[PATCH] efi/arm64: Update debug prints to reflect other entropy sources

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Currently the EFI stub prints a diagnostic on boot saying that KASLR will
be disabled if it is unable to use the EFI RNG protocol to obtain a seed
for KASLR. When this code was originally added there were no other entropy
sources which KASLR would be able to obtain entropy from so this was
accurate but with the addition of support of v8.5-RNG and the SMCCC RNG
protocol it is now possible for KASLR to obtain entropy even if the EFI
RNG protocol is unsupported in the system. This has been seen in emulated
systems with EFI.

Weaken the diagnostic to reflect the fact that KASLR may not be disabled,
the warning is still useful as other sources may not be available and newer
versions of both SBBR and EBBR require the RNG protocol and recommend that
it be able to provide sufficient entropy for seeding KASLR.

Signed-off-by: Mark Brown <broonie@xxxxxxxxxx>
---
 drivers/firmware/efi/libstub/arm64-stub.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c
index 22ece1ad68a8..94ade08b1054 100644
--- a/drivers/firmware/efi/libstub/arm64-stub.c
+++ b/drivers/firmware/efi/libstub/arm64-stub.c
@@ -61,10 +61,10 @@ efi_status_t handle_kernel_image(unsigned long *image_addr,
 			status = efi_get_random_bytes(sizeof(phys_seed),
 						      (u8 *)&phys_seed);
 			if (status == EFI_NOT_FOUND) {
-				efi_info("EFI_RNG_PROTOCOL unavailable, KASLR will be disabled\n");
+				efi_info("EFI_RNG_PROTOCOL unavailable, KASLR may be disabled\n");
 				efi_nokaslr = true;
 			} else if (status != EFI_SUCCESS) {
-				efi_err("efi_get_random_bytes() failed (0x%lx), KASLR will be disabled\n",
+				efi_err("efi_get_random_bytes() failed (0x%lx), KASLR may be disabled\n",
 					status);
 				efi_nokaslr = true;
 			}
-- 
2.20.1




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux