On 6/20/23 17:16, Paolo Bonzini wrote:
> TCG implements RDSEED, and in fact uses qcrypto_random_bytes which is
> secure enough to match hardware behavior. Expose it to guests.
>
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/cpu.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index ff3dcd02dcb..fc4246223d4 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -657,11 +657,10 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
> CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \
> CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT | \
> CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
> - CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2)
> + CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_RDSEED)
> /* missing:
> CPUID_7_0_EBX_HLE
> - CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM,
> - CPUID_7_0_EBX_RDSEED */
> + CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM */
> #define TCG_7_0_ECX_FEATURES (CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | \
> /* CPUID_7_0_ECX_OSPKE is dynamic */ \
> CPUID_7_0_ECX_LA57 | CPUID_7_0_ECX_PKS | CPUID_7_0_ECX_VAES)
Still missing the check for CPUID_7_0_EBX_RDSEED at the RDSEED insn.
Sorry, I 6kissed that remain. It's more of a separate patch IMO, I will add it.
Paolo