[PATCH] fdt: add kaslr-seed if DM_RNG is enabled

Wed May 15 02:50:05 CEST 2024

On 5/15/24 2:22 AM, Tim Harvey wrote:
> If RANDOMIZE_BASE is enabled in the Linux kernel instructing it to
> randomize the virtual address at which the kernel image is loaded, it
> expects entropy to be provided by the bootloader by populating
> /chosen/kaslr-seed with a 64-bit value from source of entropy at boot.

Thanks for working on this one, this is really nice.

> If we have DM_RNG enabled poulate this value automatically when
> fdt_chosen is called.
> 
> Signed-off-by: Tim Harvey <tharvey at gateworks.com>
> ---
>   boot/fdt_support.c | 23 +++++++++++++++++++++++
>   1 file changed, 23 insertions(+)
> 
> diff --git a/boot/fdt_support.c b/boot/fdt_support.c
> index 874ca4d6f5af..cd3069baf450 100644
> --- a/boot/fdt_support.c
> +++ b/boot/fdt_support.c
> @@ -7,10 +7,12 @@
>    */
>   
>   #include <abuf.h>
> +#include <dm.h>
>   #include <env.h>
>   #include <log.h>
>   #include <mapmem.h>
>   #include <net.h>
> +#include <rng.h>
>   #include <stdio_dev.h>
>   #include <dm/ofnode.h>
>   #include <linux/ctype.h>
> @@ -300,6 +302,27 @@ int fdt_chosen(void *fdt)
>   	if (nodeoffset < 0)
>   		return nodeoffset;
>   
> +	if (IS_ENABLED(CONFIG_DM_RNG)) {
> +		struct udevice *dev;
> +		size_t len = 0x8;
> +		u64 *data;
> +
> +		data = malloc(len);

Can you allocate this 8 byte array on stack , i.e. u64 data[2]; ?

cmd/kaslrseed.c could use similar clean up (and 
lib/efi_loader/efi_dt_fixup.c and boot/pxe_utils.c ... uhhh). Maybe you 
can deduplicate this functionality into common code shared by all those 
duplicates before the duplication gets out of control ?

lib/kaslrseed.c looks like a good place to put the common stuff.

> +		if (!data)
> +			return -ENOMEM;
> +
> +		err = uclass_get_device(UCLASS_RNG, 0, &dev);
> +		if (!err)
> +			err = dm_rng_read(dev, data, len);
> +		if (!err)
> +			err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", data, len);
> +		if (err < 0) {
> +			printf("WARNING: could not set kaslr-seed %s.\n",
> +			       fdt_strerror(err));
> +			return err;
> +		}

You're missing free() here, but it shouldn't be needed if you allocate 
the array on stack, which is better/simpler.