Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5307860yba; Mon, 13 May 2019 08:42:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqwDLZ/E4uc4i7ghNcdXJD3f8DEpumeOB9ktLYMeA0tPtUb9rHqXNKhB195ze65pi/IuuclK X-Received: by 2002:a62:1844:: with SMTP id 65mr21676965pfy.127.1557762158373; Mon, 13 May 2019 08:42:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557762158; cv=none; d=google.com; s=arc-20160816; b=YFVvuTabnuhzm+hriA4cptdEvoudU8JqIzWGAFoMAk9aNKjpQU/ZqiUvCrioH/LHQp 7+GmEk4hdg2gfGdGiw4VLJ46xXcmDyMKHpea5R5b+98bKaxhOOqCnsB09JaciRQAgZgD fMn4W+2lI/hcMFpk4aQ/lCTwXI6XVGB/Ka2UOrBA/LovlmBS9Rn0X7bja7A5gR+yNemb 91zFyJ9bKXc7RWaO22YaltRRy1PcfkTjcBcI3Yzi4+eVKFSaeVECYyeXfEruzmFnJ+Lb qlygYXq13ohkgfxBr8DyL+nYTWh30A3svk6WKD26QukTLuvh61fStyRsIzqvxDDtgoJz 5dzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=hUE1NmLMTVBXfMlCqFSD+6er+w33Lb/dYg4REVcVydU=; b=mHnKgxOMdWavKpUKNSazo2m17DKQ4Z/vmNphxaX3XQw2l06QcByYPIT7tzY9XXnJdu sqiows2mpAhwkltGkHH4loDB8uvoHnFeHs3G2miKcBXxBPQj3HhwIn6KGyqvmKSsyijt gKY1mNrQkiIgeVqiU3+1pWC7xehe7ul9s3+5wE/KCziHlx8uwyIMOFsgqs5vTi4+KrIV REgp8eq0OE06l8c1BaqPMLDLanEIlrWAWyOSzvMV4WYh8uC1EzIrjlct8Z211vWInr3M 6dsBu+YZDWVISphpcapKe6QraLhqaCnro7svuQXwNjCmz+c5Y5E0qFHmxNS2lvhaww8S kpyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=xDuIGcF7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t1si16230767pgu.572.2019.05.13.08.42.22; Mon, 13 May 2019 08:42:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=xDuIGcF7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730056AbfEMNOy (ORCPT + 99 others); Mon, 13 May 2019 09:14:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:44450 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727747AbfEMNOx (ORCPT ); Mon, 13 May 2019 09:14:53 -0400 Received: from mail-qt1-f172.google.com (mail-qt1-f172.google.com [209.85.160.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7150921880; Mon, 13 May 2019 13:14:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1557753292; bh=VwtWFe82NQyYvYoXS+dtxKyqgLhN647dFTgo27HN5Xc=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=xDuIGcF71WV/Z9zZp0QhkJLT6Bgs4okvzLFlGuN8BYqCGch6GiM1xFfeaPdZBuvAl D+AZg2hSeDNC0IwCdxFvbemaVMUzq657/Ky1SfIXw23lYiDIJW/6+RIToetGsF/vP+ zTSLMeyFaEPr7lDtXW6FXajfBJvJwaZ5T5YSDb8k= Received: by mail-qt1-f172.google.com with SMTP id t1so5684846qtc.12; Mon, 13 May 2019 06:14:52 -0700 (PDT) X-Gm-Message-State: APjAAAU74QyNgN5EmZVMMZ7Eco4vkXIshzmBbmB6E+Ez9fx4auR2ZXij RPucLA/ix7aaUBOPqiLWagDM3NvrQxgv1KyGbg== X-Received: by 2002:ac8:641:: with SMTP id e1mr23494317qth.76.1557753291566; Mon, 13 May 2019 06:14:51 -0700 (PDT) MIME-Version: 1.0 References: <20190513003819.356-1-hsinyi@chromium.org> In-Reply-To: <20190513003819.356-1-hsinyi@chromium.org> From: Rob Herring Date: Mon, 13 May 2019 08:14:40 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 1/2] fdt: add support for rng-seed To: Hsin-Yi Wang Cc: "moderated list:ARM/FREESCALE IMX / MXC ARM ARCHITECTURE" , Mark Rutland , Frank Rowand , devicetree@vger.kernel.org, "linux-kernel@vger.kernel.org" , Stephen Boyd , Kees Cook , Rasmus Villemoes , Architecture Mailman List , Catalin Marinas , Will Deacon , Andrew Morton , Mike Rapoport , Michal Hocko , Ard Biesheuvel , Miles Chen , James Morse , Andrew Murray Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, May 12, 2019 at 7:39 PM Hsin-Yi Wang wrote: > > Introducing a chosen node, rng-seed, which is an entropy that can be > passed to kernel called very early to increase initial device > randomness. Bootloader should provide this entropy and the value is > read from /chosen/rng-seed in DT. > > Signed-off-by: Hsin-Yi Wang > --- > change log: > v1->v2: > * call function in early_init_dt_scan_chosen > * will add doc to devicetree-org/dt-schema on github if this is accepted > --- > Documentation/devicetree/bindings/chosen.txt | 14 ++++++++++++++ > drivers/of/fdt.c | 11 +++++++++++ > 2 files changed, 25 insertions(+) > > diff --git a/Documentation/devicetree/bindings/chosen.txt b/Documentation/devicetree/bindings/chosen.txt > index 45e79172a646..fef5c82672dc 100644 > --- a/Documentation/devicetree/bindings/chosen.txt > +++ b/Documentation/devicetree/bindings/chosen.txt > @@ -28,6 +28,20 @@ mode) when EFI_RNG_PROTOCOL is supported, it will be overwritten by > the Linux EFI stub (which will populate the property itself, using > EFI_RNG_PROTOCOL). > > +rng-seed > +----------- > + > +This property served as an entropy to add device randomness. It is parsed > +as a byte array, e.g. > + > +/ { > + chosen { > + rng-seed = <0x31 0x95 0x1b 0x3c 0xc9 0xfa 0xb3 ...>; > + }; > +}; > + > +This random value should be provided by bootloader. > + > stdout-path > ----------- > > diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c > index de893c9616a1..96ea5eba9dd5 100644 > --- a/drivers/of/fdt.c > +++ b/drivers/of/fdt.c > @@ -24,6 +24,7 @@ > #include > #include > #include > +#include > > #include /* for COMMAND_LINE_SIZE */ > #include > @@ -1079,6 +1080,7 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname, > { > int l; > const char *p; > + const void *rng_seed; > > pr_debug("search \"chosen\", depth: %d, uname: %s\n", depth, uname); > > @@ -1113,6 +1115,15 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname, > > pr_debug("Command line is: %s\n", (char*)data); > > + rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l); > + if (!rng_seed || l == 0) > + return 1; This only works if this hunk stays at the end of the function. I'd invert the if and move the next 2 functions under it. > + > + /* try to clear seed so it won't be found. */ > + fdt_nop_property(initial_boot_params, node, "rng-seed"); I'd just delete the property. Also, what about kexec? Don't you need to add a new seed? > + > + add_device_randomness(rng_seed, l); > + > /* break now */ > return 1; > } > -- > 2.20.1 >