[PATCH 1/2] cmd: kaslrseed: add command to generate value from hwrng

[Chris Morgan]

From: Chris Morgan <macromorgan at hotmail.com>

Allow the kaslr-seed value in the chosen node to be set from a hardware
rng source.

Tested on a Rockchip PX30 (Odroid Go Advance), you must have loaded
the devicetree first and prepared it for editing. On my device the
workflow goes as follows:

setenv dtb_loadaddr "0x01f00000"
load mmc 0:1 ${dtb_loadaddr} rk3326-odroid-go2.dtb
fdt addr ${dtb_loadaddr}
fdt resize
kaslrseed

and the output can be seen here:
fdt print /chosen
chosen {
        kaslr-seed = <0x6f61df74 0x6f7b996c>;
        stdout-path = "serial2:115200n8";
};

Signed-off-by: Chris Morgan <macromorgan at hotmail.com>
---
 cmd/Kconfig     |  7 +++++
 cmd/Makefile    |  1 +
 cmd/kaslrseed.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 89 insertions(+)
 create mode 100644 cmd/kaslrseed.c

diff --git a/cmd/Kconfig b/cmd/Kconfig
index ffef3cc76c..e62adff939 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -1790,6 +1790,13 @@ config CMD_RNG
 	help
 	  Print bytes from the hardware random number generator.
 
+config CMD_KASLRSEED
+	bool "kaslrseed"
+	depends on DM_RNG
+	help
+	  Set the kaslr-seed in the chosen node with entropy provided by a
+	  hardware random number generator.
+
 config CMD_SLEEP
 	bool "sleep"
 	default y
diff --git a/cmd/Makefile b/cmd/Makefile
index ed3669411e..34cbda72f5 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -131,6 +131,7 @@ obj-$(CONFIG_CMD_REGINFO) += reginfo.o
 obj-$(CONFIG_CMD_REISER) += reiser.o
 obj-$(CONFIG_CMD_REMOTEPROC) += remoteproc.o
 obj-$(CONFIG_CMD_RNG) += rng.o
+obj-$(CONFIG_CMD_KASLRSEED) += kaslrseed.o
 obj-$(CONFIG_CMD_ROCKUSB) += rockusb.o
 obj-$(CONFIG_CMD_RTC) += rtc.o
 obj-$(CONFIG_SANDBOX) += host.o
diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
new file mode 100644
index 0000000000..27c2648c91
--- /dev/null
+++ b/cmd/kaslrseed.c
@@ -0,0 +1,81 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * The 'kaslrseed' command takes bytes from the hardware random number
+ * generator and uses them to set the kaslr-seed value in the chosen node.
+ *
+ * Copyright (c) 2021, Chris Morgan <macromorgan at hotmail.com>
+ */
+
+#include <common.h>
+#include <command.h>
+#include <dm.h>
+#include <hexdump.h>
+#include <malloc.h>
+#include <rng.h>
+#include <fdt_support.h>
+
+static int do_kaslr_seed(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+	size_t n = 0x8;
+	struct udevice *dev;
+	u64 *buf;
+	int nodeoffset;
+	int ret = CMD_RET_SUCCESS;
+
+	if (uclass_get_device(UCLASS_RNG, 0, &dev) || !dev) {
+		printf("No RNG device\n");
+		return CMD_RET_FAILURE;
+	}
+
+	buf = malloc(n);
+	if (!buf) {
+		printf("Out of memory\n");
+		return CMD_RET_FAILURE;
+	}
+
+	if (dm_rng_read(dev, buf, n)) {
+		printf("Reading RNG failed\n");
+		return CMD_RET_FAILURE;
+	}
+
+	if (!working_fdt) {
+		printf("No FDT memory address configured. Please configure\n"
+		       "the FDT address via \"fdt addr <address>\" command.\n"
+		       "Aborting!\n");
+		return CMD_RET_FAILURE;
+	}
+
+	ret = fdt_check_header(working_fdt);
+	if (ret < 0) {
+		printf("fdt_chosen: %s\n", fdt_strerror(ret));
+		return CMD_RET_FAILURE;
+	}
+
+	nodeoffset = fdt_find_or_add_subnode(working_fdt, 0, "chosen");
+	if (nodeoffset < 0) {
+		printf("Reading chosen node failed\n");
+		return CMD_RET_FAILURE;
+	}
+
+	ret = fdt_setprop(working_fdt, nodeoffset, "kaslr-seed", buf, sizeof(buf));
+	if (ret < 0) {
+		printf("Unable to set kaslr-seed on chosen node: %s\n", fdt_strerror(ret));
+		return CMD_RET_FAILURE;
+	}
+
+	free(buf);
+
+	return ret;
+}
+
+#ifdef CONFIG_SYS_LONGHELP
+static char kaslrseed_help_text[] =
+	"[n]\n"
+	"  - append random bytes to chosen kaslr-seed node\n";
+#endif
+
+U_BOOT_CMD(
+	kaslrseed, 1, 0, do_kaslr_seed,
+	"feed bytes from the hardware random number generator to the kaslr-seed",
+	kaslrseed_help_text
+);
-- 
2.25.1