Message ID | 20230618215114.107337-4-pbonzini@redhat.com |
---|---|
State | New |
Headers | show |
Series | target/i386: add a few simple features | expand |
On 6/18/23 23:51, Paolo Bonzini wrote: > TCG implements RDSEED, and in fact uses qcrypto_random_bytes which is > secure enough to match hardware behavior. Expose it to guests. > > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > target/i386/cpu.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) TCG protects both RDRAND and RDSEED with CPUID_EXT_RDRAND. I guess we should use CPUID_7_0_EBX_RDSEED for RDSEED? r~ > > diff --git a/target/i386/cpu.c b/target/i386/cpu.c > index ff3dcd02dcb..fc4246223d4 100644 > --- a/target/i386/cpu.c > +++ b/target/i386/cpu.c > @@ -657,11 +657,10 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1, > CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \ > CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT | \ > CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \ > - CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2) > + CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_RDSEED) > /* missing: > CPUID_7_0_EBX_HLE > - CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM, > - CPUID_7_0_EBX_RDSEED */ > + CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM */ > #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \ > /* CPUID_7_0_ECX_OSPKE is dynamic */ \ > CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c index ff3dcd02dcb..fc4246223d4 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -657,11 +657,10 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1, CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \ CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT | \ CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \ - CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2) + CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_RDSEED) /* missing: CPUID_7_0_EBX_HLE - CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM, - CPUID_7_0_EBX_RDSEED */ + CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM */ #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \ /* CPUID_7_0_ECX_OSPKE is dynamic */ \ CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES)
TCG implements RDSEED, and in fact uses qcrypto_random_bytes which is secure enough to match hardware behavior. Expose it to guests. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- target/i386/cpu.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)