Am 15. Oktober 2021 14:54:03 MESZ schrieb Kever Yang kever.yang@rock-chips.com:
Reviewed-by: Kever Yang kever.yang@rock-chips.com
Thanks,
- Kever
Chris Morgan macroalpha82@gmail.com 于2021年8月26日周四 上午12:23写道:
From: Chris Morgan macromorgan@hotmail.com
Allow the kaslr-seed value in the chosen node to be set from a hardware rng source.
Tested on a Rockchip PX30 (Odroid Go Advance), you must have loaded the devicetree first and prepared it for editing. On my device the workflow goes as follows:
setenv dtb_loadaddr "0x01f00000" load mmc 0:1 ${dtb_loadaddr} rk3326-odroid-go2.dtb fdt addr ${dtb_loadaddr} fdt resize kaslrseed
This seems overly complicated. Why don't you add the seed in the board fixup routines in dependence on a Kconfig symbol.
Best regards
Heinrich
and the output can be seen here: fdt print /chosen chosen { kaslr-seed = <0x6f61df74 0x6f7b996c>; stdout-path = "serial2:115200n8"; };
Signed-off-by: Chris Morgan macromorgan@hotmail.com
cmd/Kconfig | 7 +++++ cmd/Makefile | 1 + cmd/kaslrseed.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+) create mode 100644 cmd/kaslrseed.c
diff --git a/cmd/Kconfig b/cmd/Kconfig index ffef3cc76c..e62adff939 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -1790,6 +1790,13 @@ config CMD_RNG help Print bytes from the hardware random number generator.
+config CMD_KASLRSEED
bool "kaslrseed"depends on DM_RNGhelpSet the kaslr-seed in the chosen node with entropy provided by ahardware random number generator.config CMD_SLEEP bool "sleep" default y diff --git a/cmd/Makefile b/cmd/Makefile index ed3669411e..34cbda72f5 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -131,6 +131,7 @@ obj-$(CONFIG_CMD_REGINFO) += reginfo.o obj-$(CONFIG_CMD_REISER) += reiser.o obj-$(CONFIG_CMD_REMOTEPROC) += remoteproc.o obj-$(CONFIG_CMD_RNG) += rng.o +obj-$(CONFIG_CMD_KASLRSEED) += kaslrseed.o obj-$(CONFIG_CMD_ROCKUSB) += rockusb.o obj-$(CONFIG_CMD_RTC) += rtc.o obj-$(CONFIG_SANDBOX) += host.o diff --git a/cmd/kaslrseed.c b/cmd/kaslrseed.c new file mode 100644 index 0000000000..27c2648c91 --- /dev/null +++ b/cmd/kaslrseed.c @@ -0,0 +1,81 @@ +// SPDX-License-Identifier: GPL-2.0+ +/*
- The 'kaslrseed' command takes bytes from the hardware random number
- generator and uses them to set the kaslr-seed value in the chosen node.
- Copyright (c) 2021, Chris Morgan macromorgan@hotmail.com
- */
+#include <common.h> +#include <command.h> +#include <dm.h> +#include <hexdump.h> +#include <malloc.h> +#include <rng.h> +#include <fdt_support.h>
+static int do_kaslr_seed(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]) +{
size_t n = 0x8;struct udevice *dev;u64 *buf;int nodeoffset;int ret = CMD_RET_SUCCESS;if (uclass_get_device(UCLASS_RNG, 0, &dev) || !dev) {printf("No RNG device\n");return CMD_RET_FAILURE;}buf = malloc(n);if (!buf) {printf("Out of memory\n");return CMD_RET_FAILURE;}if (dm_rng_read(dev, buf, n)) {printf("Reading RNG failed\n");return CMD_RET_FAILURE;}if (!working_fdt) {printf("No FDT memory address configured. Please configure\n""the FDT address via \"fdt addr <address>\" command.\n""Aborting!\n");return CMD_RET_FAILURE;}ret = fdt_check_header(working_fdt);if (ret < 0) {printf("fdt_chosen: %s\n", fdt_strerror(ret));return CMD_RET_FAILURE;}nodeoffset = fdt_find_or_add_subnode(working_fdt, 0, "chosen");if (nodeoffset < 0) {printf("Reading chosen node failed\n");return CMD_RET_FAILURE;}ret = fdt_setprop(working_fdt, nodeoffset, "kaslr-seed", buf, sizeof(buf));if (ret < 0) {printf("Unable to set kaslr-seed on chosen node: %s\n", fdt_strerror(ret));return CMD_RET_FAILURE;}free(buf);return ret;+}
+#ifdef CONFIG_SYS_LONGHELP +static char kaslrseed_help_text[] =
"[n]\n"" - append random bytes to chosen kaslr-seed node\n";+#endif
+U_BOOT_CMD(
kaslrseed, 1, 0, do_kaslr_seed,"feed bytes from the hardware random number generator to the kaslr-seed",kaslrseed_help_text+);
2.25.1