[PATCH] rockchip: board: Increase rng-seed size to make it sufficient for modern Linux
Modern Linux requires 32 byte seed to initialize random pool, but u-boot currently provides only 8 bytes. Increase rng-seed size to make Linux happy and initialize rng pool instantly.
Boot with 8 byte rng-seed: # dmesg | grep crng [ 12.089286] random: crng init done Boot with 32 byte rng-seed: # dmesg | grep crng [ 0.000000] random: crng init done
https://github.com/torvalds/linux/blob/7234e2ea0edd00bfb6bb2159e55878c19885c...
Signed-off-by: Alex Shumsky alexthreed@gmail.com Fixes: d2048ba ("rockchip: board: Add board_rng_seed() for all Rockchip devices") ---
arch/arm/mach-rockchip/board.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/mach-rockchip/board.c b/arch/arm/mach-rockchip/board.c index 3fadf7e412..eee75f7bcb 100644 --- a/arch/arm/mach-rockchip/board.c +++ b/arch/arm/mach-rockchip/board.c @@ -472,7 +472,7 @@ __weak int misc_init_r(void) __weak int board_rng_seed(struct abuf *buf) { struct udevice *dev; - size_t len = 0x8; + size_t len = 32; u64 *data;
data = malloc(len);
On 10/13/24 11:32 AM, Alex Shumsky wrote:
Modern Linux requires 32 byte seed to initialize random pool, but u-boot currently provides only 8 bytes. Increase rng-seed size to make Linux happy and initialize rng pool instantly.
Boot with 8 byte rng-seed: # dmesg | grep crng [ 12.089286] random: crng init done Boot with 32 byte rng-seed: # dmesg | grep crng [ 0.000000] random: crng init done
https://github.com/torvalds/linux/blob/7234e2ea0edd00bfb6bb2159e55878c19885c...
Signed-off-by: Alex Shumsky alexthreed@gmail.com Fixes: d2048ba ("rockchip: board: Add board_rng_seed() for all Rockchip devices")
Fixes uses 12-character commit SHA.
arch/arm/mach-rockchip/board.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/mach-rockchip/board.c b/arch/arm/mach-rockchip/board.c index 3fadf7e412..eee75f7bcb 100644 --- a/arch/arm/mach-rockchip/board.c +++ b/arch/arm/mach-rockchip/board.c @@ -472,7 +472,7 @@ __weak int misc_init_r(void) __weak int board_rng_seed(struct abuf *buf) { struct udevice *dev;
- size_t len = 0x8;
- size_t len = 32;
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/random.c#L551 Anyway config knob should not harm.
Hello,
On 2024-10-14 12:26, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/random.c#L551 Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
On 10/14/24 12:32 PM, Dragan Simic wrote:
Hello,
On 2024-10-14 12:26, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/random.c#L551 Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
Using low number could be useful for testing. Print a WARNING if the number is too low perhaps ?
Hello Marek,
On 2024-10-14 12:35, Marek Vasut wrote:
On 10/14/24 12:32 PM, Dragan Simic wrote:
On 2024-10-14 12:26, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/random.c#L551 Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
Using low number could be useful for testing. Print a WARNING if the number is too low perhaps?
Yes, testing with low values has also crossed my mind. Priting such warnings would be a viable option.
On 10/14/24 12:37 PM, Dragan Simic wrote:
Hello Marek,
On 2024-10-14 12:35, Marek Vasut wrote:
On 10/14/24 12:32 PM, Dragan Simic wrote:
On 2024-10-14 12:26, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/ random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/ random.c#L551 Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
Using low number could be useful for testing. Print a WARNING if the number is too low perhaps?
Yes, testing with low values has also crossed my mind. Priting such warnings would be a viable option.
Sounds good then, thanks !
On 2024-10-14 12:52, Marek Vasut wrote:
On 10/14/24 12:37 PM, Dragan Simic wrote:
On 2024-10-14 12:35, Marek Vasut wrote:
On 10/14/24 12:32 PM, Dragan Simic wrote:
On 2024-10-14 12:26, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/ random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/ random.c#L551 Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
Using low number could be useful for testing. Print a WARNING if the number is too low perhaps?
Yes, testing with low values has also crossed my mind. Priting such warnings would be a viable option.
Sounds good then, thanks!
Thank you. :) My early thoughts were like "wow, someone can break their early random pool initialization this way", but right after that something like "well, breaking many other things is already possible in the same way" crossed my mind. :)
So, yes, just printing such warnings is perfectly fine.
On 10/14/24 12:57 PM, Dragan Simic wrote:
On 2024-10-14 12:52, Marek Vasut wrote:
On 10/14/24 12:37 PM, Dragan Simic wrote:
On 2024-10-14 12:35, Marek Vasut wrote:
On 10/14/24 12:32 PM, Dragan Simic wrote:
On 2024-10-14 12:26, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote: > Let's make this override-able via environment variable, because this > might be growing in the future again. Does this work ? > > size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/ random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/ random.c#L551 Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
Using low number could be useful for testing. Print a WARNING if the number is too low perhaps?
Yes, testing with low values has also crossed my mind. Priting such warnings would be a viable option.
Sounds good then, thanks!
Thank you. :) My early thoughts were like "wow, someone can break their early random pool initialization this way", but right after that something like "well, breaking many other things is already possible in the same way" crossed my mind. :)
That crossed my mind too, but ...
So, yes, just printing such warnings is perfectly fine.
... right. U-Boot is a debug tool and boot monitor, so it gives user the freedom to do whatever they want/need/..., which includes the obligatory footgun .
If the concern is lockdown of U-Boot env so it cannot induce negative side effects, there is CONFIG_ENV_WRITEABLE_LIST and others for those purposes.
On 2024-10-14 14:10, Marek Vasut wrote:
On 10/14/24 12:57 PM, Dragan Simic wrote:
On 2024-10-14 12:52, Marek Vasut wrote:
On 10/14/24 12:37 PM, Dragan Simic wrote:
On 2024-10-14 12:35, Marek Vasut wrote:
On 10/14/24 12:32 PM, Dragan Simic wrote:
On 2024-10-14 12:26, Alex ThreeD wrote: > On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de > wrote: >> Let's make this override-able via environment variable, because >> this >> might be growing in the future again. Does this work ? >> >> size_t len = env_get_ulong("kaslrseed_size", 10, 32); > > Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most > other env are > hexadecimal. > > Actually it seems that entropy required to init pool early has > decreased in > Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes > (BLAKE2S_HASH_SIZE) > https://elixir.bootlin.com/linux/v5.18/source/drivers/char/ > random.c#L236 > https://elixir.bootlin.com/linux/v5.19/source/drivers/char/ > random.c#L551 > Anyway config knob should not harm.
I think that the value received from the new environment variable should be accepted only if it's greater than some hardcoded value, in this case 32. That way, someone won't be able to misconfigure their board environment and cause the early random pool initialization to be postponed.
Using low number could be useful for testing. Print a WARNING if the number is too low perhaps?
Yes, testing with low values has also crossed my mind. Priting such warnings would be a viable option.
Sounds good then, thanks!
Thank you. :) My early thoughts were like "wow, someone can break their early random pool initialization this way", but right after that something like "well, breaking many other things is already possible in the same way" crossed my mind. :)
That crossed my mind too, but ...
So, yes, just printing such warnings is perfectly fine.
... right. U-Boot is a debug tool and boot monitor, so it gives user the freedom to do whatever they want/need/..., which includes the obligatory footgun .
Haha, foot gun, that brought a smile to my face! :) Well said.
If the concern is lockdown of U-Boot env so it cannot induce negative side effects, there is CONFIG_ENV_WRITEABLE_LIST and others for those purposes.
Yes, while in the default configuration, U-Boot gives virtually full freedom to its users, which is good.
On 10/14/24 12:26 PM, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 12:10 AM Marek Vasut marex@denx.de wrote:
Let's make this override-able via environment variable, because this might be growing in the future again. Does this work ?
size_t len = env_get_ulong("kaslrseed_size", 10, 32);
Maybe `env_get_hex("rng_seed_size", 32)` would be better? As most other env are hexadecimal.
The env vars are a mixed bag, this one is clearly decimal though.
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE) https://elixir.bootlin.com/linux/v5.18/source/drivers/char/random.c#L236 https://elixir.bootlin.com/linux/v5.19/source/drivers/char/random.c#L551 Anyway config knob should not harm.
A couple more random numbers would cover all the bases then.
On Mon, Oct 14, 2024 at 1:34 PM Marek Vasut marex@denx.de wrote:
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE)
A couple more random numbers would cover all the bases then.
Oops, missed this in v2. Is it vital to add support for 2.5 years old linux? Old devices probably stay with older uboot, and new devices will get new linux (maybe not that new but not 2.5 years old).
On 10/14/24 8:12 PM, Alex ThreeD wrote:
On Mon, Oct 14, 2024 at 1:34 PM Marek Vasut marex@denx.de wrote:
Actually it seems that entropy required to init pool early has decreased in Linux 5.19 from 64 bytes (2 * CHACHA_KEY_SIZE) to 32 bytes (BLAKE2S_HASH_SIZE)
A couple more random numbers would cover all the bases then.
Oops, missed this in v2. Is it vital to add support for 2.5 years old linux?
Some of those old kernel versions are LTS and are going to be maintained for a while, so yes.
Old devices probably stay with older uboot, and new devices will get new linux (maybe not that new but not 2.5 years old).
It is easy to cover all the based, so let's do that.
participants (4)
-
Alex Shumsky -
Alex ThreeD
-
Dragan Simic -
Marek Vasut