[RFC PATCH kvmtool 2/2] virtio/rng: return at least one byte of entropy

Andre Przywara <andre.przywara@xxxxxxx> · Thu, 13 Apr 2023 17:57:57 +0100

In contrast to the original v0.9 virtio spec (which was rather vague),
the virtio 1.0+ spec demands that a RNG request returns at least one
byte:
"The device MUST place one or more random bytes into the buffer, but it
MAY use less than the entire buffer length."

Our current implementation does not prevent returning zero bytes, which
upsets an assert in EDK II. Since we open the fd with O_NONBLOCK, a
return with not the whole buffer filled seems possible.

Take care of that special case, by switching the /dev/urandom file
descriptor into blocking mode when a 0-return happens, than wait for one
byte to arrive. We then switch back to non-blocking mode, and try to
read even more (in case multiple bytes became available at once).
This makes sure we return at least one byte of entropy and become spec
compliant.

Signed-off-by: Andre Przywara <andre.przywara@xxxxxxx>
Reported-by: Sami Mujawar <sami.mujawar@xxxxxxx>
---
 virtio/rng.c | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/virtio/rng.c b/virtio/rng.c
index eab8f3ac0..0a0b31a16 100644
--- a/virtio/rng.c
+++ b/virtio/rng.c
@@ -66,8 +66,35 @@ static bool virtio_rng_do_io_request(struct kvm *kvm, struct rng_dev *rdev, stru
 
 	head	= virt_queue__get_iov(queue, iov, &out, &in, kvm);
 	len	= readv(rdev->fd, iov, in);
-	if (len < 0 && errno == EAGAIN)
-		len = 0;
+	if (len < 0 && errno == EAGAIN) {
+		/*
+		 * The virtio 1.0 spec demands at least one byte of entropy.
+		 * Switch the /dev/urandom file descriptor to blocking mode,
+		 * then wait for one byte to arrive. Switch it back to
+		 * non-blocking mode, and try to read even more, if available.
+		 */
+		int flags = fcntl(rdev->fd, F_GETFL);
+
+		if (flags < 0)
+			return false;
+
+		fcntl(rdev->fd, F_SETFL, flags & ~O_NONBLOCK);
+		len = read(rdev->fd, iov[0].iov_base, 1);
+		if (len < 1)
+			return false;
+		fcntl(rdev->fd, F_SETFL, flags);
+		iov[0].iov_base++;
+		iov[0].iov_len--;
+		len = readv(rdev->fd, iov, in);
+		if (len < 0) {
+			if (errno == EAGAIN)	/* no more bytes yet */
+				len = 1;
+			else
+				return false;	/* some error */
+		} else {
+			len++;			/* the one byte already read */
+		}
+	}
 
 	virt_queue__set_used_elem(queue, head, len);
 
-- 
2.25.1







