Re: [PULL 9/9] hw/i386: pass RNG seed via setup_data entry

[Daniel P . Berrangé]

On Tue, Aug 02, 2022 at 05:13:26PM +0200, Jason A. Donenfeld wrote:
> Hi Xiaoyao,
> 
> On Tue, Aug 2, 2022 at 5:06 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> >
> > Hi Xiaoyao,
> >
> > On Tue, Aug 02, 2022 at 10:53:07PM +0800, Xiaoyao Li wrote:
> > > yes, with >= 7.1, pcmc->legacy_no_rng_seed = false by default, and RNG
> > > seed is used.
> >
> > This is intended behavior. Being on by default is basically the whole
> > point of it. Otherwise it's useless.
> >
> > >
> > > > Either way, this shouldn't cause boot failures.
> > >
> > > It does fail booting OVMF with #PF. Below diff can fix the #PF for me.
> >
> > Huh, interesting. Sounds like maybe there's a bug I need to fix. Can you
> > send me some repro instructions, and I'll look into it right away.
> 
> I just tried booting Fedora using OVMF and didn't have any problems. I
> used this command line:

I managed to reproduce on a Fedora 36 host, using QEMU git master from
today.

 $ git clone https://gitlab.com/berrange/tiny-vm-tools
 $ cd tiny-vm-tools
 $ ./make-tiny-image.py --run date date
 tiny-initrd.img
 Copy lib /lib/ld-musl-x86_64.so.1 -> 
/tmp/make-tiny-imagebcuv8i_b/lib/ld-musl-x86_64.so.1
 Copy bin /usr/bin/date -> /tmp/make-tiny-imagebcuv8i_b/bin/date
 Copy lib /lib64/libc.so.6 -> /tmp/make-tiny-imagebcuv8i_b/lib64/libc.so.6
 Copy lib /lib64/ld-linux-x86-64.so.2 -> 
/tmp/make-tiny-imagebcuv8i_b/lib64/ld-linux-x86-64.so.2

 $ cp /usr/share/edk2/ovmf/OVMF_VARS.fd vars.fd

 $ ~/src/virt/qemu.git/build/qemu-system-x86_64 \
   -blockdev 
node-name=file_ovmf_code,driver=file,filename=/usr/share/edk2/ovmf/OVMF_CODE.fd,auto-read-only=on,discard=unmap
 \
   -blockdev 
node-name=drive_ovmf_code,driver=raw,read-only=on,file=file_ovmf_code \
   -blockdev 
node-name=file_ovmf_vars,driver=file,filename=vars.fd,auto-read-only=on,discard=unmap
 \
   -blockdev 
node-name=drive_ovmf_vars,driver=raw,read-only=off,file=file_ovmf_vars  \
   -machine pc-q35-7.1,pflash0=drive_ovmf_code,pflash1=drive_ovmf_vars \
   -kernel /boot/vmlinuz-5.18.5-200.fc36.x86_64 \
   -initrd tiny-initrd.img \
   -m 8000 \
   -display none \
   -nodefaults \
   -serial stdio \
   -append 'console=ttyS0 quiet'

It results in OVMF crashing and displaying this dump on console:

!!!! X64 Exception Type - 0D(#GP - General Protection)  CPU Apic ID - 00000000 
!!!!
ExceptionData - 0000000000000000
RIP  - 0000000077EA6BBE, CS  - 0000000000000038, RFLAGS - 0000000000000206
RAX  - 28006E6F69746163, RCX - 0000000000000000, RDX - 41CBF4FA982C298B
RBX  - 000000007D9C3000, RSP - 000000007FEDF8E0, RBP - 0000000000000000
RSI  - 0000000000000000, RDI - 000000007D9C3000
R8   - 000000007D9C2F18, R9  - 000000007FEDF980, R10 - 0000000000000000
R11  - 0000000000000006, R12 - 28006E6F69746163, R13 - 000000007FEDF980
R14  - 000000007734F000, R15 - 000000007FEDFD01
DS   - 0000000000000030, ES  - 0000000000000030, FS  - 0000000000000030
GS   - 0000000000000030, SS  - 0000000000000030
CR0  - 0000000080010033, CR2 - 0000000000000000, CR3 - 000000007FC01000
CR4  - 0000000000000668, CR8 - 0000000000000000
DR0  - 0000000000000000, DR1 - 0000000000000000, DR2 - 0000000000000000
DR3  - 0000000000000000, DR6 - 00000000FFFF0FF0, DR7 - 0000000000000400
GDTR - 000000007F9DE000 0000000000000047, LDTR - 0000000000000000
IDTR - 000000007F40F018 0000000000000FFF,   TR - 0000000000000000
FXSAVE_STATE - 000000007FEDF540
!!!! Find image based on IP(0x77EA6BBE) (No PDB)  (ImageBase=000000007734F000, 
EntryPoint=0000000077EA65FC) !!!!



Changing to pc-q35-7.0 makes it work and prints current 'date' output
before shutting down.

Similarly adding  'pcmc->legacy_no_rng_seed = true;' for 7.1 machine
type also makes it work.

Turning on isa-debugcon for OVMF doesn't show anything especially
unsual - just a slightly different kernel image size, due to the
RNG seed having been added.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|