From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5E940C4332F for ; Wed, 13 Oct 2021 18:10:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 43478610C9 for ; Wed, 13 Oct 2021 18:10:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238365AbhJMSMt (ORCPT ); Wed, 13 Oct 2021 14:12:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45628 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230313AbhJMSMs (ORCPT ); Wed, 13 Oct 2021 14:12:48 -0400 Received: from mail-lf1-x136.google.com (mail-lf1-x136.google.com [IPv6:2a00:1450:4864:20::136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 902CBC061749 for ; Wed, 13 Oct 2021 11:10:44 -0700 (PDT) Received: by mail-lf1-x136.google.com with SMTP id x27so15407696lfa.9 for ; Wed, 13 Oct 2021 11:10:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=N5TEQck0sZT4Ta6tLRdPV0UEutrCTFu6Cme/v+Sjxeo=; b=SaBwLltyOmUvlw+l0jpPn7wVhVSDwOsS8Hu5rEK9OpOug+BYojmm5wqKNl0BTrxZaQ 3h1GTB5AWGNWSheykrLTlOKQc/h7OJN0mmXmyVOTNL1j3vc+i5dyekCsELRnoZWlrrB9 Iw7hrQBF+bsu/Fyt8bUUy/myKxarefszUTnNk6HsDIaaLmRgo/fCZ3UybZoXGAWoLjky j0sOhUYP/lnrNgPIAH09BzTXQDDMj8YUBb9nVfrk6jb4Ra2LBOb4mPLa9aH4rVv7Z3a+ DaSfJ3Buol8PVepBofHzT48F3ygzpBC8vjNwkHrUJfEWpm0g2FewUZzsX1bHyeCdzjgK NNKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=N5TEQck0sZT4Ta6tLRdPV0UEutrCTFu6Cme/v+Sjxeo=; b=wJX6ToGippH2rK/CwGiFFRwprdmFNSD+DAOxKQQW2O7i9au72gFtwNYl+IJ7AV0SD7 wXnbdOwaskHAZkOYCvfOQYMAO83BTMVqsjgd9FNp/pLWOcAy1QaJbwJqMUnYw+/4qDfK u1XUHoia2wNcWGC23gdqphAWJWLswCvrBmcX9XiFMuF234vNw4HFXc6MedZFBTeMrdRG uSuIb+JvsecA7VYQHB0b4cMmE2AA46DXTU0DRA5fwoMYlANmmfkEzIup5vz4CPsQgQ6s QVfi/8TgqrXJzS+weNpNhCjTc1rTzJ7i6g8PpNv7RYB11hTpMPLnEcyv13M6VSbX3Rnn hgdg== X-Gm-Message-State: AOAM530PSCIPL4LPBpWB1TdUu2z1piAd6I1Y1Z861K4Pc2KPzMZ7MzBa Igmsa2RLUH3+QdkEa9wR2Xd0nw7t5p/wkSxfX/75DA== X-Google-Smtp-Source: ABdhPJw5L7jyVnMlYlOYxjOH7TmSjBEYG/z0/c0zDFSzwpz1g92FtKbr0u/AksA/tbj34qCNAzrLecP/Pacty/C8bC0= X-Received: by 2002:a05:6512:4c7:: with SMTP id w7mr517901lfq.444.1634148642379; Wed, 13 Oct 2021 11:10:42 -0700 (PDT) MIME-Version: 1.0 References: <20211013175742.1197608-1-keescook@chromium.org> <20211013175742.1197608-3-keescook@chromium.org> In-Reply-To: <20211013175742.1197608-3-keescook@chromium.org> From: Nick Desaulniers Date: Wed, 13 Oct 2021 11:10:31 -0700 Message-ID: Subject: Re: [PATCH 2/4] x86/boot: Allow a "silent" kaslr random byte fetch To: Kees Cook Cc: Borislav Petkov , Josh Poimboeuf , "H. Peter Anvin" , Kristen Carlson Accardi , Tony Luck , Alexander Lobakin , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Arnd Bergmann , Joerg Roedel , Arvind Sankar , Jing Yangyang , Abaci Robot , Jiapeng Chong , Nathan Chancellor , Vincenzo Frascino , Andrey Konovalov , Miroslav Benes , "H. Nikolaus Schaller" , Fangrui Song , linux-kernel@vger.kernel.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 13, 2021 at 10:57 AM Kees Cook wrote: > > Under earlyprintk, each RNG call produces a debug report line. To support > the future FGKASLR feature, which will fetch random bytes during function > shuffling, this is not useful information (each line is identical and > tells us nothing new), needlessly spamming the console. Instead, allow > for a NULL "purpose" to suppress the debug reporting. Reviewed-by: Nick Desaulniers > > Signed-off-by: Kees Cook > --- > arch/x86/lib/kaslr.c | 18 ++++++++++++------ > 1 file changed, 12 insertions(+), 6 deletions(-) > > diff --git a/arch/x86/lib/kaslr.c b/arch/x86/lib/kaslr.c > index a53665116458..2b3eb8c948a3 100644 > --- a/arch/x86/lib/kaslr.c > +++ b/arch/x86/lib/kaslr.c > @@ -56,11 +56,14 @@ unsigned long kaslr_get_random_long(const char *purpose) > unsigned long raw, random = get_boot_seed(); > bool use_i8254 = true; > > - debug_putstr(purpose); > - debug_putstr(" KASLR using"); > + if (purpose) { > + debug_putstr(purpose); > + debug_putstr(" KASLR using"); > + } > > if (has_cpuflag(X86_FEATURE_RDRAND)) { > - debug_putstr(" RDRAND"); > + if (purpose) > + debug_putstr(" RDRAND"); > if (rdrand_long(&raw)) { > random ^= raw; > use_i8254 = false; > @@ -68,7 +71,8 @@ unsigned long kaslr_get_random_long(const char *purpose) > } > > if (has_cpuflag(X86_FEATURE_TSC)) { > - debug_putstr(" RDTSC"); > + if (purpose) > + debug_putstr(" RDTSC"); > raw = rdtsc(); > > random ^= raw; > @@ -76,7 +80,8 @@ unsigned long kaslr_get_random_long(const char *purpose) > } > > if (use_i8254) { > - debug_putstr(" i8254"); > + if (purpose) > + debug_putstr(" i8254"); > random ^= i8254(); > } > > @@ -86,7 +91,8 @@ unsigned long kaslr_get_random_long(const char *purpose) > : "a" (random), "rm" (mix_const)); > random += raw; > > - debug_putstr("...\n"); > + if (purpose) > + debug_putstr("...\n"); > > return random; > } > -- > 2.30.2 > -- Thanks, ~Nick Desaulniers