A followup to commit 428826f5358c922dc378830a1717b682c0823160
("fdt: add support for rng-seed") to extend what was started
with Open Firmware (OF or Device Tree) parsing, but also add
it to the command line.
If CONFIG_RANDOM_TRUST_BOOTLOADER is set, then feed the rng-seed
command line option length as added trusted entropy.
Always erase all views of the rng-seed option, except early command
line parsing, to prevent leakage to applications or modules, to
eliminate any attack vector.
It is preferred to add rng-seed to the Device Tree, but some
platforms do not have this option, so this adds the ability to
provide some command-line-limited data to the entropy through this
alternate mechanism. Expect on average 6 bits of useful entropy
per character.
Mark Salyzyn (4):
init: move string constants to __initconst section
init: boot_command_line can be truncated
random: rng-seed source is utf-8
random: add rng-seed= command line option
---
v2
- Split into four bite sized patches.
- Correct spelling in commit message.
- rng-seed is assumed to be utf-8, so correct both to 6 bits/character
of collected entropy.
- Move entropy collection to a static __always_inline helper function.
drivers/char/random.c | 10 +++-
include/linux/random.h | 5 ++
init/main.c | 115 ++++++++++++++++++++++++++++++-----------
3 files changed, 100 insertions(+), 30 deletions(-)
--
2.25.0.341.g760bfbb309-goog
A space-saving measure is to move string constants to __initconst.
Signed-off-by: Mark Salyzyn <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: "Theodore Ts'o" <[email protected]>
Cc: Kees Cook <[email protected]>
---
init/main.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/init/main.c b/init/main.c
index cc0ee4873419c..a58b72c9433e7 100644
--- a/init/main.c
+++ b/init/main.c
@@ -524,24 +524,27 @@ static inline void smp_prepare_cpus(unsigned int maxcpus) { }
* parsing is performed in place, and we should allow a component to
* store reference of name/value for future reference.
*/
+static const char alloc_fail_msg[] __initconst =
+ "%s: Failed to allocate %zu bytes\n";
static void __init setup_command_line(char *command_line)
{
size_t len, xlen = 0, ilen = 0;
+ static const char argsep_str[] __initconst = " -- ";
if (extra_command_line)
xlen = strlen(extra_command_line);
if (extra_init_args)
- ilen = strlen(extra_init_args) + 4; /* for " -- " */
+ ilen = strlen(extra_init_args) + strlen(argsep_str);
len = xlen + strlen(boot_command_line) + 1;
saved_command_line = memblock_alloc(len + ilen, SMP_CACHE_BYTES);
if (!saved_command_line)
- panic("%s: Failed to allocate %zu bytes\n", __func__, len + ilen);
+ panic(alloc_fail_msg, __func__, len + ilen);
static_command_line = memblock_alloc(len, SMP_CACHE_BYTES);
if (!static_command_line)
- panic("%s: Failed to allocate %zu bytes\n", __func__, len);
+ panic(alloc_fail_msg, __func__, len);
if (xlen) {
/*
@@ -562,9 +565,9 @@ static void __init setup_command_line(char *command_line)
* to init.
*/
len = strlen(saved_command_line);
- if (!strstr(boot_command_line, " -- ")) {
- strcpy(saved_command_line + len, " -- ");
- len += 4;
+ if (!strstr(boot_command_line, argsep_str)) {
+ strcpy(saved_command_line + len, argsep_str);
+ len += strlen(argsep_str);
} else
saved_command_line[len++] = ' ';
@@ -1001,12 +1004,11 @@ static int __init initcall_blacklist(char *str)
entry = memblock_alloc(sizeof(*entry),
SMP_CACHE_BYTES);
if (!entry)
- panic("%s: Failed to allocate %zu bytes\n",
- __func__, sizeof(*entry));
+ panic(alloc_fail_msg, __func__, sizeof(*entry));
entry->buf = memblock_alloc(strlen(str_entry) + 1,
SMP_CACHE_BYTES);
if (!entry->buf)
- panic("%s: Failed to allocate %zu bytes\n",
+ panic(alloc_fail_msg,
__func__, strlen(str_entry) + 1);
strcpy(entry->buf, str_entry);
list_add(&entry->next, &blacklisted_initcalls);
@@ -1204,7 +1206,7 @@ static void __init do_initcalls(void)
command_line = kzalloc(len, GFP_KERNEL);
if (!command_line)
- panic("%s: Failed to allocate %zu bytes\n", __func__, len);
+ panic(alloc_fail_msg, __func__, len);
for (level = 0; level < ARRAY_SIZE(initcall_levels) - 1; level++) {
/* Parser modifies command_line, restore it each time */
--
2.25.0.341.g760bfbb309-goog
boot_command_line may be truncated, use strnlen, strnstr and strlcpy
to handle it.
Signed-off-by: Mark Salyzyn <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: "Theodore Ts'o" <[email protected]>
Cc: Kees Cook <[email protected]>
---
init/main.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/init/main.c b/init/main.c
index a58b72c9433e7..9f4ce0356057e 100644
--- a/init/main.c
+++ b/init/main.c
@@ -536,7 +536,7 @@ static void __init setup_command_line(char *command_line)
if (extra_init_args)
ilen = strlen(extra_init_args) + strlen(argsep_str);
- len = xlen + strlen(boot_command_line) + 1;
+ len = xlen + strnlen(boot_command_line, sizeof(boot_command_line)) + 1;
saved_command_line = memblock_alloc(len + ilen, SMP_CACHE_BYTES);
if (!saved_command_line)
@@ -555,7 +555,7 @@ static void __init setup_command_line(char *command_line)
strcpy(saved_command_line, extra_command_line);
strcpy(static_command_line, extra_command_line);
}
- strcpy(saved_command_line + xlen, boot_command_line);
+ strlcpy(saved_command_line + xlen, boot_command_line, len - xlen);
strcpy(static_command_line + xlen, command_line);
if (ilen) {
@@ -565,7 +565,8 @@ static void __init setup_command_line(char *command_line)
* to init.
*/
len = strlen(saved_command_line);
- if (!strstr(boot_command_line, argsep_str)) {
+ if (!strnstr(boot_command_line, argsep_str,
+ sizeof(boot_command_line))) {
strcpy(saved_command_line + len, argsep_str);
len += strlen(argsep_str);
} else
@@ -669,7 +670,7 @@ void __init parse_early_param(void)
return;
/* All fall through to do_early_param. */
- strlcpy(tmp_cmdline, boot_command_line, COMMAND_LINE_SIZE);
+ strlcpy(tmp_cmdline, boot_command_line, sizeof(boot_command_line));
parse_early_options(tmp_cmdline);
done = 1;
}
--
2.25.0.341.g760bfbb309-goog
commit 428826f5358c922dc378830a1717b682c0823160
("fdt: add support for rng-seed") makes the assumption that the data
in rng-seed is binary, when it is typically constructed of utf-8
characters which has a bitness of roughly 6 to give appropriate
credit due for the entropy.
Signed-off-by: MArk Salyzyn <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: Kees Cook <[email protected]>
Cc: Theodore Y. Ts'o <[email protected]>
---
drivers/char/random.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index c7f9584de2c8b..ee21a6a584b15 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -2306,7 +2306,7 @@ EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
void add_bootloader_randomness(const void *buf, unsigned int size)
{
if (IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER))
- add_hwgenerator_randomness(buf, size, size * 8);
+ add_hwgenerator_randomness(buf, size, size * 6);
else
add_device_randomness(buf, size);
}
--
2.25.0.341.g760bfbb309-goog
A followup to commit 428826f5358c922dc378830a1717b682c0823160
("fdt: add support for rng-seed") to extend what was started
with Open Firmware (OF or Device Tree) parsing, but also add
it to the command line.
If CONFIG_RANDOM_TRUST_BOOTLOADER is set, then feed the rng-seed
command line option length as added trusted entropy.
Always erase view of the rng-seed option, except our early command
line parsing, to prevent leakage to applications or modules, to
eliminate any attack vector.
It is preferred to add rng-seed to the Device Tree, but some
platforms do not have this option, so this adds the ability to
provide some command-line-limited data to the entropy through this
alternate mechanism. Expect on average 6 bits of useful entropy
per character.
Signed-off-by: Mark Salyzyn <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: "Theodore Ts'o" <[email protected]>
Cc: Arnd Bergmann <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Richard Henderson <[email protected]>
Cc: Mark Brown <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Hsin-Yi Wang <[email protected]>
Cc: Vasily Gorbik <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Masami Hiramatsu <[email protected]>
Cc: "Steven Rostedt (VMware)" <[email protected]>
Cc: Mike Rapoport <[email protected]>
Cc: Arvind Sankar <[email protected]>
Cc: Dominik Brodowski <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Alexander Potapenko <[email protected]>
---
v2
- Split into four bite sized patches.
- Correct spelling in commit message.
- rng-seed is assumed to be utf-8, so correct both to 6 bits/character
of collected entropy.
- Move entropy collection to a static __always_inline helper function.
---
drivers/char/random.c | 8 ++++
include/linux/random.h | 5 +++
init/main.c | 88 ++++++++++++++++++++++++++++++++++--------
3 files changed, 84 insertions(+), 17 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index ee21a6a584b15..83c77306e18e7 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -2311,3 +2311,11 @@ void add_bootloader_randomness(const void *buf, unsigned int size)
add_device_randomness(buf, size);
}
EXPORT_SYMBOL_GPL(add_bootloader_randomness);
+
+#if defined(CONFIG_RANDOM_TRUST_BOOTLOADER)
+/* caller called add_device_randomness, but it is from a trusted source */
+void __init credit_trusted_entropy_bits(unsigned int nbits)
+{
+ credit_entropy_bits(&input_pool, nbits);
+}
+#endif
diff --git a/include/linux/random.h b/include/linux/random.h
index d319f9a1e4290..efe8cbe2255ab 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -20,6 +20,11 @@ struct random_ready_callback {
extern void add_device_randomness(const void *, unsigned int);
extern void add_bootloader_randomness(const void *, unsigned int);
+#if defined(CONFIG_RANDOM_TRUST_BOOTLOADER)
+extern void __init credit_trusted_entropy_bits(unsigned int nbits);
+#else
+static inline void credit_trusted_entropy_bits(unsigned int nbits) {}
+#endif
#if defined(LATENT_ENTROPY_PLUGIN) && !defined(__CHECKER__)
static inline void add_latent_entropy(void)
diff --git a/init/main.c b/init/main.c
index 9f4ce0356057e..ad52f03fb8de4 100644
--- a/init/main.c
+++ b/init/main.c
@@ -524,6 +524,31 @@ static inline void smp_prepare_cpus(unsigned int maxcpus) { }
* parsing is performed in place, and we should allow a component to
* store reference of name/value for future reference.
*/
+static const char rng_seed_str[] __initconst = "rng-seed=";
+/* try to clear rng-seed so it won't be found by user applications. */
+static void __init copy_command_line(char *dest, char *src, size_t r)
+{
+ char *rng_seed = strnstr(src, rng_seed_str, r);
+
+ if (rng_seed) {
+ size_t l = rng_seed - src;
+ char *end;
+
+ memcpy(dest, src, l);
+ dest += l;
+ src = rng_seed + strlen(rng_seed_str);
+ r -= l + strlen(rng_seed_str);
+ end = strnchr(src, r, ' ');
+ if (end) {
+ if (l && rng_seed[-1] == ' ')
+ ++end;
+ r -= end - src;
+ src = end;
+ }
+ }
+ strlcpy(dest, src, r);
+}
+
static const char alloc_fail_msg[] __initconst =
"%s: Failed to allocate %zu bytes\n";
static void __init setup_command_line(char *command_line)
@@ -552,11 +577,15 @@ static void __init setup_command_line(char *command_line)
* lines because there could be dashes (separator of init
* command line) in the command lines.
*/
- strcpy(saved_command_line, extra_command_line);
- strcpy(static_command_line, extra_command_line);
+ copy_command_line(saved_command_line, extra_command_line,
+ xlen + 1);
+ copy_command_line(static_command_line, extra_command_line,
+ xlen + 1);
}
- strlcpy(saved_command_line + xlen, boot_command_line, len - xlen);
- strcpy(static_command_line + xlen, command_line);
+ copy_command_line(saved_command_line + xlen, boot_command_line,
+ len - xlen);
+ copy_command_line(static_command_line + xlen, command_line,
+ len - xlen);
if (ilen) {
/*
@@ -572,7 +601,8 @@ static void __init setup_command_line(char *command_line)
} else
saved_command_line[len++] = ' ';
- strcpy(saved_command_line + len, extra_init_args);
+ copy_command_line(saved_command_line + len, extra_init_args,
+ ilen - strlen(argsep_str) + 1);
}
}
@@ -757,6 +787,41 @@ void __init __weak arch_call_rest_init(void)
rest_init();
}
+static __always_inline void __init collect_entropy(const char *command_line)
+{
+ /*
+ * For best initial stack canary entropy, prepare it after:
+ * - setup_arch() for any UEFI RNG entropy and boot cmdline access
+ * - timekeeping_init() for ktime entropy used in rand_initialize()
+ * - rand_initialize() to get any arch-specific entropy like RDRAND
+ * - add_latent_entropy() to get any latent entropy
+ * - adding command line entropy
+ */
+ rand_initialize();
+ add_latent_entropy();
+ add_device_randomness(command_line, strlen(command_line));
+ if (IS_BUILTIN(CONFIG_RANDOM_TRUST_BOOTLOADER)) {
+ /*
+ * Added command line device randomness above,
+ * now add entropy credit for just rng-seed=<data>
+ */
+ size_t l = strlen(command_line);
+ char *rng_seed = strnstr(command_line, rng_seed_str, l);
+
+ if (rng_seed) {
+ char *end;
+
+ rng_seed += strlen(rng_seed_str);
+ l -= rng_seed - command_line;
+ end = strnchr(rng_seed, l, ' ');
+ if (end)
+ l = end - rng_seed;
+ credit_trusted_entropy_bits(l * 6);
+ }
+ }
+ boot_init_stack_canary();
+}
+
asmlinkage __visible void __init start_kernel(void)
{
char *command_line;
@@ -868,18 +933,7 @@ asmlinkage __visible void __init start_kernel(void)
softirq_init();
timekeeping_init();
- /*
- * For best initial stack canary entropy, prepare it after:
- * - setup_arch() for any UEFI RNG entropy and boot cmdline access
- * - timekeeping_init() for ktime entropy used in rand_initialize()
- * - rand_initialize() to get any arch-specific entropy like RDRAND
- * - add_latent_entropy() to get any latent entropy
- * - adding command line entropy
- */
- rand_initialize();
- add_latent_entropy();
- add_device_randomness(command_line, strlen(command_line));
- boot_init_stack_canary();
+ collect_entropy(command_line);
time_init();
printk_safe_init();
--
2.25.0.341.g760bfbb309-goog
On 2/10/20 6:45 AM, Mark Salyzyn wrote:
> A followup to commit 428826f5358c922dc378830a1717b682c0823160
> ("fdt: add support for rng-seed") to extend what was started
> with Open Firmware (OF or Device Tree) parsing, but also add
> it to the command line.
>
> If CONFIG_RANDOM_TRUST_BOOTLOADER is set, then feed the rng-seed
> command line option length as added trusted entropy.
>
> Always erase view of the rng-seed option, except our early command
> line parsing, to prevent leakage to applications or modules, to
> eliminate any attack vector.
>
> It is preferred to add rng-seed to the Device Tree, but some
> platforms do not have this option, so this adds the ability to
> provide some command-line-limited data to the entropy through this
> alternate mechanism. Expect on average 6 bits of useful entropy
> per character.
>
> ---
> drivers/char/random.c | 8 ++++
> include/linux/random.h | 5 +++
> init/main.c | 88 ++++++++++++++++++++++++++++++++++--------
> 3 files changed, 84 insertions(+), 17 deletions(-)
> diff --git a/init/main.c b/init/main.c
> index 9f4ce0356057e..ad52f03fb8de4 100644
> --- a/init/main.c
> +++ b/init/main.c
> @@ -524,6 +524,31 @@ static inline void smp_prepare_cpus(unsigned int maxcpus) { }
> * parsing is performed in place, and we should allow a component to
> * store reference of name/value for future reference.
> */
> +static const char rng_seed_str[] __initconst = "rng-seed=";
> +/* try to clear rng-seed so it won't be found by user applications. */
> +static void __init copy_command_line(char *dest, char *src, size_t r)
> +{
Please add this command line option to
Documentation/admin-guide/kernel-parameters.txt.
thanks.
--
~Randy
A followup to commit 428826f5358c922dc378830a1717b682c0823160
("fdt: add support for rng-seed") to extend what was started
with Open Firmware (OF or Device Tree) parsing, but also add
it to the command line.
If CONFIG_RANDOM_TRUST_BOOTLOADER is set, then feed the rng-seed
command line option length as added trusted entropy.
Always erase view of the rng-seed option, except our early command
line parsing, to prevent leakage to applications or modules, to
eliminate any attack vector.
It is preferred to add rng-seed to the Device Tree, but some
platforms do not have this option, so this adds the ability to
provide some command-line-limited data to the entropy through this
alternate mechanism. Expect on average 6 bits of useful entropy
per character.
Signed-off-by: Mark Salyzyn <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: "Theodore Ts'o" <[email protected]>
Cc: Arnd Bergmann <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Richard Henderson <[email protected]>
Cc: Mark Brown <[email protected]>
Cc: Kees Cook <[email protected]>
Cc: Hsin-Yi Wang <[email protected]>
Cc: Vasily Gorbik <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Masami Hiramatsu <[email protected]>
Cc: "Steven Rostedt (VMware)" <[email protected]>
Cc: Mike Rapoport <[email protected]>
Cc: Arvind Sankar <[email protected]>
Cc: Dominik Brodowski <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Alexander Potapenko <[email protected]>
---
v3
- Add Documentation (all other new v2 patches unchanged)
v2
- Split into four bite sized patches.
- Correct spelling in commit message.
- rng-seed is assumed to be utf-8, so correct both to 6 bits/character
of collected entropy.
- Move entropy collection to a static __always_inline helper function.
---
.../admin-guide/kernel-parameters.txt | 11 +++
drivers/char/random.c | 8 ++
include/linux/random.h | 5 ++
init/main.c | 88 +++++++++++++++----
4 files changed, 95 insertions(+), 17 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index dbc22d6846275..f3c373cc40f9a 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4334,6 +4334,17 @@
[KNL] Disable ring 3 MONITOR/MWAIT feature on supported
CPUs.
+ rng-seed= [KNL] Provide a trusted seed for the kernel's CRNG.
+ Seed only trusted if CONFIG_RANDOM_TRUST_BOOTLOADER.
+ After collection, this option is wiped from the command
+ line views. The seed is given a weight of 6 bits per
+ character with the assumption that it is a printable
+ utf8 string. It is expected that the supplier of the
+ seed, typically a bootloader or virtualization, will
+ supply a new random seed for each kernel instance.
+ A fixed serial number is typically not appropriate
+ for security features like ASLR.
+
ro [KNL] Mount root device read-only on boot
rodata= [KNL]
diff --git a/drivers/char/random.c b/drivers/char/random.c
index ee21a6a584b15..83c77306e18e7 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -2311,3 +2311,11 @@ void add_bootloader_randomness(const void *buf, unsigned int size)
add_device_randomness(buf, size);
}
EXPORT_SYMBOL_GPL(add_bootloader_randomness);
+
+#if defined(CONFIG_RANDOM_TRUST_BOOTLOADER)
+/* caller called add_device_randomness, but it is from a trusted source */
+void __init credit_trusted_entropy_bits(unsigned int nbits)
+{
+ credit_entropy_bits(&input_pool, nbits);
+}
+#endif
diff --git a/include/linux/random.h b/include/linux/random.h
index d319f9a1e4290..efe8cbe2255ab 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -20,6 +20,11 @@ struct random_ready_callback {
extern void add_device_randomness(const void *, unsigned int);
extern void add_bootloader_randomness(const void *, unsigned int);
+#if defined(CONFIG_RANDOM_TRUST_BOOTLOADER)
+extern void __init credit_trusted_entropy_bits(unsigned int nbits);
+#else
+static inline void credit_trusted_entropy_bits(unsigned int nbits) {}
+#endif
#if defined(LATENT_ENTROPY_PLUGIN) && !defined(__CHECKER__)
static inline void add_latent_entropy(void)
diff --git a/init/main.c b/init/main.c
index 9f4ce0356057e..ad52f03fb8de4 100644
--- a/init/main.c
+++ b/init/main.c
@@ -524,6 +524,31 @@ static inline void smp_prepare_cpus(unsigned int maxcpus) { }
* parsing is performed in place, and we should allow a component to
* store reference of name/value for future reference.
*/
+static const char rng_seed_str[] __initconst = "rng-seed=";
+/* try to clear rng-seed so it won't be found by user applications. */
+static void __init copy_command_line(char *dest, char *src, size_t r)
+{
+ char *rng_seed = strnstr(src, rng_seed_str, r);
+
+ if (rng_seed) {
+ size_t l = rng_seed - src;
+ char *end;
+
+ memcpy(dest, src, l);
+ dest += l;
+ src = rng_seed + strlen(rng_seed_str);
+ r -= l + strlen(rng_seed_str);
+ end = strnchr(src, r, ' ');
+ if (end) {
+ if (l && rng_seed[-1] == ' ')
+ ++end;
+ r -= end - src;
+ src = end;
+ }
+ }
+ strlcpy(dest, src, r);
+}
+
static const char alloc_fail_msg[] __initconst =
"%s: Failed to allocate %zu bytes\n";
static void __init setup_command_line(char *command_line)
@@ -552,11 +577,15 @@ static void __init setup_command_line(char *command_line)
* lines because there could be dashes (separator of init
* command line) in the command lines.
*/
- strcpy(saved_command_line, extra_command_line);
- strcpy(static_command_line, extra_command_line);
+ copy_command_line(saved_command_line, extra_command_line,
+ xlen + 1);
+ copy_command_line(static_command_line, extra_command_line,
+ xlen + 1);
}
- strlcpy(saved_command_line + xlen, boot_command_line, len - xlen);
- strcpy(static_command_line + xlen, command_line);
+ copy_command_line(saved_command_line + xlen, boot_command_line,
+ len - xlen);
+ copy_command_line(static_command_line + xlen, command_line,
+ len - xlen);
if (ilen) {
/*
@@ -572,7 +601,8 @@ static void __init setup_command_line(char *command_line)
} else
saved_command_line[len++] = ' ';
- strcpy(saved_command_line + len, extra_init_args);
+ copy_command_line(saved_command_line + len, extra_init_args,
+ ilen - strlen(argsep_str) + 1);
}
}
@@ -757,6 +787,41 @@ void __init __weak arch_call_rest_init(void)
rest_init();
}
+static __always_inline void __init collect_entropy(const char *command_line)
+{
+ /*
+ * For best initial stack canary entropy, prepare it after:
+ * - setup_arch() for any UEFI RNG entropy and boot cmdline access
+ * - timekeeping_init() for ktime entropy used in rand_initialize()
+ * - rand_initialize() to get any arch-specific entropy like RDRAND
+ * - add_latent_entropy() to get any latent entropy
+ * - adding command line entropy
+ */
+ rand_initialize();
+ add_latent_entropy();
+ add_device_randomness(command_line, strlen(command_line));
+ if (IS_BUILTIN(CONFIG_RANDOM_TRUST_BOOTLOADER)) {
+ /*
+ * Added command line device randomness above,
+ * now add entropy credit for just rng-seed=<data>
+ */
+ size_t l = strlen(command_line);
+ char *rng_seed = strnstr(command_line, rng_seed_str, l);
+
+ if (rng_seed) {
+ char *end;
+
+ rng_seed += strlen(rng_seed_str);
+ l -= rng_seed - command_line;
+ end = strnchr(rng_seed, l, ' ');
+ if (end)
+ l = end - rng_seed;
+ credit_trusted_entropy_bits(l * 6);
+ }
+ }
+ boot_init_stack_canary();
+}
+
asmlinkage __visible void __init start_kernel(void)
{
char *command_line;
@@ -868,18 +933,7 @@ asmlinkage __visible void __init start_kernel(void)
softirq_init();
timekeeping_init();
- /*
- * For best initial stack canary entropy, prepare it after:
- * - setup_arch() for any UEFI RNG entropy and boot cmdline access
- * - timekeeping_init() for ktime entropy used in rand_initialize()
- * - rand_initialize() to get any arch-specific entropy like RDRAND
- * - add_latent_entropy() to get any latent entropy
- * - adding command line entropy
- */
- rand_initialize();
- add_latent_entropy();
- add_device_randomness(command_line, strlen(command_line));
- boot_init_stack_canary();
+ collect_entropy(command_line);
time_init();
printk_safe_init();
--
2.25.0.341.g760bfbb309-goog