Hi Jason,
On Wed, Sep 21, 2022 at 8:52 PM Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
Rather than rebooting into a system with no entropy, regenerate the RNG
seed before rebooting, so that the new system has a fresh seed.
Fixes: a1ee38ab1a75 ("m68k: virt: Use RNG seed from bootinfo block")
Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
Thanks for your patch!
--- a/arch/m68k/virt/config.c
+++ b/arch/m68k/virt/config.c
@@ -45,10 +45,18 @@ static void virt_halt(void)
;
}
+static struct bi_record *rng_seed_record;
This can be const...
+
static void virt_reset(void)
{
void __iomem *base = (void __iomem *)virt_bi_data.ctrl.mmio;
+ if (rng_seed_record && rng_seed_record->size > sizeof(*rng_seed_record) + 2) {
+ u16 len = rng_seed_record->size - sizeof(*rng_seed_record) - 2;
+ get_random_bytes((u8 *)rng_seed_record->data + 2, len);
+ *(u16 *)rng_seed_record->data = len;
Wouldn't it be simpler to just use the existing length?
if (rnd_seed_record) {
u16 len = be16_to_cpup(data);
get_random_bytes((u8 *)rng_seed_record->data + 2, len);
}
However, I have my doubts this will actually work. Was this tested?
The bootinfo is passed from userspace, usually by reading
/proc/bootinfo, and adapting it where needed.
So I think you should implement this in kexec-tools instead.
+ }
+
iowrite32be(CMD_RESET, base + VIRT_CTRL_REG_CMD);
local_irq_disable();
while (1)
@@ -101,6 +109,8 @@ int __init virt_parse_bootinfo(const struct bi_record *record)
* length to prevent kexec from using it.
*/
memzero_explicit((void *)data, len + 2);
+ /* Store a reference to be filled in on reboot. */
+ rng_seed_record = (void *)record;
... so this cast can be dropped.
break;
}
default:
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
