40 static void rng_egd_request_entropy(RngBackend *b, size_t size,
41 EntropyReceiveFunc *receive_entropy,
42 void *opaque)
44 RngEgd *s = RNG_EGD(b);
45 RngRequest *req;
47 req = g_malloc(sizeof(*req));
49 req->offset = 0;
50 req->size = size;
51 req->receive_entropy = receive_entropy;
52 req->opaque = opaque;
53 req->data = g_malloc(req->size);
55 while (size > 0) {
56 uint8_t header[2];
57 uint8_t len = MIN(size, 255);
59 /* synchronous entropy request */
60 header[0] = 0x02;
61 header[1] = len;
63 qemu_chr_fe_write(s->chr, header, sizeof(header));
65 size -= len;
68 s->requests = g_slist_append(s->requests, req);
71 static void rng_egd_free_request(RngRequest *req)
73 g_free(req->data);
74 g_free(req);
77 static int rng_egd_chr_can_read(void *opaque)
79 RngEgd *s = RNG_EGD(opaque);
80 GSList *i;
81 int size = 0;
83 for (i = s->requests; i; i = i->next) {
84 RngRequest *req = i->data;
85 size += req->size - req->offset;
88 return size;
91 static void rng_egd_chr_read(void *opaque, const uint8_t *buf, int size)
93 RngEgd *s = RNG_EGD(opaque);
95 while (size > 0 && s->requests) {
96 RngRequest *req = s->requests->data;
97 int len = MIN(size, req->size - req->offset);
99 memcpy(req->data + req->offset, buf, len);
100 req->offset += len;
101 size -= len;
103 if (req->offset == req->size) {
104 s->requests = g_slist_remove_link(s->requests, s->requests);
106 req->receive_entropy(req->opaque, req->data, req->size);
108 rng_egd_free_request(req);
113 static void rng_egd_free_requests(RngEgd *s)
115 GSList *i;
117 for (i = s->requests; i; i = i->next) {
118 rng_egd_free_request(i->data);
121 g_slist_free(s->requests);
122 s->requests = NULL;
125 static void rng_egd_cancel_requests(RngBackend *b)
127 RngEgd *s = RNG_EGD(b);
129 /* We simply delete the list of pending requests. If there is data in the
130 * queue waiting to be read, this is okay, because there will always be
131 * more data than we requested originally
133 rng_egd_free_requests(s);
136 static void rng_egd_opened(RngBackend *b, Error **errp)
138 RngEgd *s = RNG_EGD(b);
140 if (s->chr_name == NULL) {
141 error_set(errp, QERR_INVALID_PARAMETER_VALUE,
142 "chardev", "a valid character device");
143 return;
146 s->chr = qemu_chr_find(s->chr_name);
147 if (s->chr == NULL) {
148 error_set(errp, QERR_DEVICE_NOT_FOUND, s->chr_name);
149 return;
152 if (qemu_chr_fe_claim(s->chr) != 0) {
153 error_set(errp, QERR_DEVICE_IN_USE, s->chr_name);
154 return;
157 /* FIXME we should resubmit pending requests when the CDS reconnects. */
158 qemu_chr_add_handlers(s->chr, rng_egd_chr_can_read, rng_egd_chr_read,
159 NULL, s);
162 static void rng_egd_set_chardev(Object *obj, const char *value, Error **errp)
164 RngBackend *b = RNG_BACKEND(obj);
165 RngEgd *s = RNG_EGD(b);
167 if (b->opened) {
168 error_set(errp, QERR_PERMISSION_DENIED);
169 } else {
170 g_free(s->chr_name);
171 s->chr_name = g_strdup(value);
175 static char *rng_egd_get_chardev(Object *obj, Error **errp)
177 RngEgd *s = RNG_EGD(obj);
179 if (s->chr && s->chr->label) {
180 return g_strdup(s->chr->label);
183 return NULL;
186 static void rng_egd_init(Object *obj)
188 object_property_add_str(obj, "chardev",
189 rng_egd_get_chardev, rng_egd_set_chardev,
190 NULL);
193 static void rng_egd_finalize(Object *obj)
195 RngEgd *s = RNG_EGD(obj);
197 if (s->chr) {
198 qemu_chr_add_handlers(s->chr, NULL, NULL, NULL, NULL);
199 qemu_chr_fe_release(s->chr);
202 g_free(s->chr_name);
204 rng_egd_free_requests(s);
207 static void rng_egd_class_init(ObjectClass *klass, void *data)
209 RngBackendClass *rbc = RNG_BACKEND_CLASS(klass);
211 rbc->request_entropy = rng_egd_request_entropy;
212 rbc->cancel_requests = rng_egd_cancel_requests;
213 rbc->opened = rng_egd_opened;
216 static const TypeInfo rng_egd_info = {
217 .name = TYPE_RNG_EGD,
218 .parent = TYPE_RNG_BACKEND,
219 .instance_size = sizeof(RngEgd),
220 .class_init = rng_egd_class_init,
221 .instance_init = rng_egd_init,
222 .instance_finalize = rng_egd_finalize,
225 static void register_types(void)
227 type_register_static(&rng_egd_info);
230 type_init(register_types);