-----Original Message----- From: Poonam Aggrwal Sent: Monday, May 15, 2017 9:27 AM To: Ruchika Gupta ruchika.gupta@nxp.com; u-boot@lists.denx.de; sun.york@nxp.com; Prabhakar Kushwaha prabhakar.kushwaha@nxp.com Cc: Ruchika Gupta ruchika.gupta@nxp.com Subject: RE: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr- seed
-----Original Message----- From: U-Boot [mailto:u-boot-bounces@lists.denx.de] On Behalf Of Ruchika Gupta Sent: Saturday, May 13, 2017 5:37 AM To: u-boot@lists.denx.de; sun.york@nxp.com; Prabhakar Kushwaha prabhakar.kushwaha@nxp.com Cc: Ruchika Gupta ruchika.gupta@nxp.com Subject: [U-Boot] [PATCH] ARMv8/sec_firmware : Update chosen/kaslr-seed
kASLR support in kernel requires a random number to be passed via chosen/kaslr-seed propert. sec_firmware generates this random seed which can then be passed in the device tree node
sec_firmware reserves JR3 for it's own usage. Node for JR3 is removed from device-tree.
Signed-off-by: Ruchika Gupta ruchika.gupta@nxp.com
arch/arm/cpu/armv8/fsl-layerscape/fdt.c | 73 +++++++++++++++++++++++++++++++ arch/arm/cpu/armv8/sec_firmware.c | 53 ++++++++++++++++++++++ arch/arm/include/asm/armv8/sec_firmware.h | 9 ++++ 3 files changed, 135 insertions(+)
Good to have some documentation of this feature in doc/README.XXX
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c index 05c4577..d4ca129 100644 --- a/arch/arm/cpu/armv8/fsl-layerscape/fdt.c +++ b/arch/arm/cpu/armv8/fsl-layerscape/fdt.c @@ -345,6 +345,75 @@ static void fdt_fixup_msi(void *blob) } #endif
+int fdt_fixup_kaslr(void *fdt) +{
- int nodeoffset;
- int err, ret = 0;
- u8 rand[8];
+#if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
- /* Check if random seed generation is supported */
- if (sec_firmware_support_hwrng() == false)
return 0;- ret = sec_firmware_get_random(rand, 8);
- if (ret < 0) {
printf("WARNING: could not get random number to set","kaslr-seed\n");return 0;- }
- err = fdt_check_header(fdt);
- if (err < 0) {
printf("fdt_chosen: %s\n", fdt_strerror(err));return 0;- }
- /* find or create "/chosen" node. */
- nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen");
- if (nodeoffset < 0)
return 0;- err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", rand,
Are the device-tree bindings approved for " kaslr-seed" in Linux? just thinking, how this feature will work, in kexec type of usecases, in that
case probably this logic should go in the kexec logic of the kernel.
Linux - arch/arm64/Kconfig --> config_option RANDOMIZE_BASE requires the bootloader to pass random u64 value via chosen/kaslr-seed
Ruchika