Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp835035rwb; Fri, 23 Sep 2022 04:58:26 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5/o34/T6JBBqtuLE5gm7HYB+4AyKFN+AqWeD3fYMbpua01aMPJzyW3neyRyCfOS7WTQUcg X-Received: by 2002:a17:902:e74f:b0:176:e68f:f902 with SMTP id p15-20020a170902e74f00b00176e68ff902mr8440054plf.41.1663934306637; Fri, 23 Sep 2022 04:58:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663934306; cv=none; d=google.com; s=arc-20160816; b=G6l1iU2PBNvbPLAlgywraDXT13nm6D5T+Lo/ZBeVMyf8CwTqHVeCbgH9IvQakZEAK5 odVXk94sr0M7PRR/0UopJ1grgpOo/A2LzP4hcQzYz/xQ5/1TKbGx6eBvjas57UrrA3w9 VG3xQcT1yd+ORbWS2IYZpE2LHiLuod7gK1UBuWA2otiTVi7agzSO5wGvOGEMn8Cav+SZ YTuKaysbq93k2RnHzPE+Besplxc/6Ks4YgBbzb9N983+3gjsuhWDncjBgqsF2iTdMxR1 EnBJqZ8+h4f0H81AZ9w/cN8oklsJ3yMcmW/m7nqEp+pu+TyIk4KH0AZDS3ITcN3jJUNV stWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=vgb4KaCMBS26tk8RsPqB4bluO87s7au7hKeumOGx9zw=; b=O4Q8Vj8Ma9qsiC+q/ik/o5kksru0NK+gs6MqLg/cri0Zhhh8ZLe8+e3E/YLXpO3Ut+ cOHGbq8QjGcR0kg5ZspqsHuMtvqF+qUEy1J0gYv/FePeOdvpgk2IoKm56NHTNpU20LUY VF4E1TA1NkIgab0STZT/X9TCaQrfRhbdkZ0/WuV/mnJ1ZFsXfUktK8GlUn1pIFs6w6Od XTpYdJGRVuIZzUqbRdRA5V/if+4odra1JcHFRahLaCkcMo+45dvq8xKiYRXvktHKQQLM cSIK6XhelH0lwhUmzTQT5Dm0ECiYg0wJx7y5lTSZDJOs0jrqKZSAo4NXUAVbkdT7DsUo KjoQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mm4-20020a17090b358400b001fc44807e14si1949053pjb.68.2022.09.23.04.58.14; Fri, 23 Sep 2022 04:58:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230079AbiIWLa1 (ORCPT + 99 others); Fri, 23 Sep 2022 07:30:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230327AbiIWLaU (ORCPT ); Fri, 23 Sep 2022 07:30:20 -0400 Received: from mail-qk1-f176.google.com (mail-qk1-f176.google.com [209.85.222.176]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD946F2762 for ; Fri, 23 Sep 2022 04:30:19 -0700 (PDT) Received: by mail-qk1-f176.google.com with SMTP id 3so8019179qka.5 for ; Fri, 23 Sep 2022 04:30:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=vgb4KaCMBS26tk8RsPqB4bluO87s7au7hKeumOGx9zw=; b=FE7baU4G8GkMwOlLVa+RWhGY4ZJTJBmrT2wB88q4q9h8qsnnhEJKpnLt/O7v3m5GCV urZvFTLsjVJ+twPXrdl9dvNPApQ0sLsbv46fBXGiPMo+PvnhCHMBTkwXh6wbErxq/ExX koRBGoj3XyYOKEE6s/9kifzoO9dl9VFQghpohHUQbvY82X6eqpOU+ujJIP8wZpmWwcVv Bl0pyS9JhDOQDYReN4xqz9QCztaWMrwrUuTm2x6Mw9WR06V7Ho9v/CRQHm01f9WceVDW ukRMwZ2sHzZKL6AHT57dr9HexGybo1vk5fOh2rCfSJrlPfb4PUj63WH2KR9/9EPaIPrS lBOA== X-Gm-Message-State: ACrzQf0RpFNHODOTJzXNjpJ6F95oDYmCqvMk5Uzd6LdR8R3JwnNUMTuM 2PAHcnlkL1p+aCGE7l8MLqXZYkFBWlovbw== X-Received: by 2002:a05:620a:108d:b0:6ce:612b:7075 with SMTP id g13-20020a05620a108d00b006ce612b7075mr5180121qkk.162.1663932618671; Fri, 23 Sep 2022 04:30:18 -0700 (PDT) Received: from mail-yb1-f182.google.com (mail-yb1-f182.google.com. [209.85.219.182]) by smtp.gmail.com with ESMTPSA id d21-20020ac84e35000000b00359961365f1sm5402167qtw.68.2022.09.23.04.30.18 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 23 Sep 2022 04:30:18 -0700 (PDT) Received: by mail-yb1-f182.google.com with SMTP id c9so16696490ybf.5 for ; Fri, 23 Sep 2022 04:30:18 -0700 (PDT) X-Received: by 2002:a25:8e84:0:b0:696:466c:baa with SMTP id q4-20020a258e84000000b00696466c0baamr8165572ybl.604.1663932618054; Fri, 23 Sep 2022 04:30:18 -0700 (PDT) MIME-Version: 1.0 References: <20220921185208.3549140-1-Jason@zx2c4.com> <20220921185208.3549140-2-Jason@zx2c4.com> In-Reply-To: <20220921185208.3549140-2-Jason@zx2c4.com> From: Geert Uytterhoeven Date: Fri, 23 Sep 2022 13:30:06 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/2] m68k: virt: generate new RNG seed on reboot To: "Jason A. Donenfeld" Cc: linux-m68k@lists.linux-m68k.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Jason, On Wed, Sep 21, 2022 at 8:52 PM Jason A. Donenfeld wrote: > Rather than rebooting into a system with no entropy, regenerate the RNG > seed before rebooting, so that the new system has a fresh seed. > > Fixes: a1ee38ab1a75 ("m68k: virt: Use RNG seed from bootinfo block") > Signed-off-by: Jason A. Donenfeld Thanks for your patch! > --- a/arch/m68k/virt/config.c > +++ b/arch/m68k/virt/config.c > @@ -45,10 +45,18 @@ static void virt_halt(void) > ; > } > > +static struct bi_record *rng_seed_record; This can be const... > + > static void virt_reset(void) > { > void __iomem *base = (void __iomem *)virt_bi_data.ctrl.mmio; > > + if (rng_seed_record && rng_seed_record->size > sizeof(*rng_seed_record) + 2) { > + u16 len = rng_seed_record->size - sizeof(*rng_seed_record) - 2; > + get_random_bytes((u8 *)rng_seed_record->data + 2, len); > + *(u16 *)rng_seed_record->data = len; Wouldn't it be simpler to just use the existing length? if (rnd_seed_record) { u16 len = be16_to_cpup(data); get_random_bytes((u8 *)rng_seed_record->data + 2, len); } However, I have my doubts this will actually work. Was this tested? The bootinfo is passed from userspace, usually by reading /proc/bootinfo, and adapting it where needed. So I think you should implement this in kexec-tools instead. > + } > + > iowrite32be(CMD_RESET, base + VIRT_CTRL_REG_CMD); > local_irq_disable(); > while (1) > @@ -101,6 +109,8 @@ int __init virt_parse_bootinfo(const struct bi_record *record) > * length to prevent kexec from using it. > */ > memzero_explicit((void *)data, len + 2); > + /* Store a reference to be filled in on reboot. */ > + rng_seed_record = (void *)record; ... so this cast can be dropped. > break; > } > default: Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds