The /chosen node can have a 'rng-seed' property read as a u32 quantity
which would contain a random number provided by the boot agent. This is
useful in configurations where the kernel does not have access to a
random number generator.
Signed-off-by: Florian Fainelli <[email protected]>
---
Documentation/devicetree/bindings/chosen.txt | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt
index 45e79172a646..126b31eecfeb 100644
--- a/Documentation/devicetree/bindings/chosen.txt
+++ b/Documentation/devicetree/bindings/chosen.txt
@@ -28,6 +28,19 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by
the Linux EFI stub (which will populate the property itself, using
EFI_RNG_PROTOCOL).
+rng-seed
+--------
+
+This property is used to initialize the kernel's entropy pool from a
+trusted boot agent capable of providing a random number. It is parsed
+as a u32 value, e.g.
+
+/ {
+ chosen {
+ rng-seed = <0xcafef00d>;
+ };
+};
+
stdout-path
-----------
--
2.17.1
Hi Florian,
On Wed, Apr 01, 2020 at 08:36:40PM -0700, Florian Fainelli wrote:
> The /chosen node can have a 'rng-seed' property read as a u32 quantity
> which would contain a random number provided by the boot agent. This is
> useful in configurations where the kernel does not have access to a
> random number generator.
>
> Signed-off-by: Florian Fainelli <[email protected]>
> ---
> Documentation/devicetree/bindings/chosen.txt | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
Thanks for doing this; I realised it was undocumented the other day when I
tried to look it up myself.
> diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt
> index 45e79172a646..126b31eecfeb 100644
> --- a/Documentation/devicetree/bindings/chosen.txt
> +++ b/Documentation/devicetree/bindings/chosen.txt
> @@ -28,6 +28,19 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by
> the Linux EFI stub (which will populate the property itself, using
> EFI_RNG_PROTOCOL).
>
> +rng-seed
> +--------
> +
> +This property is used to initialize the kernel's entropy pool from a
> +trusted boot agent capable of providing a random number. It is parsed
> +as a u32 value, e.g.
Are you sure about this being limited to a u32 value? I thought you could
pass an arbitrary-length value here.
Will
On Thu, Apr 2, 2020 at 2:13 AM Will Deacon <[email protected]> wrote:
>
> Hi Florian,
>
> On Wed, Apr 01, 2020 at 08:36:40PM -0700, Florian Fainelli wrote:
> > The /chosen node can have a 'rng-seed' property read as a u32 quantity
> > which would contain a random number provided by the boot agent. This is
> > useful in configurations where the kernel does not have access to a
> > random number generator.
> >
> > Signed-off-by: Florian Fainelli <[email protected]>
> > ---
> > Documentation/devicetree/bindings/chosen.txt | 13 +++++++++++++
> > 1 file changed, 13 insertions(+)
>
> Thanks for doing this; I realised it was undocumented the other day when I
> tried to look it up myself.
Already documented here[1]. I've been meaning to delete chosen.txt so
that's a bit more obvious.
I realize it's a bit harder to find what's documented where. Long term
we'd like to generate documentation from the schema and integrate as
part of the spec. Short term, it would be quite trivial to make a 'am
I documented' utility.
Rob
[1] https://github.com/devicetree-org/dt-schema/blob/master/schemas/chosen.yaml
On 4/2/2020 1:13 AM, Will Deacon wrote:
> Hi Florian,
>
> On Wed, Apr 01, 2020 at 08:36:40PM -0700, Florian Fainelli wrote:
>> The /chosen node can have a 'rng-seed' property read as a u32 quantity
>> which would contain a random number provided by the boot agent. This is
>> useful in configurations where the kernel does not have access to a
>> random number generator.
>>
>> Signed-off-by: Florian Fainelli <[email protected]>
>> ---
>> Documentation/devicetree/bindings/chosen.txt | 13 +++++++++++++
>> 1 file changed, 13 insertions(+)
>
> Thanks for doing this; I realised it was undocumented the other day when I
> tried to look it up myself.
>
>> diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt
>> index 45e79172a646..126b31eecfeb 100644
>> --- a/Documentation/devicetree/bindings/chosen.txt
>> +++ b/Documentation/devicetree/bindings/chosen.txt
>> @@ -28,6 +28,19 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by
>> the Linux EFI stub (which will populate the property itself, using
>> EFI_RNG_PROTOCOL).
>>
>> +rng-seed
>> +--------
>> +
>> +This property is used to initialize the kernel's entropy pool from a
>> +trusted boot agent capable of providing a random number. It is parsed
>> +as a u32 value, e.g.
>
> Are you sure about this being limited to a u32 value? I thought you could
> pass an arbitrary-length value here.
Humm indeed, we can pass an arbitrary value, I completely conflated the
type of "l" here:
int l;
...
rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
with how much we would be reading from the property, which is complete
nonsense. Out of curiosity, what property length do platforms typically
populate?
--
Florian
On Fri, Apr 3, 2020 at 2:07 AM Florian Fainelli <[email protected]> wrote:
> >
> > Are you sure about this being limited to a u32 value? I thought you could
> > pass an arbitrary-length value here.
>
> Humm indeed, we can pass an arbitrary value, I completely conflated the
> type of "l" here:
>
> int l;
> ...
> rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
>
> with how much we would be reading from the property, which is complete
> nonsense. Out of curiosity, what property length do platforms typically
> populate?
> --
> Florian
64 bytes should be able to init crng. (pass CRNG_INIT_CNT_THRESH)