On Thu, 2015-07-16 at 22:25 +0800, Lee, Chun-Yi wrote: > This patch adds the codes for generating random number array as the > HMAC key that will used by later EFI stub codes. > > The original codes in efi_random copied from aslr and add the codes > to accept input entropy and EFI debugging. In later patch will add > the codes to get random number by EFI protocol. The separate codes > can avoid impacting aslr function. > > Signed-off-by: Lee, Chun-Yi <jlee@xxxxxxxx> > --- > arch/x86/boot/compressed/Makefile | 1 + > arch/x86/boot/compressed/efi_random.c | 88 +++++++++++++++++++++++++++++++++++ > arch/x86/boot/compressed/misc.c | 4 +- > arch/x86/boot/compressed/misc.h | 2 +- > 4 files changed, 92 insertions(+), 3 deletions(-) > create mode 100644 arch/x86/boot/compressed/efi_random.c [...] > +static unsigned long get_random_long(unsigned long entropy, > + struct boot_params *boot_params, > + efi_system_table_t *sys_table) > +{ > +#ifdef CONFIG_X86_64 > + const unsigned long mix_const = 0x5d6008cbf3848dd3UL; > +#else > + const unsigned long mix_const = 0x3f39e593UL; > +#endif > + unsigned long raw, random; > + bool use_i8254 = true; > + > + efi_printk(sys_table, " EFI random"); Probably want to remove these efi_printk()s from the final version ;-) > + if (entropy) > + random = entropy; > + else > + random = get_random_boot(boot_params); > + > + if (rdrand_feature()) { > + efi_printk(sys_table, " RDRAND"); > + if (rdrand_long(&raw)) { > + random ^= raw; > + use_i8254 = false; > + } > + } > + > + if (rdtsc_feature()) { > + efi_printk(sys_table, " RDTSC"); > + rdtscll(raw); > + > + random ^= raw; > + use_i8254 = false; > + } > + > + if (use_i8254) { > + efi_printk(sys_table, " i8254"); > + random ^= i8254(); > + } > + > + /* Circular multiply for better bit diffusion */ > + asm("mul %3" > + : "=a" (random), "=d" (raw) > + : "a" (random), "rm" (mix_const)); > + random += raw; > + > + efi_printk(sys_table, "...\n"); > + > + return random; > +} > + > +void efi_get_random_key(efi_system_table_t *sys_table, > + struct boot_params *params, u8 key[], int size) > +{ I would think that the size of the key array should be unsigned. -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html