[qemu.git] / hw / virtio / virtio-rng.c

/*
 * A virtio device implementing a hardware random number generator.
 *
 * Copyright 2012 Red Hat, Inc.
 * Copyright 2012 Amit Shah <[email protected]>
 *
 * This work is licensed under the terms of the GNU GPL, version 2 or
 * (at your option) any later version.  See the COPYING file in the
 * top-level directory.
 */

#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qemu/iov.h"
#include "hw/qdev.h"
#include "hw/virtio/virtio.h"
#include "hw/virtio/virtio-rng.h"
#include "sysemu/rng.h"
#include "qom/object_interfaces.h"
#include "trace.h"

static bool is_guest_ready(VirtIORNG *vrng)
{
    VirtIODevice *vdev = VIRTIO_DEVICE(vrng);
    if (virtio_queue_ready(vrng->vq)
        && (vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
        return true;
    }
    trace_virtio_rng_guest_not_ready(vrng);
    return false;
}

static size_t get_request_size(VirtQueue *vq, unsigned quota)
{
    unsigned int in, out;

    virtqueue_get_avail_bytes(vq, &in, &out, quota, 0);
    return in;
}

static void virtio_rng_process(VirtIORNG *vrng);

/* Send data from a char device over to the guest */
static void chr_read(void *opaque, const void *buf, size_t size)
{
    VirtIORNG *vrng = opaque;
    VirtIODevice *vdev = VIRTIO_DEVICE(vrng);
    VirtQueueElement *elem;
    size_t len;
    int offset;

    if (!is_guest_ready(vrng)) {
        return;
    }

    vrng->quota_remaining -= size;

    offset = 0;
    while (offset < size) {
        elem = virtqueue_pop(vrng->vq, sizeof(VirtQueueElement));
        if (!elem) {
            break;
        }
        len = iov_from_buf(elem->in_sg, elem->in_num,
                           0, buf + offset, size - offset);
        offset += len;

        virtqueue_push(vrng->vq, elem, len);
        trace_virtio_rng_pushed(vrng, len);
        g_free(elem);
    }
    virtio_notify(vdev, vrng->vq);

    if (!virtio_queue_empty(vrng->vq)) {
        /* If we didn't drain the queue, call virtio_rng_process
         * to take care of asking for more data as appropriate.
         */
        virtio_rng_process(vrng);
    }
}

static void virtio_rng_process(VirtIORNG *vrng)
{
    size_t size;
    unsigned quota;

    if (!is_guest_ready(vrng)) {
        return;
    }

    if (vrng->activate_timer) {
        timer_mod(vrng->rate_limit_timer,
                  qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + vrng->conf.period_ms);
        vrng->activate_timer = false;
    }

    if (vrng->quota_remaining < 0) {
        quota = 0;
    } else {
        quota = MIN((uint64_t)vrng->quota_remaining, (uint64_t)UINT32_MAX);
    }
    size = get_request_size(vrng->vq, quota);

    trace_virtio_rng_request(vrng, size, quota);

    size = MIN(vrng->quota_remaining, size);
    if (size) {
        rng_backend_request_entropy(vrng->rng, size, chr_read, vrng);
    }
}

static void handle_input(VirtIODevice *vdev, VirtQueue *vq)
{
    VirtIORNG *vrng = VIRTIO_RNG(vdev);
    virtio_rng_process(vrng);
}

static uint64_t get_features(VirtIODevice *vdev, uint64_t f, Error **errp)
{
    return f;
}

static int virtio_rng_load(QEMUFile *f, void *opaque, size_t size)
{
    VirtIORNG *vrng = opaque;
    int ret;

    ret = virtio_load(VIRTIO_DEVICE(vrng), f, 1);
    if (ret != 0) {
        return ret;
    }

    /* We may have an element ready but couldn't process it due to a quota
     * limit.  Make sure to try again after live migration when the quota may
     * have been reset.
     */
    virtio_rng_process(vrng);

    return 0;
}

static void check_rate_limit(void *opaque)
{
    VirtIORNG *vrng = opaque;

    vrng->quota_remaining = vrng->conf.max_bytes;
    virtio_rng_process(vrng);
    vrng->activate_timer = true;
}

static void virtio_rng_device_realize(DeviceState *dev, Error **errp)
{
    VirtIODevice *vdev = VIRTIO_DEVICE(dev);
    VirtIORNG *vrng = VIRTIO_RNG(dev);
    Error *local_err = NULL;

    if (vrng->conf.period_ms <= 0) {
        error_setg(errp, "'period' parameter expects a positive integer");
        return;
    }

    /* Workaround: Property parsing does not enforce unsigned integers,
     * So this is a hack to reject such numbers. */
    if (vrng->conf.max_bytes > INT64_MAX) {
        error_setg(errp, "'max-bytes' parameter must be non-negative, "
                   "and less than 2^63");
        return;
    }

    if (vrng->conf.rng == NULL) {
        vrng->conf.default_backend = RNG_RANDOM(object_new(TYPE_RNG_RANDOM));

        user_creatable_complete(OBJECT(vrng->conf.default_backend),
                                &local_err);
        if (local_err) {
            error_propagate(errp, local_err);
            object_unref(OBJECT(vrng->conf.default_backend));
            return;
        }

        object_property_add_child(OBJECT(dev),
                                  "default-backend",
                                  OBJECT(vrng->conf.default_backend),
                                  NULL);

        /* The child property took a reference, we can safely drop ours now */
        object_unref(OBJECT(vrng->conf.default_backend));

        object_property_set_link(OBJECT(dev),
                                 OBJECT(vrng->conf.default_backend),
                                 "rng", NULL);
    }

    vrng->rng = vrng->conf.rng;
    if (vrng->rng == NULL) {
        error_setg(errp, "'rng' parameter expects a valid object");
        return;
    }

    virtio_init(vdev, "virtio-rng", VIRTIO_ID_RNG, 0);

    vrng->vq = virtio_add_queue(vdev, 8, handle_input);
    vrng->quota_remaining = vrng->conf.max_bytes;
    vrng->rate_limit_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL,
                                               check_rate_limit, vrng);
    vrng->activate_timer = true;
}

static void virtio_rng_device_unrealize(DeviceState *dev, Error **errp)
{
    VirtIODevice *vdev = VIRTIO_DEVICE(dev);
    VirtIORNG *vrng = VIRTIO_RNG(dev);

    timer_del(vrng->rate_limit_timer);
    timer_free(vrng->rate_limit_timer);
    virtio_cleanup(vdev);
}

VMSTATE_VIRTIO_DEVICE(rng, 1, virtio_rng_load, virtio_vmstate_save);

static Property virtio_rng_properties[] = {
    /* Set a default rate limit of 2^47 bytes per minute or roughly 2TB/s.  If
     * you have an entropy source capable of generating more entropy than this
     * and you can pass it through via virtio-rng, then hats off to you.  Until
     * then, this is unlimited for all practical purposes.
     */
    DEFINE_PROP_UINT64("max-bytes", VirtIORNG, conf.max_bytes, INT64_MAX),
    DEFINE_PROP_UINT32("period", VirtIORNG, conf.period_ms, 1 << 16),
    DEFINE_PROP_END_OF_LIST(),
};

static void virtio_rng_class_init(ObjectClass *klass, void *data)
{
    DeviceClass *dc = DEVICE_CLASS(klass);
    VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);

    dc->props = virtio_rng_properties;
    dc->vmsd = &vmstate_virtio_rng;
    set_bit(DEVICE_CATEGORY_MISC, dc->categories);
    vdc->realize = virtio_rng_device_realize;
    vdc->unrealize = virtio_rng_device_unrealize;
    vdc->get_features = get_features;
}

static void virtio_rng_initfn(Object *obj)
{
    VirtIORNG *vrng = VIRTIO_RNG(obj);

    object_property_add_link(obj, "rng", TYPE_RNG_BACKEND,
                             (Object **)&vrng->conf.rng,
                             qdev_prop_allow_set_link_before_realize,
                             OBJ_PROP_LINK_UNREF_ON_RELEASE, NULL);
}

static const TypeInfo virtio_rng_info = {
    .name = TYPE_VIRTIO_RNG,
    .parent = TYPE_VIRTIO_DEVICE,
    .instance_size = sizeof(VirtIORNG),
    .instance_init = virtio_rng_initfn,
    .class_init = virtio_rng_class_init,
};

static void virtio_register_types(void)
{
    type_register_static(&virtio_rng_info);
}

type_init(virtio_register_types)
Commit	Line	Data
16c915ba AS	1	/*
	2	* A virtio device implementing a hardware random number generator.
	3	*
	4	* Copyright 2012 Red Hat, Inc.
	5	* Copyright 2012 Amit Shah <[email protected]>
	6	*
	7	* This work is licensed under the terms of the GNU GPL, version 2 or
	8	* (at your option) any later version. See the COPYING file in the
	9	* top-level directory.
	10	*/
	11
9b8bfe21	12	#include "qemu/osdep.h"
da34e65c	13	#include "qapi/error.h"
1de7afc9	14	#include "qemu/iov.h"
83c9f4ca	15	#include "hw/qdev.h"
0d09e41a PB	16	#include "hw/virtio/virtio.h"
0d09e41a PB	17	#include "hw/virtio/virtio-rng.h"
dccfcd0e	18	#include "sysemu/rng.h"
57d3e1b3	19	#include "qom/object_interfaces.h"
4ac44580	20	#include "trace.h"
16c915ba	21
16c915ba AS	22	static bool is_guest_ready(VirtIORNG *vrng)
16c915ba AS	23	{
611aa333	24	VirtIODevice *vdev = VIRTIO_DEVICE(vrng);
16c915ba	25	if (virtio_queue_ready(vrng->vq)
611aa333	26	&& (vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
16c915ba AS	27	return true;
16c915ba AS	28	}
4ac44580	29	trace_virtio_rng_guest_not_ready(vrng);
16c915ba AS	30	return false;
	31	}
	32
e1f7b481	33	static size_t get_request_size(VirtQueue *vq, unsigned quota)
16c915ba	34	{
14417039	35	unsigned int in, out;
16c915ba	36
e1f7b481	37	virtqueue_get_avail_bytes(vq, &in, &out, quota, 0);
14417039	38	return in;
16c915ba AS	39	}
16c915ba AS	40
904d6f58 AL	41	static void virtio_rng_process(VirtIORNG *vrng);
904d6f58 AL	42
16c915ba AS	43	/* Send data from a char device over to the guest */
	44	static void chr_read(void opaque, const void buf, size_t size)
	45	{
	46	VirtIORNG *vrng = opaque;
611aa333	47	VirtIODevice *vdev = VIRTIO_DEVICE(vrng);
51b19ebe	48	VirtQueueElement *elem;
16c915ba AS	49	size_t len;
	50	int offset;
	51
	52	if (!is_guest_ready(vrng)) {
	53	return;
	54	}
	55
904d6f58 AL	56	vrng->quota_remaining -= size;
904d6f58 AL	57
16c915ba AS	58	offset = 0;
16c915ba AS	59	while (offset < size) {
51b19ebe PB	60	elem = virtqueue_pop(vrng->vq, sizeof(VirtQueueElement));
51b19ebe PB	61	if (!elem) {
16c915ba AS	62	break;
16c915ba AS	63	}
51b19ebe	64	len = iov_from_buf(elem->in_sg, elem->in_num,
16c915ba AS	65	0, buf + offset, size - offset);
	66	offset += len;
	67
51b19ebe	68	virtqueue_push(vrng->vq, elem, len);
4ac44580	69	trace_virtio_rng_pushed(vrng, len);
51b19ebe	70	g_free(elem);
16c915ba	71	}
611aa333	72	virtio_notify(vdev, vrng->vq);
f8693c2c LP	73
	74	if (!virtio_queue_empty(vrng->vq)) {
	75	/* If we didn't drain the queue, call virtio_rng_process
	76	* to take care of asking for more data as appropriate.
	77	*/
	78	virtio_rng_process(vrng);
	79	}
16c915ba AS	80	}
16c915ba AS	81
904d6f58	82	static void virtio_rng_process(VirtIORNG *vrng)
16c915ba	83	{
14417039	84	size_t size;
e1f7b481	85	unsigned quota;
904d6f58 AL	86
	87	if (!is_guest_ready(vrng)) {
	88	return;
	89	}
16c915ba	90
621a20e0 PG	91	if (vrng->activate_timer) {
	92	timer_mod(vrng->rate_limit_timer,
	93	qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + vrng->conf.period_ms);
	94	vrng->activate_timer = false;
	95	}
	96
e1f7b481 MT	97	if (vrng->quota_remaining < 0) {
	98	quota = 0;
	99	} else {
	100	quota = MIN((uint64_t)vrng->quota_remaining, (uint64_t)UINT32_MAX);
	101	}
	102	size = get_request_size(vrng->vq, quota);
4ac44580 AS	103
	104	trace_virtio_rng_request(vrng, size, quota);
	105
904d6f58	106	size = MIN(vrng->quota_remaining, size);
14417039	107	if (size) {
16c915ba AS	108	rng_backend_request_entropy(vrng->rng, size, chr_read, vrng);
	109	}
	110	}
	111
904d6f58 AL	112	static void handle_input(VirtIODevice vdev, VirtQueue vq)
904d6f58 AL	113	{
611aa333	114	VirtIORNG *vrng = VIRTIO_RNG(vdev);
904d6f58 AL	115	virtio_rng_process(vrng);
	116	}
	117
9d5b731d	118	static uint64_t get_features(VirtIODevice vdev, uint64_t f, Error *errp)
16c915ba AS	119	{
	120	return f;
	121	}
	122
b6075793	123	static int virtio_rng_load(QEMUFile f, void opaque, size_t size)
16c915ba	124	{
db12451d DG	125	VirtIORNG *vrng = opaque;
	126	int ret;
	127
b6075793	128	ret = virtio_load(VIRTIO_DEVICE(vrng), f, 1);
db12451d DG	129	if (ret != 0) {
	130	return ret;
	131	}
16c915ba	132
904d6f58	133	/* We may have an element ready but couldn't process it due to a quota
42015c9a AS	134	* limit. Make sure to try again after live migration when the quota may
	135	* have been reset.
	136	*/
db12451d	137	virtio_rng_process(vrng);
904d6f58	138
16c915ba AS	139	return 0;
	140	}
	141
904d6f58 AL	142	static void check_rate_limit(void *opaque)
904d6f58 AL	143	{
611aa333	144	VirtIORNG *vrng = opaque;
904d6f58	145
611aa333 FK	146	vrng->quota_remaining = vrng->conf.max_bytes;
611aa333 FK	147	virtio_rng_process(vrng);
621a20e0	148	vrng->activate_timer = true;
904d6f58 AL	149	}
904d6f58 AL	150
a8d57dfb	151	static void virtio_rng_device_realize(DeviceState dev, Error *errp)
16c915ba	152	{
a8d57dfb	153	VirtIODevice *vdev = VIRTIO_DEVICE(dev);
af7671fd	154	VirtIORNG *vrng = VIRTIO_RNG(dev);
16c915ba AS	155	Error *local_err = NULL;
16c915ba AS	156
a3a292c4	157	if (vrng->conf.period_ms <= 0) {
c617dd3b	158	error_setg(errp, "'period' parameter expects a positive integer");
a8d57dfb	159	return;
d44bb860 AK	160	}
d44bb860 AK	161
1efd6e07 JS	162	/* Workaround: Property parsing does not enforce unsigned integers,
	163	* So this is a hack to reject such numbers. */
	164	if (vrng->conf.max_bytes > INT64_MAX) {
c617dd3b JS	165	error_setg(errp, "'max-bytes' parameter must be non-negative, "
c617dd3b JS	166	"and less than 2^63");
1efd6e07 JS	167	return;
	168	}
	169
46a5a89d FK	170	if (vrng->conf.rng == NULL) {
	171	vrng->conf.default_backend = RNG_RANDOM(object_new(TYPE_RNG_RANDOM));
	172
57d3e1b3 IM	173	user_creatable_complete(OBJECT(vrng->conf.default_backend),
	174	&local_err);
	175	if (local_err) {
	176	error_propagate(errp, local_err);
	177	object_unref(OBJECT(vrng->conf.default_backend));
	178	return;
	179	}
	180
af7671fd	181	object_property_add_child(OBJECT(dev),
46a5a89d FK	182	"default-backend",
	183	OBJECT(vrng->conf.default_backend),
	184	NULL);
	185
abdffd1f SH	186	/* The child property took a reference, we can safely drop ours now */
	187	object_unref(OBJECT(vrng->conf.default_backend));
	188
af7671fd	189	object_property_set_link(OBJECT(dev),
46a5a89d FK	190	OBJECT(vrng->conf.default_backend),
46a5a89d FK	191	"rng", NULL);
6eac8aec	192	}
16c915ba	193
46a5a89d	194	vrng->rng = vrng->conf.rng;
16c915ba	195	if (vrng->rng == NULL) {
c617dd3b	196	error_setg(errp, "'rng' parameter expects a valid object");
a8d57dfb	197	return;
16c915ba AS	198	}
16c915ba AS	199
1efd6e07	200	virtio_init(vdev, "virtio-rng", VIRTIO_ID_RNG, 0);
6eac8aec	201
1efd6e07	202	vrng->vq = virtio_add_queue(vdev, 8, handle_input);
af1a8ad6	203	vrng->quota_remaining = vrng->conf.max_bytes;
bc72ad67	204	vrng->rate_limit_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL,
904d6f58	205	check_rate_limit, vrng);
621a20e0	206	vrng->activate_timer = true;
6eac8aec FK	207	}
6eac8aec FK	208
306ec6c3	209	static void virtio_rng_device_unrealize(DeviceState dev, Error *errp)
6eac8aec	210	{
306ec6c3 AF	211	VirtIODevice *vdev = VIRTIO_DEVICE(dev);
306ec6c3 AF	212	VirtIORNG *vrng = VIRTIO_RNG(dev);
6eac8aec	213
bc72ad67 AB	214	timer_del(vrng->rate_limit_timer);
bc72ad67 AB	215	timer_free(vrng->rate_limit_timer);
6a1a8cc7	216	virtio_cleanup(vdev);
6eac8aec FK	217	}
6eac8aec FK	218
b6075793 DDAG	219	VMSTATE_VIRTIO_DEVICE(rng, 1, virtio_rng_load, virtio_vmstate_save);
b6075793 DDAG	220
6eac8aec	221	static Property virtio_rng_properties[] = {
fe704809 SZ	222	/* Set a default rate limit of 2^47 bytes per minute or roughly 2TB/s. If
	223	* you have an entropy source capable of generating more entropy than this
	224	* and you can pass it through via virtio-rng, then hats off to you. Until
	225	* then, this is unlimited for all practical purposes.
	226	*/
	227	DEFINE_PROP_UINT64("max-bytes", VirtIORNG, conf.max_bytes, INT64_MAX),
	228	DEFINE_PROP_UINT32("period", VirtIORNG, conf.period_ms, 1 << 16),
6eac8aec FK	229	DEFINE_PROP_END_OF_LIST(),
	230	};
	231
	232	static void virtio_rng_class_init(ObjectClass klass, void data)
	233	{
	234	DeviceClass *dc = DEVICE_CLASS(klass);
	235	VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
a8d57dfb	236
6eac8aec	237	dc->props = virtio_rng_properties;
b6075793	238	dc->vmsd = &vmstate_virtio_rng;
125ee0ed	239	set_bit(DEVICE_CATEGORY_MISC, dc->categories);
a8d57dfb	240	vdc->realize = virtio_rng_device_realize;
306ec6c3	241	vdc->unrealize = virtio_rng_device_unrealize;
6eac8aec FK	242	vdc->get_features = get_features;
	243	}
	244
	245	static void virtio_rng_initfn(Object *obj)
	246	{
	247	VirtIORNG *vrng = VIRTIO_RNG(obj);
	248
	249	object_property_add_link(obj, "rng", TYPE_RNG_BACKEND,
9561fda8	250	(Object **)&vrng->conf.rng,
39f72ef9	251	qdev_prop_allow_set_link_before_realize,
9561fda8	252	OBJ_PROP_LINK_UNREF_ON_RELEASE, NULL);
6eac8aec FK	253	}
	254
	255	static const TypeInfo virtio_rng_info = {
	256	.name = TYPE_VIRTIO_RNG,
	257	.parent = TYPE_VIRTIO_DEVICE,
	258	.instance_size = sizeof(VirtIORNG),
	259	.instance_init = virtio_rng_initfn,
	260	.class_init = virtio_rng_class_init,
	261	};
	262
	263	static void virtio_register_types(void)
	264	{
	265	type_register_static(&virtio_rng_info);
	266	}
	267
	268	type_init(virtio_register_types)