From: Hsin-Yi Wang <hsinyi@chromium.org>
To: linux-arm-kernel@lists.infradead.org,
"Theodore Y . Ts'o" <tytso@mit.edu>
Cc: Russell King <linux@armlinux.org.uk>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H . Peter Anvin" <hpa@zytor.com>,
"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
Kate Stewart <kstewart@linuxfoundation.org>,
"David S . Miller" <davem@davemloft.net>,
Viresh Kumar <viresh.kumar@linaro.org>,
Marek Szyprowski <m.szyprowski@samsung.com>,
Arnd Bergmann <arnd@arndb.de>, Marc Zyngier <maz@kernel.org>,
Julien Thierry <julien.thierry.kdev@gmail.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Wei Li <liwei391@huawei.com>,
Anders Roxell <anders.roxell@linaro.org>,
Rob Herring <robh@kernel.org>,
Aaro Koskinen <aaro.koskinen@nokia.com>,
Daniel Thompson <daniel.thompson@linaro.org>,
Tim Chen <tim.c.chen@linux.intel.com>,
Rik van Riel <riel@surriel.com>, Waiman Long <longman@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Armijn Hemel <armijn@tjaldur.nl>,
Grzegorz Halat <ghalat@redhat.com>,
Len Brown <len.brown@intel.com>,
Shaokun Zhang <zhangshaokun@hisilicon.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Kees Cook <keescook@chromium.org>,
Stephen Boyd <swboyd@chromium.org>,
Guenter Roeck <groeck@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Alexey Dobriyan <adobriyan@gmail.com>,
Yury Norov <ynorov@marvell.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Jiri Kosina <jkosina@suse.cz>, Mukesh Ojha <mojha@codeaurora.org>,
linux-kernel@vger.kernel.org
Subject: [PATCH v9 3/3] arm64: kexec_file: add rng-seed support
Date: Thu, 22 Aug 2019 15:15:23 +0800 [thread overview]
Message-ID: <20190822071522.143986-4-hsinyi@chromium.org> (raw)
In-Reply-To: <20190822071522.143986-1-hsinyi@chromium.org>
Adding "rng-seed" to dtb. It's fine to add this property if original
fdt doesn't contain it. Since original seed will be wiped after
read, so use a default size 128 bytes here.
Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
---
No change since v7.
---
arch/arm64/kernel/machine_kexec_file.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/kernel/machine_kexec_file.c b/arch/arm64/kernel/machine_kexec_file.c
index ba78ee7ca990..7b08bf9499b6 100644
--- a/arch/arm64/kernel/machine_kexec_file.c
+++ b/arch/arm64/kernel/machine_kexec_file.c
@@ -27,6 +27,8 @@
#define FDT_PROP_INITRD_END "linux,initrd-end"
#define FDT_PROP_BOOTARGS "bootargs"
#define FDT_PROP_KASLR_SEED "kaslr-seed"
+#define FDT_PROP_RNG_SEED "rng-seed"
+#define RNG_SEED_SIZE 128
const struct kexec_file_ops * const kexec_file_loaders[] = {
&kexec_image_ops,
@@ -102,6 +104,19 @@ static int setup_dtb(struct kimage *image,
FDT_PROP_KASLR_SEED);
}
+ /* add rng-seed */
+ if (rng_is_initialized()) {
+ u8 rng_seed[RNG_SEED_SIZE];
+ get_random_bytes(rng_seed, RNG_SEED_SIZE);
+ ret = fdt_setprop(dtb, off, FDT_PROP_RNG_SEED, rng_seed,
+ RNG_SEED_SIZE);
+ if (ret)
+ goto out;
+ } else {
+ pr_notice("RNG is not initialised: omitting \"%s\" property\n",
+ FDT_PROP_RNG_SEED);
+ }
+
out:
if (ret)
return (ret == -FDT_ERR_NOSPACE) ? -ENOMEM : -EINVAL;
@@ -110,7 +125,8 @@ static int setup_dtb(struct kimage *image,
}
/*
- * More space needed so that we can add initrd, bootargs and kaslr-seed.
+ * More space needed so that we can add initrd, bootargs, kaslr-seed, and
+ * rng-seed.
*/
#define DTB_EXTRA_SPACE 0x1000
--
2.20.1
prev parent reply other threads:[~2019-08-22 7:16 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-22 7:15 [PATCH v9 0/3] add support for rng-seed Hsin-Yi Wang
2019-08-22 7:15 ` [PATCH v9 1/3] arm64: map FDT as RW for early_init_dt_scan() Hsin-Yi Wang
2019-08-22 7:15 ` [PATCH v9 2/3] fdt: add support for rng-seed Hsin-Yi Wang
2019-08-22 16:03 ` Theodore Y. Ts'o
2019-08-22 17:39 ` Stephen Boyd
2019-08-24 19:04 ` Kees Cook
2019-08-29 10:03 ` Hsin-Yi Wang
2019-08-29 15:45 ` Theodore Y. Ts'o
2019-08-29 16:22 ` Kees Cook
2019-08-22 7:15 ` Hsin-Yi Wang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190822071522.143986-4-hsinyi@chromium.org \
--to=hsinyi@chromium.org \
--cc=aaro.koskinen@nokia.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=anders.roxell@linaro.org \
--cc=armijn@tjaldur.nl \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=daniel.thompson@linaro.org \
--cc=davem@davemloft.net \
--cc=ghalat@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=groeck@chromium.org \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=jpoimboe@redhat.com \
--cc=julien.thierry.kdev@gmail.com \
--cc=keescook@chromium.org \
--cc=kstewart@linuxfoundation.org \
--cc=len.brown@intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=liwei391@huawei.com \
--cc=longman@redhat.com \
--cc=m.szyprowski@samsung.com \
--cc=mathieu.desnoyers@efficios.com \
--cc=maz@kernel.org \
--cc=mingo@redhat.com \
--cc=mojha@codeaurora.org \
--cc=mtosatti@redhat.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=riel@surriel.com \
--cc=robh@kernel.org \
--cc=rppt@linux.vnet.ibm.com \
--cc=swboyd@chromium.org \
--cc=tglx@linutronix.de \
--cc=tim.c.chen@linux.intel.com \
--cc=tytso@mit.edu \
--cc=viresh.kumar@linaro.org \
--cc=will@kernel.org \
--cc=ynorov@marvell.com \
--cc=zhangshaokun@hisilicon.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).