Re: [PATCH 0/3] random: add random.rng_seed to bootconfig entry

From: Masami Hiramatsu <mhiramat@kernel.org>
To: Rob Herring <robh@kernel.org>
Cc: Mark Salyzyn <salyzyn@android.com>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Android Kernel Team <kernel-team@android.com>,
	"Theodore Ts'o" <tytso@mit.edu>, Arnd Bergmann <arnd@arndb.de>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Richard Henderson <richard.henderson@linaro.org>,
	Mark Brown <broonie@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Hsin-Yi Wang <hsinyi@chromium.org>,
	Vasily Gorbik <gor@linux.ibm.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Steven Rostedt <rostedt@goodmis.org>,
	Mike Rapoport <rppt@linux.ibm.com>,
	Arvind Sankar <nivedita@alum.mit.edu>,
	Dominik Brodowski <linux@dominikbrodowski.net>,
	Thomas Gleixner <tglx@linutronix.de>,
	Alexander Potapenko <glider@google.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Mauro Carvalho Chehab <mchehab+samsung@kernel.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
	Juergen Gross <jgross@suse.com>,
	Linux Doc Mailing List <linux-doc@vger.kernel.org>
Subject: Re: [PATCH 0/3] random: add random.rng_seed to bootconfig entry
Date: Sat, 15 Feb 2020 09:17:18 +0900	[thread overview]
Message-ID: <20200215091718.129eecc9b65a9c41c91027b0@kernel.org> (raw)
In-Reply-To: <CAL_JsqKb=qBH6QXphEZi7vMS+2K5kNj1riXQiUWma=bidAjN5A@mail.gmail.com>

Hi Rob,

On Fri, 14 Feb 2020 12:14:53 -0600
Rob Herring <robh@kernel.org> wrote:

> To clarify my question: Why do we need random seed in bootconfig
> rather than just the kernel command line? I'm not understanding why
> things changed from your original patch.

I recommended to use it in the previous thread, because of simplicity.
Since it has to hide from userspace and modules, it needs to modify
kernel command line. But the bootconfig can make it simple, and it
also architecture independent.

> > In addition, 2B Android devices on the planet, especially in light of
> > the Android GKI distribution were everything that is vendor created is
> > in a module, needs a way to collect early entropy prior to module load
> > and pass it to the kernel. Yes, they do have access to the recently
> > added Device Tree approach, and we expect them to use it, as I have an
> > active backport for the mechanism into the Android 4.19 and 5.4 kernels.

FYI, I backported bootconfig with boot-time tracer for 4.19 stable kernel
recently.

https://github.com/mhiramat/linux/commits/ftrace-boottrace-4.19

You can check what commits are related.

> > There may also be some benefit to allowing the 13000 different
> > bootloaders an option to use bootconfig as a way of propagating the much
> > needed entropy to their kernels. I could make a case to also allow them
> > command line as another option to relieve their development stress to
> > deliver product, but we can stop there. Regardless, this early entropy
> > has the benefit of greatly improving security and precious boot time.
> 
> We're going to update 13000 bootloaders to understand bootconfig
> rather than use the infrastructure already in place (DT and/or command
> line)?
> 
> bootconfig is an ftrace feature only IMO. If it's more than that, I
> imagine there will be some opinions about that. Adding new
> bootloader-kernel interfaces is painful and not something to just add
> without much review.

The bootconfig itself is designed as a generic feature. I had tried to use
devicetree, but that was rejected. Thus I made it as a "software
configuration tree" (but far simpler.)

If you have any review comment on the bootconfig, always welcome!
Seriously, I would like to have more comments. I want to make it better.

Thank you,

-- 
Masami Hiramatsu <mhiramat@kernel.org>