Hi Ard, On Thu, 20 Oct 2022 at 11:40, Ard Biesheuvel <ardb@xxxxxxxxxx> wrote: > > EFI runtime services data is guaranteed to be preserved by the OS, > making it a suitable candidate for the EFI random seed table, which may > be passed to kexec kernels as well (after refreshing the seed), and so > we need to ensure that the memory is preserved without support from the > OS itself. > > However, runtime services data is intended for allocations that are > relevant to the implementations of the runtime services themselves, and > so they are unmapped from the kernel linear map, and mapped into the EFI > page tables that are active while runtime service invocations are in > progress. None of this is needed for the RNG seed. > > So let's switch to EFI 'ACPI reclaim' memory: in spite of the name, > there is nothing exclusively ACPI about it, it is simply a type of > allocation that carries firmware provided data which may or may not be > relevant to the OS, and it is left up to the OS to decide whether to > reclaim it after having consumed its contents. > > Given that in Linux, we never reclaim these allocations, it is a good > choice for the EFI RNG seed, as the allocation is guaranteed to survive > kexec reboots. Can we add this as a comment right above the efi_bs_call() > > One additional reason for changing this now is to align it with the > upcoming recommendation for EFI bootloader provided RNG seeds, which > must not use EFI runtime services code/data allocations. > > Cc: <stable@xxxxxxxxxxxxxxx> # v4.14+ > Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > --- > drivers/firmware/efi/libstub/random.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/firmware/efi/libstub/random.c b/drivers/firmware/efi/libstub/random.c > index 24aa37535372..183dc5cdb8ed 100644 > --- a/drivers/firmware/efi/libstub/random.c > +++ b/drivers/firmware/efi/libstub/random.c > @@ -75,7 +75,7 @@ efi_status_t efi_random_get_seed(void) > if (status != EFI_SUCCESS) > return status; > > - status = efi_bs_call(allocate_pool, EFI_RUNTIME_SERVICES_DATA, > + status = efi_bs_call(allocate_pool, EFI_ACPI_RECLAIM_MEMORY, > sizeof(*seed) + EFI_RANDOM_SEED_SIZE, > (void **)&seed); > if (status != EFI_SUCCESS) > -- > 2.35.1 > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@xxxxxxxxxx>
