[PATCH 1/1] efi_leader: delete rng-seed if having EFI RNG protocol

Ilias Apalodimas ilias.apalodimas at linaro.org
Thu Sep 19 17:13:37 CEST 2024 

On Thu, Sep 19, 2024, 18:05 Heinrich Schuchardt <
heinrich.schuchardt at canonical.com> wrote:

> On 19.09.24 17:00, Simon Glass wrote:
> > Hi,
> >
> > On Thu, 19 Sept 2024 at 16:32, Ilias Apalodimas
> > <ilias.apalodimas at linaro.org> wrote:
> >>
> >> Hi all,
> >>
> >> On Thu, 19 Sept 2024 at 17:20, Heinrich Schuchardt
> >> <heinrich.schuchardt at canonical.com> wrote:
> >>>
> >>> On 19.09.24 16:10, Simon Glass wrote:
> >>>> Hi Heinrich,
> >>>>
> >>>> On Sat, 14 Sept 2024 at 18:06, Heinrich Schuchardt
> >>>> <heinrich.schuchardt at canonical.com> wrote:
> >>>>>
> >>>>> For measured be boot we must avoid any volatile values in the
> device-tree.
> >>>>> We already delete /chosen/kaslr-seed if we provide and EFI RNG
> protocol.
> >>>>
> >>>> Could you explain a bit why this is, and where this is checked?
> >>>>>
> >>>>> Additionally remove /chosen/rng-seed provided by QEMU or U-Boot.
> >>>
> >>> Measured boot relies on creating hashes of artifacts and writing these
> >>> to TPM. If the hashes don't match the OS will either warn or refuse to
> >>> boot. The device-tree is one of the artifacts that are measured.
> >>>
> >>> If we have random values in /chosen, measured boot will fail.
> >>>
> >>> When an EFI RNG protocol is provided by the firmware, GRUB and the
> >>> kernel will use it instead of /chosen/rng-seed and /chosen/kaslr-seed.
> >>
> >> There's a comment on top of that function that explains what happens as
> well.
> >> In short the EFI stub does not even look at the KASLR seed and never
> >> randomizes the physical placement of the kernel. It only does that
> >> when the EFI_RNG protocol is there.
> >
> > OK thank you. I suppose I am more just wondering why it got added in
> > the first place?
>
> For booting via the legacy Linux entry point adding kaslr-seed allows to
> randomize addresses. QEMU adds rng-seed instead of kaslr-seed.
>

Not the kernel physical placement. It randomizes only the virtual placement

Thanks
Ilias

>
> Best regards
>
> Heinrich
>
> >
> > Regards,
> > Simon
> >
> >
> >>
> >> Regards
> >> /Ilias
> >>>
> >>> Best regards
> >>>
> >>> Heinrich
> >>>
> >>>>>
> >>>>> Signed-off-by: Heinrich Schuchardt <
> heinrich.schuchardt at canonical.com>
> >>>>> ---
> >>>>>    include/efi_loader.h          |  2 +-
> >>>>>    lib/efi_loader/efi_dt_fixup.c | 15 ++++++++++-----
> >>>>>    lib/efi_loader/efi_helper.c   |  2 +-
> >>>>>    3 files changed, 12 insertions(+), 7 deletions(-)
> >>>>
> >>>> [..]
> >>>>
> >>>> Regards,
> >>>> Simon
> >>>
>
>

More information about the U-Boot mailing list