[PATCH v2 3/4] cmd: kaslrseed: Use common API to fixup FDT

Simon Glass sjg at chromium.org
Thu Sep 7 17:57:39 CEST 2023 

Hi Chris,

On Thu, 7 Sept 2023 at 09:45, Chris Morgan <macromorgan at hotmail.com> wrote:
>
> On Thu, Aug 31, 2023 at 01:02:02PM -0600, Simon Glass wrote:
> > Hi Sean,
> >
> > On Tue, 29 Aug 2023 at 14:37, <seanedmond at linux.microsoft.com> wrote:
> > >
> > > From: Sean Edmond <seanedmond at microsoft.com>
> > >
> > > Use the newly introduced common API fdt_fixup_kaslr_seed() in the
> > > kaslrseed command.
> > >
> > > Signed-off-by: Sean Edmond <seanedmond at microsoft.com>
> > > ---
> > >  cmd/kaslrseed.c | 22 ++++++++--------------
> > >  1 file changed, 8 insertions(+), 14 deletions(-)
> > >
> > > diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c
> > > index 8a1d8120cd..c65607619b 100644
> > > --- a/cmd/kaslrseed.c
> > > +++ b/cmd/kaslrseed.c
> > > @@ -19,7 +19,7 @@ static int do_kaslr_seed(struct cmd_tbl *cmdtp, int flag, int argc, char *const
> > >         size_t n = 0x8;
> > >         struct udevice *dev;
> > >         u64 *buf;
> > > -       int nodeoffset;
> > > +       ofnode root;
> > >         int ret = CMD_RET_SUCCESS;
> > >
> > >         if (uclass_get_device(UCLASS_RNG, 0, &dev) || !dev) {
> > > @@ -45,21 +45,15 @@ static int do_kaslr_seed(struct cmd_tbl *cmdtp, int flag, int argc, char *const
> > >                 return CMD_RET_FAILURE;
> > >         }
> > >
> > > -       ret = fdt_check_header(working_fdt);
> > > -       if (ret < 0) {
> > > -               printf("fdt_chosen: %s\n", fdt_strerror(ret));
> > > -               return CMD_RET_FAILURE;
> > > -       }
> > > -
> > > -       nodeoffset = fdt_find_or_add_subnode(working_fdt, 0, "chosen");
> > > -       if (nodeoffset < 0) {
> > > -               printf("Reading chosen node failed\n");
> > > -               return CMD_RET_FAILURE;
> > > +       ret = root_ofnode_from_fdt(working_fdt, &root);
> > > +       if (ret) {
> > > +               printf("ERROR: Unable to get root ofnode\n");
> > > +               goto CMD_RET_FAILURE;
> > >         }
> > >
> > > -       ret = fdt_setprop(working_fdt, nodeoffset, "kaslr-seed", buf, sizeof(buf));
> > > -       if (ret < 0) {
> > > -               printf("Unable to set kaslr-seed on chosen node: %s\n", fdt_strerror(ret));
> > > +       ret = fdt_fixup_kaslr_seed(root, buf, sizeof(buf));
> > > +       if (ret) {
> > > +               printf("ERROR: failed to add kaslr-seed to fdt\n");
> > >                 return CMD_RET_FAILURE;
> > >         }
> >
> > Reviewed-by: Simon Glass <sjg at chromium.org>
> >
> > So this command is intended to be used in a script? I am just trying
> > to understand why we have the fixup code as well as this.
> >
> > Regards,
> > Simon
>
> This command is intended to be used in a script, I wrote it as a
> command a while ago and thought it might be useful for others so I
> pushed it upstream. Since then I've started applying a kaslrseed value
> with a fixup (basically copying what the rng-seed fixup does) so I
> don't have to do anything special with my boot.scr files.
>
> I'm perfectly fine with either eliminating this command all together,
> or making it use a software RNG (again I can't speak to the security
> implications of this, as I'm not a security guy). I can just start
> adding the kaslr-seed in the board files anyway.

The command seems fine to me.

Regards,
Simon

More information about the U-Boot mailing list