| commit | 373442ea3a96249991cfad3fc0e83fca5f8558d5 | |
| author | Peter Maydell <peter.maydell@linaro.org> | |
| Tue, 28 Feb 2017 12:08:14 +0000 (28 12:08 +0000) | ||
| committer | Peter Maydell <peter.maydell@linaro.org> | |
| Tue, 28 Feb 2017 12:08:14 +0000 (28 12:08 +0000) | ||
| tree | 14ef069f018f5274a8c985238d16f98b15e11c93 | treesnapshot (tar.gz zip) |
| parent | 54a5ba13a9ffe7d25fc649b0fa9f8314734c8ccc | commitdiff |
bcm2835_rng: Use qcrypto_random_bytes() rather than rand()
Switch to using qcrypto_random_bytes() rather than rand() as
our source of randomness for the BCM2835 RNG.
If qcrypto_random_bytes() fails, we don't want to return the guest a
non-random value in case they're really using it for cryptographic
purposes, so the best we can do is a fatal error. This shouldn't
happen unless something's broken, though.
In theory we could implement this device's full FIFO and interrupt
semantics and then just stop filling the FIFO. That's a lot of work,
though, and doesn't really give a very nice diagnostic to the user
since the guest will just seem to hang.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Switch to using qcrypto_random_bytes() rather than rand() as
our source of randomness for the BCM2835 RNG.
If qcrypto_random_bytes() fails, we don't want to return the guest a
non-random value in case they're really using it for cryptographic
purposes, so the best we can do is a fatal error. This shouldn't
happen unless something's broken, though.
In theory we could implement this device's full FIFO and interrupt
semantics and then just stop filling the FIFO. That's a lot of work,
though, and doesn't really give a very nice diagnostic to the user
since the guest will just seem to hang.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
| hw/misc/bcm2835_rng.c | diffblobblamehistory |