Hi Jason,
On Fri, Sep 23, 2022 at 2:47 PM Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
> In order to pass fresh entropy to kexec'd kernels, use BI_VIRT_RNG_SEED
> for passing a seed, with the same semantics that kexec-tools currently
> uses for i386's setup_data.
>
> Cc: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
> Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
Thanks for your patch!
> --- a/kexec/arch/m68k/bootinfo.c
> +++ b/kexec/arch/m68k/bootinfo.c
> @@ -135,40 +135,45 @@ void bootinfo_print(void)
> size = bi->size;
> switch (tag) {
> case BI_MACHTYPE:
> printf("BI_MACHTYPE: 0x%08x\n", bi->machtype);
> break;
>
> case BI_MEMCHUNK:
> printf("BI_MEMCHUNK: 0x%08x bytes at 0x%08x\n",
> bi->mem_info.size, bi->mem_info.addr);
> break;
>
> case BI_RAMDISK:
> printf("BI_RAMDISK: 0x%08x bytes at 0x%08x\n",
> bi->mem_info.size, bi->mem_info.addr);
> break;
Hmm, lots of context.
>
> case BI_COMMAND_LINE:
> printf("BI_COMMAND_LINE: %s\n", bi->string);
> break;
>
> + case BI_VIRT_RNG_SEED:
This won't work as expected: BI_VIRT_* tags are only valid if the
machine type is MACH_VIRT.
Worse, this will trigger for other platform-specific tags using the same value:
arch/m68k/include/uapi/asm/bootinfo-amiga.h:#define
BI_AMIGA_CHIPSET 0x8006 /* native chipset present (__be32) */
arch/m68k/include/uapi/asm/bootinfo-mac.h:#define BI_MAC_SCCBASE
0x8006 /* Mac SCC base address */
arch/m68k/include/uapi/asm/bootinfo-virt.h:#define
BI_VIRT_RNG_SEED 0x8006
> + /* These are secret, so never print them to the console */
> + printf("BI_VIRT_RNG_SEED: 0x%08x bytes\n", be16_to_cpu(bi->bytes.len));
> + break;
> +
> default:
> printf("BI tag 0x%04x size %u\n", tag, size);
> break;
> }
> bi = bi_next(bi, size);
> }
> }
> }
>
> +void bootinfo_add_rng_seed(void)
> +{
> + struct bi_rec *bi;
> + enum { RNG_SEED_LEN = 32 };
> +
> + /* Remove existing rng seed records */
> + bi_remove(BI_VIRT_RNG_SEED);
> +
> + /* Add new rng seed record */
> + bi = bi_add(BI_VIRT_RNG_SEED, sizeof(bi->bytes) + RNG_SEED_LEN);
Likewise, this will destroy existing BI_AMIGA_CHIPSET and BI_MAC_SCCBASE
tags, breaking Amiga and Mac.
> + if (getrandom(bi->bytes.data, RNG_SEED_LEN, GRND_NONBLOCK) != RNG_SEED_LEN) {
> + bi_remove(BI_VIRT_RNG_SEED);
> + return;
> + }
> + bi->bytes.len = cpu_to_be16(RNG_SEED_LEN);
> +}
> +
>
As random seeds can now be generic, I think it makes sense to introduce
a machine-independent BI_RND_SEED.
In hindsight, we should have done this from the beginning...
> --- a/kexec/arch/m68k/bootinfo.h
> +++ b/kexec/arch/m68k/bootinfo.h
> @@ -1,43 +1,49 @@
> #include <asm/bootinfo.h>
> +#include <asm/bootinfo-virt.h>
>
> #define DEFAULT_BOOTINFO_FILE "/proc/bootinfo"
> #define MAX_BOOTINFO_SIZE 1536
>
>
> /*
> * Convenience overlay of several struct bi_record variants
> */
>
> struct bi_rec {
> __be16 tag;
> __be16 size;
> union {
> __be32 data[0];
> /* shorthands for the types we use */
> __be32 machtype;
> struct {
> __be32 addr;
> __be32 size;
> } mem_info;
> char string[0];
> + struct {
> + __be16 len;
> + u8 data[0];
> + } bytes;
I'd rather call this rng_seed, to avoid confusion between "data"
and "bytes",
> };
> };
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
_______________________________________________
kexec mailing list
kexec@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/kexec
