From: Rob Herring <robh+dt@kernel.org>
To: Hsin-Yi Wang <hsinyi@chromium.org>
Cc: "moderated list:ARM/FREESCALE IMX / MXC ARM ARCHITECTURE"
<linux-arm-kernel@lists.infradead.org>,
Mark Rutland <mark.rutland@arm.com>,
Frank Rowand <frowand.list@gmail.com>,
devicetree@vger.kernel.org,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Stephen Boyd <swboyd@chromium.org>,
Kees Cook <keescook@chromium.org>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Architecture Mailman List <boot-architecture@lists.linaro.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@linux.ibm.com>,
Michal Hocko <mhocko@suse.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Miles Chen <miles.chen@mediatek.com>,
James Morse <james.morse@arm.com>,
Andrew Murray <andrew.murray@arm.com>
Subject: Re: [PATCH v2 1/2] fdt: add support for rng-seed
Date: Mon, 13 May 2019 08:14:40 -0500 [thread overview]
Message-ID: <CAL_Jsq+Z5+M7fYCrkRKqN1yKTu6uyMKRKh-R4b-cj46y18hXOw@mail.gmail.com> (raw)
In-Reply-To: <20190513003819.356-1-hsinyi@chromium.org>
On Sun, May 12, 2019 at 7:39 PM Hsin-Yi Wang <hsinyi@chromium.org> wrote:
>
> Introducing a chosen node, rng-seed, which is an entropy that can be
> passed to kernel called very early to increase initial device
> randomness. Bootloader should provide this entropy and the value is
> read from /chosen/rng-seed in DT.
>
> Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
> ---
> change log:
> v1->v2:
> * call function in early_init_dt_scan_chosen
> * will add doc to devicetree-org/dt-schema on github if this is accepted
> ---
> Documentation/devicetree/bindings/chosen.txt | 14 ++++++++++++++
> drivers/of/fdt.c | 11 +++++++++++
> 2 files changed, 25 insertions(+)
>
> diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt
> index 45e79172a646..fef5c82672dc 100644
> --- a/Documentation/devicetree/bindings/chosen.txt
> +++ b/Documentation/devicetree/bindings/chosen.txt
> @@ -28,6 +28,20 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by
> the Linux EFI stub (which will populate the property itself, using
> EFI_RNG_PROTOCOL).
>
> +rng-seed
> +-----------
> +
> +This property served as an entropy to add device randomness. It is parsed
> +as a byte array, e.g.
> +
> +/ {
> + chosen {
> + rng-seed = <0x31 0x95 0x1b 0x3c 0xc9 0xfa 0xb3 ...>;
> + };
> +};
> +
> +This random value should be provided by bootloader.
> +
> stdout-path
> -----------
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index de893c9616a1..96ea5eba9dd5 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -24,6 +24,7 @@
> #include <linux/debugfs.h>
> #include <linux/serial_core.h>
> #include <linux/sysfs.h>
> +#include <linux/random.h>
>
> #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
> #include <asm/page.h>
> @@ -1079,6 +1080,7 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
> {
> int l;
> const char *p;
> + const void *rng_seed;
>
> pr_debug("search \"chosen\", depth: %d, uname: %s\n", depth, uname);
>
> @@ -1113,6 +1115,15 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
>
> pr_debug("Command line is: %s\n", (char*)data);
>
> + rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
> + if (!rng_seed || l == 0)
> + return 1;
This only works if this hunk stays at the end of the function. I'd
invert the if and move the next 2 functions under it.
> +
> + /* try to clear seed so it won't be found. */
> + fdt_nop_property(initial_boot_params, node, "rng-seed");
I'd just delete the property.
Also, what about kexec? Don't you need to add a new seed?
> +
> + add_device_randomness(rng_seed, l);
> +
> /* break now */
> return 1;
> }
> --
> 2.20.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Rob Herring <robh+dt@kernel.org>
To: Hsin-Yi Wang <hsinyi@chromium.org>
Cc: "moderated list:ARM/FREESCALE IMX / MXC ARM ARCHITECTURE"
<linux-arm-kernel@lists.infradead.org>,
Mark Rutland <mark.rutland@arm.com>,
Frank Rowand <frowand.list@gmail.com>,
devicetree@vger.kernel.org,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Stephen Boyd <swboyd@chromium.org>,
Kees Cook <keescook@chromium.org>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Architecture Mailman List <boot-architecture@lists.linaro.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@linux.ibm.com>,
Michal Hocko <mhocko@suse.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Miles Chen <miles.chen@mediatek.com>,
James Morse <james.morse@arm.com>
Subject: Re: [PATCH v2 1/2] fdt: add support for rng-seed
Date: Mon, 13 May 2019 08:14:40 -0500 [thread overview]
Message-ID: <CAL_Jsq+Z5+M7fYCrkRKqN1yKTu6uyMKRKh-R4b-cj46y18hXOw@mail.gmail.com> (raw)
In-Reply-To: <20190513003819.356-1-hsinyi@chromium.org>
On Sun, May 12, 2019 at 7:39 PM Hsin-Yi Wang <hsinyi@chromium.org> wrote:
>
> Introducing a chosen node, rng-seed, which is an entropy that can be
> passed to kernel called very early to increase initial device
> randomness. Bootloader should provide this entropy and the value is
> read from /chosen/rng-seed in DT.
>
> Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
> ---
> change log:
> v1->v2:
> * call function in early_init_dt_scan_chosen
> * will add doc to devicetree-org/dt-schema on github if this is accepted
> ---
> Documentation/devicetree/bindings/chosen.txt | 14 ++++++++++++++
> drivers/of/fdt.c | 11 +++++++++++
> 2 files changed, 25 insertions(+)
>
> diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt
> index 45e79172a646..fef5c82672dc 100644
> --- a/Documentation/devicetree/bindings/chosen.txt
> +++ b/Documentation/devicetree/bindings/chosen.txt
> @@ -28,6 +28,20 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by
> the Linux EFI stub (which will populate the property itself, using
> EFI_RNG_PROTOCOL).
>
> +rng-seed
> +-----------
> +
> +This property served as an entropy to add device randomness. It is parsed
> +as a byte array, e.g.
> +
> +/ {
> + chosen {
> + rng-seed = <0x31 0x95 0x1b 0x3c 0xc9 0xfa 0xb3 ...>;
> + };
> +};
> +
> +This random value should be provided by bootloader.
> +
> stdout-path
> -----------
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index de893c9616a1..96ea5eba9dd5 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -24,6 +24,7 @@
> #include <linux/debugfs.h>
> #include <linux/serial_core.h>
> #include <linux/sysfs.h>
> +#include <linux/random.h>
>
> #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
> #include <asm/page.h>
> @@ -1079,6 +1080,7 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
> {
> int l;
> const char *p;
> + const void *rng_seed;
>
> pr_debug("search \"chosen\", depth: %d, uname: %s\n", depth, uname);
>
> @@ -1113,6 +1115,15 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
>
> pr_debug("Command line is: %s\n", (char*)data);
>
> + rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
> + if (!rng_seed || l == 0)
> + return 1;
This only works if this hunk stays at the end of the function. I'd
invert the if and move the next 2 functions under it.
> +
> + /* try to clear seed so it won't be found. */
> + fdt_nop_property(initial_boot_params, node, "rng-seed");
I'd just delete the property.
Also, what about kexec? Don't you need to add a new seed?
> +
> + add_device_randomness(rng_seed, l);
> +
> /* break now */
> return 1;
> }
> --
> 2.20.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Rob Herring <robh+dt@kernel.org>
To: Hsin-Yi Wang <hsinyi@chromium.org>
Cc: Mark Rutland <mark.rutland@arm.com>,
devicetree@vger.kernel.org,
Architecture Mailman List <boot-architecture@lists.linaro.org>,
Michal Hocko <mhocko@suse.com>, Kees Cook <keescook@chromium.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Will Deacon <will.deacon@arm.com>,
Stephen Boyd <swboyd@chromium.org>,
Miles Chen <miles.chen@mediatek.com>,
James Morse <james.morse@arm.com>,
Andrew Murray <andrew.murray@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Mike Rapoport <rppt@linux.ibm.com>,
Frank Rowand <frowand.list@gmail.com>,
"moderated list:ARM/FREESCALE IMX / MXC ARM ARCHITECTURE"
<linux-arm-kernel@lists.infradead.org>
Subject: Re: [PATCH v2 1/2] fdt: add support for rng-seed
Date: Mon, 13 May 2019 08:14:40 -0500 [thread overview]
Message-ID: <CAL_Jsq+Z5+M7fYCrkRKqN1yKTu6uyMKRKh-R4b-cj46y18hXOw@mail.gmail.com> (raw)
In-Reply-To: <20190513003819.356-1-hsinyi@chromium.org>
On Sun, May 12, 2019 at 7:39 PM Hsin-Yi Wang <hsinyi@chromium.org> wrote:
>
> Introducing a chosen node, rng-seed, which is an entropy that can be
> passed to kernel called very early to increase initial device
> randomness. Bootloader should provide this entropy and the value is
> read from /chosen/rng-seed in DT.
>
> Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
> ---
> change log:
> v1->v2:
> * call function in early_init_dt_scan_chosen
> * will add doc to devicetree-org/dt-schema on github if this is accepted
> ---
> Documentation/devicetree/bindings/chosen.txt | 14 ++++++++++++++
> drivers/of/fdt.c | 11 +++++++++++
> 2 files changed, 25 insertions(+)
>
> diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt
> index 45e79172a646..fef5c82672dc 100644
> --- a/Documentation/devicetree/bindings/chosen.txt
> +++ b/Documentation/devicetree/bindings/chosen.txt
> @@ -28,6 +28,20 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by
> the Linux EFI stub (which will populate the property itself, using
> EFI_RNG_PROTOCOL).
>
> +rng-seed
> +-----------
> +
> +This property served as an entropy to add device randomness. It is parsed
> +as a byte array, e.g.
> +
> +/ {
> + chosen {
> + rng-seed = <0x31 0x95 0x1b 0x3c 0xc9 0xfa 0xb3 ...>;
> + };
> +};
> +
> +This random value should be provided by bootloader.
> +
> stdout-path
> -----------
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index de893c9616a1..96ea5eba9dd5 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -24,6 +24,7 @@
> #include <linux/debugfs.h>
> #include <linux/serial_core.h>
> #include <linux/sysfs.h>
> +#include <linux/random.h>
>
> #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
> #include <asm/page.h>
> @@ -1079,6 +1080,7 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
> {
> int l;
> const char *p;
> + const void *rng_seed;
>
> pr_debug("search \"chosen\", depth: %d, uname: %s\n", depth, uname);
>
> @@ -1113,6 +1115,15 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
>
> pr_debug("Command line is: %s\n", (char*)data);
>
> + rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
> + if (!rng_seed || l == 0)
> + return 1;
This only works if this hunk stays at the end of the function. I'd
invert the if and move the next 2 functions under it.
> +
> + /* try to clear seed so it won't be found. */
> + fdt_nop_property(initial_boot_params, node, "rng-seed");
I'd just delete the property.
Also, what about kexec? Don't you need to add a new seed?
> +
> + add_device_randomness(rng_seed, l);
> +
> /* break now */
> return 1;
> }
> --
> 2.20.1
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-05-13 13:14 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-13 0:38 [PATCH v2 1/2] fdt: add support for rng-seed Hsin-Yi Wang
2019-05-13 0:38 ` Hsin-Yi Wang
2019-05-13 0:38 ` Hsin-Yi Wang
2019-05-13 0:38 ` [PATCH v2 2/2] amr64: map FDT as RW for early_init_dt_scan() Hsin-Yi Wang
2019-05-13 0:38 ` Hsin-Yi Wang
2019-05-13 8:58 ` Mike Rapoport
2019-05-13 8:58 ` Mike Rapoport
2019-05-13 11:14 ` Hsin-Yi Wang
2019-05-13 11:14 ` Hsin-Yi Wang
2019-05-13 11:14 ` Hsin-Yi Wang
2019-05-14 15:42 ` Mike Rapoport
2019-05-14 15:42 ` Mike Rapoport
2019-05-14 15:42 ` Mike Rapoport
2019-05-15 10:24 ` Hsin-Yi Wang
2019-05-15 10:24 ` Hsin-Yi Wang
2019-05-15 10:24 ` Hsin-Yi Wang
2019-05-15 20:11 ` Ard Biesheuvel
2019-05-15 20:11 ` Ard Biesheuvel
2019-05-15 20:11 ` Ard Biesheuvel
2019-05-16 11:07 ` Mike Rapoport
2019-05-16 11:07 ` Mike Rapoport
2019-05-16 11:07 ` Mike Rapoport
2019-05-14 21:05 ` Stephen Boyd
2019-05-14 21:05 ` Stephen Boyd
2019-05-14 21:05 ` Stephen Boyd
2019-05-15 5:00 ` Mike Rapoport
2019-05-15 5:00 ` Mike Rapoport
2019-05-15 5:00 ` Mike Rapoport
2019-05-15 10:34 ` Hsin-Yi Wang
2019-05-15 10:34 ` Hsin-Yi Wang
2019-05-15 10:34 ` Hsin-Yi Wang
2019-05-13 8:42 ` [PATCH v2 1/2] fdt: add support for rng-seed Mike Rapoport
2019-05-13 8:42 ` Mike Rapoport
2019-05-13 8:42 ` Mike Rapoport
2019-05-13 13:14 ` Rob Herring [this message]
2019-05-13 13:14 ` Rob Herring
2019-05-13 13:14 ` Rob Herring
2019-05-15 9:07 ` Hsin-Yi Wang
2019-05-15 9:07 ` Hsin-Yi Wang
2019-05-15 9:07 ` Hsin-Yi Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAL_Jsq+Z5+M7fYCrkRKqN1yKTu6uyMKRKh-R4b-cj46y18hXOw@mail.gmail.com \
--to=robh+dt@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=andrew.murray@arm.com \
--cc=ard.biesheuvel@linaro.org \
--cc=boot-architecture@lists.linaro.org \
--cc=catalin.marinas@arm.com \
--cc=devicetree@vger.kernel.org \
--cc=frowand.list@gmail.com \
--cc=hsinyi@chromium.org \
--cc=james.morse@arm.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=mark.rutland@arm.com \
--cc=mhocko@suse.com \
--cc=miles.chen@mediatek.com \
--cc=rppt@linux.ibm.com \
--cc=swboyd@chromium.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.