Am 15. Oktober 2021 14:54:03 MESZ schrieb Kever Yang
<kever.y...@rock-chips.com>:
>Reviewed-by: Kever Yang <kever.y...@rock-chips.com>
>
>
>Thanks,
>- Kever
>
>Chris Morgan <macroalph...@gmail.com> 于2021年8月26日周四 上午12:23写道:
>>
>> From: Chris Morgan <macromor...@hotmail.com>
>>
>> Allow the kaslr-seed value in the chosen node to be set from a hardware
>> rng source.
>>
>> Tested on a Rockchip PX30 (Odroid Go Advance), you must have loaded
>> the devicetree first and prepared it for editing. On my device the
>> workflow goes as follows:
>>
>> setenv dtb_loadaddr "0x01f00000"
>> load mmc 0:1 ${dtb_loadaddr} rk3326-odroid-go2.dtb
>> fdt addr ${dtb_loadaddr}
>> fdt resize
>> kaslrseed
This seems overly complicated. Why don't you add the seed in the board fixup
routines in dependence on a Kconfig symbol.
Best regards
Heinrich
>>
>> and the output can be seen here:
>> fdt print /chosen
>> chosen {
>> kaslr-seed = <0x6f61df74 0x6f7b996c>;
>> stdout-path = "serial2:115200n8";
>> };
>>
>> Signed-off-by: Chris Morgan <macromor...@hotmail.com>
>> ---
>> cmd/Kconfig | 7 +++++
>> cmd/Makefile | 1 +
>> cmd/kaslrseed.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++++
>> 3 files changed, 89 insertions(+)
>> create mode 100644 cmd/kaslrseed.c
>>
>> diff --git a/cmd/Kconfig b/cmd/Kconfig
>> index ffef3cc76c..e62adff939 100644
>> --- a/cmd/Kconfig
>> +++ b/cmd/Kconfig
>> @@ -1790,6 +1790,13 @@ config CMD_RNG
>> help
>> Print bytes from the hardware random number generator.
>>
>> +config CMD_KASLRSEED
>> + bool "kaslrseed"
>> + depends on DM_RNG
>> + help
>> + Set the kaslr-seed in the chosen node with entropy provided by a
>> + hardware random number generator.
>> +
>> config CMD_SLEEP
>> bool "sleep"
>> default y
>> diff --git a/cmd/Makefile b/cmd/Makefile
>> index ed3669411e..34cbda72f5 100644
>> --- a/cmd/Makefile
>> +++ b/cmd/Makefile
>> @@ -131,6 +131,7 @@ obj-$(CONFIG_CMD_REGINFO) += reginfo.o
>> obj-$(CONFIG_CMD_REISER) += reiser.o
>> obj-$(CONFIG_CMD_REMOTEPROC) += remoteproc.o
>> obj-$(CONFIG_CMD_RNG) += rng.o
>> +obj-$(CONFIG_CMD_KASLRSEED) += kaslrseed.o
>> obj-$(CONFIG_CMD_ROCKUSB) += rockusb.o
>> obj-$(CONFIG_CMD_RTC) += rtc.o
>> obj-$(CONFIG_SANDBOX) += host.o
>> diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
>> new file mode 100644
>> index 0000000000..27c2648c91
>> --- /dev/null
>> +++ b/cmd/kaslrseed.c
>> @@ -0,0 +1,81 @@
>> +// SPDX-License-Identifier: GPL-2.0+
>> +/*
>> + * The 'kaslrseed' command takes bytes from the hardware random number
>> + * generator and uses them to set the kaslr-seed value in the chosen node.
>> + *
>> + * Copyright (c) 2021, Chris Morgan <macromor...@hotmail.com>
>> + */
>> +
>> +#include <common.h>
>> +#include <command.h>
>> +#include <dm.h>
>> +#include <hexdump.h>
>> +#include <malloc.h>
>> +#include <rng.h>
>> +#include <fdt_support.h>
>> +
>> +static int do_kaslr_seed(struct cmd_tbl *cmdtp, int flag, int argc, char
>> *const argv[])
>> +{
>> + size_t n = 0x8;
>> + struct udevice *dev;
>> + u64 *buf;
>> + int nodeoffset;
>> + int ret = CMD_RET_SUCCESS;
>> +
>> + if (uclass_get_device(UCLASS_RNG, 0, &dev) || !dev) {
>> + printf("No RNG device\n");
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + buf = malloc(n);
>> + if (!buf) {
>> + printf("Out of memory\n");
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + if (dm_rng_read(dev, buf, n)) {
>> + printf("Reading RNG failed\n");
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + if (!working_fdt) {
>> + printf("No FDT memory address configured. Please configure\n"
>> + "the FDT address via \"fdt addr <address>\"
>> command.\n"
>> + "Aborting!\n");
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + ret = fdt_check_header(working_fdt);
>> + if (ret < 0) {
>> + printf("fdt_chosen: %s\n", fdt_strerror(ret));
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + nodeoffset = fdt_find_or_add_subnode(working_fdt, 0, "chosen");
>> + if (nodeoffset < 0) {
>> + printf("Reading chosen node failed\n");
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + ret = fdt_setprop(working_fdt, nodeoffset, "kaslr-seed", buf,
>> sizeof(buf));
>> + if (ret < 0) {
>> + printf("Unable to set kaslr-seed on chosen node: %s\n",
>> fdt_strerror(ret));
>> + return CMD_RET_FAILURE;
>> + }
>> +
>> + free(buf);
>> +
>> + return ret;
>> +}
>> +
>> +#ifdef CONFIG_SYS_LONGHELP
>> +static char kaslrseed_help_text[] =
>> + "[n]\n"
>> + " - append random bytes to chosen kaslr-seed node\n";
>> +#endif
>> +
>> +U_BOOT_CMD(
>> + kaslrseed, 1, 0, do_kaslr_seed,
>> + "feed bytes from the hardware random number generator to the
>> kaslr-seed",
>> + kaslrseed_help_text
>> +);
>> --
>> 2.25.1
>>
