From: Kees Cook <keescook@chromium.org>
To: Laura Abbott <labbott@redhat.com>
Cc: Daniel Micay <danielmicay@gmail.com>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>,
LKML <linux-kernel@vger.kernel.org>,
Linux-MM <linux-mm@kvack.org>,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCHv3 2/2] extract early boot entropy from the passed cmdline
Date: Wed, 16 Aug 2017 16:23:16 -0700 [thread overview]
Message-ID: <CAGXu5j+orJe-6FzZvuOiZQKM+_vnwjVmN_5_KP7+LJH_-h0MZg@mail.gmail.com> (raw)
In-Reply-To: <20170816231458.2299-3-labbott@redhat.com>
On Wed, Aug 16, 2017 at 4:14 PM, Laura Abbott <labbott@redhat.com> wrote:
> From: Daniel Micay <danielmicay@gmail.com>
>
>
> Existing Android bootloaders usually pass data useful as early entropy
> on the kernel command-line. It may also be the case on other embedded
> systems. Sample command-line from a Google Pixel running CopperheadOS:
>
> console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0
> androidboot.hardware=sailfish user_debug=31 ehci-hcd.park=3
> lpm_levels.sleep_disabled=1 cma=32M@0-0xffffffff buildvariant=user
> veritykeyid=id:dfcb9db0089e5b3b4090a592415c28e1cb4545ab
> androidboot.bootdevice=624000.ufshc androidboot.verifiedbootstate=yellow
> androidboot.veritymode=enforcing androidboot.keymaster=1
> androidboot.serialno=FA6CE0305299 androidboot.baseband=msm
> mdss_mdp.panel=1:dsi:0:qcom,mdss_dsi_samsung_ea8064tg_1080p_cmd:1:none:cfg:single_dsi
> androidboot.slot_suffix=_b fpsimd.fpsimd_settings=0
> app_setting.use_app_setting=0 kernelflag=0x00000000 debugflag=0x00000000
> androidboot.hardware.revision=PVT radioflag=0x00000000
> radioflagex1=0x00000000 radioflagex2=0x00000000 cpumask=0x00000000
> androidboot.hardware.ddr=4096MB,Hynix,LPDDR4 androidboot.ddrinfo=00000006
> androidboot.ddrsize=4GB androidboot.hardware.color=GRA00
> androidboot.hardware.ufs=32GB,Samsung androidboot.msm.hw_ver_id=268824801
> androidboot.qf.st=2 androidboot.cid=11111111 androidboot.mid=G-2PW4100
> androidboot.bootloader=8996-012001-1704121145
> androidboot.oem_unlock_support=1 androidboot.fp_src=1
> androidboot.htc.hrdump=detected androidboot.ramdump.opt=mem@2g:2g,mem@4g:2g
> androidboot.bootreason=reboot androidboot.ramdump_enable=0 ro
> root=/dev/dm-0 dm="system none ro,0 1 android-verity /dev/sda34"
> rootwait skip_initramfs init=/init androidboot.wificountrycode=US
> androidboot.boottime=1BLL:85,1BLE:669,2BLL:0,2BLE:1777,SW:6,KL:8136
>
> Among other things, it contains a value unique to the device
> (androidboot.serialno=FA6CE0305299), unique to the OS builds for the
> device variant (veritykeyid=id:dfcb9db0089e5b3b4090a592415c28e1cb4545ab)
> and timings from the bootloader stages in milliseconds
> (androidboot.boottime=1BLL:85,1BLE:669,2BLL:0,2BLE:1777,SW:6,KL:8136).
>
> Signed-off-by: Daniel Micay <danielmicay@gmail.com>
> [labbott: Line-wrapped command line]
> Signed-off-by: Laura Abbott <labbott@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Thanks!
-Kees
> ---
> v3: add_device_randomness comes before canary initialization, clarified comment.
> ---
> init/main.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/init/main.c b/init/main.c
> index 21d599eaad06..ba2b3a8a2382 100644
> --- a/init/main.c
> +++ b/init/main.c
> @@ -530,8 +530,10 @@ asmlinkage __visible void __init start_kernel(void)
> setup_arch(&command_line);
> /*
> * Set up the the initial canary and entropy after arch
> + * and after adding latent and command line entropy.
> */
> add_latent_entropy();
> + add_device_randomness(command_line, strlen(command_line));
> boot_init_stack_canary();
> mm_init_cpumask(&init_mm);
> setup_command_line(command_line);
> --
> 2.13.0
>
--
Kees Cook
Pixel Security
next prev parent reply other threads:[~2017-08-16 23:23 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-16 23:14 [PATCHv3 0/2] Command line randomness Laura Abbott
2017-08-16 23:14 ` [PATCHv3 1/2] init: Move stack canary initialization after setup_arch Laura Abbott
2017-08-16 23:14 ` [PATCHv3 2/2] extract early boot entropy from the passed cmdline Laura Abbott
2017-08-16 23:23 ` Kees Cook [this message]
2017-08-17 3:31 ` Theodore Ts'o
2017-08-17 4:23 ` Daniel Micay
2017-08-17 20:57 ` Daniel Micay
2017-08-17 21:44 ` Theodore Ts'o
2017-08-30 9:57 ` Pavel Machek
2017-08-30 13:27 ` [kernel-hardening] " Nick Kralevich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGXu5j+orJe-6FzZvuOiZQKM+_vnwjVmN_5_KP7+LJH_-h0MZg@mail.gmail.com \
--to=keescook@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=danielmicay@gmail.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).