Hi Ilias, Applogies, I'm fairly new to upstream contributions and I've
missed a few things on multi-version patch series such as this one.
Simon has elightened about patman though (I feel a bit sheepish that I
haven't been using this tool all along). Should I resubmit this as a new
series to ensure prior reviews and change logs are captured?
Sean
On 2023-11-17 11:33 p.m., Ilias Apalodimas wrote:
Hi Sean
There are a few reviewed-by tags missing since v3/v4. Any reason you
dropped those? The change log doesn't mention anything
Thanks
/Ilias
On Fri, 17 Nov 2023 at 04:02,<seanedm...@linux.microsoft.com> wrote:
From: Dhananjay Phadke<dpha...@linux.microsoft.com>
Add support for KASLR seed from the RNG device. Invokes dm_rng_read()
API to read 8-bytes of random bytes. Performs the FDT fixup using event
spy. To enable use CONFIG_KASLR_RNG_SEED
Signed-off-by: Dhananjay Phadke<dpha...@linux.microsoft.com>
Signed-off-by: Drew Kluemke<anklu...@microsoft.com>
Signed-off-by: Sean Edmond<seanedm...@microsoft.com>
---
boot/fdt_support.c | 36 ++++++++++++++++++++++++++++++++++++
lib/Kconfig | 7 +++++++
2 files changed, 43 insertions(+)
diff --git a/boot/fdt_support.c b/boot/fdt_support.c
index 49d14a949be..12defcf645c 100644
--- a/boot/fdt_support.c
+++ b/boot/fdt_support.c
@@ -12,7 +12,10 @@
#include <log.h>
#include <mapmem.h>
#include <net.h>
+#include <rng.h>
#include <stdio_dev.h>
+#include <dm/device.h>
+#include <dm/uclass.h>
#include <dm/ofnode.h>
#include <linux/ctype.h>
#include <linux/types.h>
@@ -650,6 +653,39 @@ int fdt_fixup_kaslr_seed(ofnode node, const u8 *seed, int
len)
return 0;
}
+int fdt_rng_kaslr_seed(void *ctx, struct event *event)
+{
+ u8 rand[8] = {0};
+ struct udevice *dev;
+ int ret;
+ oftree tree = event->data.ft_fixup.tree;
+ ofnode root_node = oftree_root(tree);
+
+ ret = uclass_first_device_err(UCLASS_RNG, &dev);
+ if (ret) {
+ printf("ERROR: Failed to find RNG device\n");
+ return ret;
+ }
+
+ ret = dm_rng_read(dev, rand, sizeof(rand));
+ if (ret) {
+ printf("ERROR: RNG read failed, ret=%d\n", ret);
+ return ret;
+ }
+
+ ret = fdt_fixup_kaslr_seed(root_node, rand, sizeof(rand));
+ if (ret) {
+ printf("ERROR: failed to add kaslr-seed to fdt\n");
+ return ret;
+ }
+
+ return 0;
+}
+
+#if defined(CONFIG_KASLR_RNG_SEED)
+EVENT_SPY(EVT_FT_FIXUP, fdt_rng_kaslr_seed);
+#endif
+
int fdt_record_loadable(void *blob, u32 index, const char *name,
uintptr_t load_addr, u32 size, uintptr_t entry_point,
const char *type, const char *os, const char *arch)
diff --git a/lib/Kconfig b/lib/Kconfig
index 19649517a39..4f5dfc00d6f 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -477,6 +477,13 @@ config VPL_TPM
for the low-level TPM interface, but only one TPM is supported at
a time by the TPM library.
+config KASLR_RNG_SEED
+ bool "Use RNG driver for KASLR random seed"
+ depends on DM_RNG
+ help
+ This enables support for using the RNG driver as entropy source for
+ KASLR seed populated in kernel's device tree.
+
endmenu
menu "Android Verified Boot"
--
2.42.0
