Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp950742rwb; Fri, 23 Sep 2022 06:25:24 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6YotZGEeunSjWbeGcmIoU4m1dn/hKHLWbAGVrdQmry7k+SMvNZbFCnwX4sC2lB/G2HQB86 X-Received: by 2002:a17:906:7f03:b0:781:6462:4214 with SMTP id d3-20020a1709067f0300b0078164624214mr7386713ejr.274.1663939524069; Fri, 23 Sep 2022 06:25:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663939524; cv=none; d=google.com; s=arc-20160816; b=SWVBDzz57qs82DZOm+PwVgekgch4+ZPlNwAzHXUNH68c2ZzANwGNwm7ecPHhClIi8b wn+49rfFw80F4Ahid3La7SxGidXqOdSnT4jJdYm93ijcuGnZT46gx4gOm1dAAm77NfCO HUSZ8WfiXv8AD18dn4Wv/NAwTUWL4lCcZNoAHkOpu9P8pSQ4uEpuYsi/zvJwM4oq9GMy 3h1gADatTG6eknGiRs8W9uP0RkVfvv4kb2T2SHGnu9OY+dMzTih2nl2jmurJ8euxuOX9 SNiXQ1DKFYbrbOI/yQOWSu1eWjd3FUUvboaLt9T4H0Ze0b6z0k98ksPnKMJ2pfI2ZEJ+ 5uWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:subject :from:references:cc:to:content-language:user-agent:mime-version:date :message-id; bh=UvqmMk+2S7nlr3dCEMKqfd9smHItlyDfUfbklxJcnuU=; b=IVgWF7WGxX+wZDq8XkdpYkorEJflF4EjmqhMoskhWPvaTwv2c3LQCMnQfxpUOtPsxv 1J7jLSRn+4itBRdod/yp/84chWwNjW1uEbjEtNUHRzvzd90iepOC4kJFXN90gSzGwAvt R6Ak9GEzwH/JKLARDXoq+GtqZfhoL2R1xtSml6FnXiSRMsitgIveutOCXmVhT7uEfGvU fbbgRIU/YrTsz9tiRSzJTqR0MzHZBj/dWDGOfe3LG8VXjGG8lP4xMNkldIVKG1Pa6Kbn +7jqPY2JG0EVQwvf1jH6iT/JT/myg+msu+RgpS/rugtD8zE7wpsuTVU1GqnF1LMv2t9Z srhw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z7-20020a50cd07000000b0043be542b956si7150202edi.262.2022.09.23.06.24.56; Fri, 23 Sep 2022 06:25:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232304AbiIWNLW (ORCPT + 99 others); Fri, 23 Sep 2022 09:11:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39182 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232180AbiIWNLM (ORCPT ); Fri, 23 Sep 2022 09:11:12 -0400 Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A013252BB; Fri, 23 Sep 2022 06:10:54 -0700 (PDT) Received: from [192.168.100.1] ([82.142.8.70]) by mrelayeu.kundenserver.de (mreue109 [213.165.67.119]) with ESMTPSA (Nemesis) id 1MGi6m-1oXoi01EKg-00DqL7; Fri, 23 Sep 2022 15:10:50 +0200 Message-ID: Date: Fri, 23 Sep 2022 15:10:49 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.1 Content-Language: fr, en-US To: Geert Uytterhoeven , "Jason A. Donenfeld" Cc: linux-m68k@lists.linux-m68k.org, linux-kernel@vger.kernel.org References: <20220921185208.3549140-1-Jason@zx2c4.com> <20220921185208.3549140-2-Jason@zx2c4.com> From: Laurent Vivier Subject: Re: [PATCH 2/2] m68k: virt: generate new RNG seed on reboot In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Provags-ID: V03:K1:YnSbGiUJH5ge9lIS6i1eCEUz04HHxFXXLyymzkJrNfOppz+8s0f SOy8aYV0MJM2Jj/ZFFyAaie8/LfDUtHDBp9HrXt2Eouer+JLvLjChdwQ4YKQHfRp4PK8W4u EfVGJ3xTIDmXx1BiDC5yoxs94FYlMROc9Fdzm15Aqbpo/O2HT1ctliNfZVf5UYQ8z4qPSYa mP+ebyLKpXEFn5wVzB/yg== X-UI-Out-Filterresults: notjunk:1;V03:K0:wilGWlDs+9E=:K0kkDbu/yxmSakCVLVzlSF ScUPnYdOQhLTpR2h4c3to9w9mA24QO6SDKMH9VqpO/WG4QLqUPnGjw9P3cgh9rFI9GUgRPrZb B6YExOq/B2Ek5fTiJGwdiHEO3gv1YvzBLGzLHHG269nX13GD7QYYdKQnd7U56DgOoEZ7W9+mK 3i3M61nqy2YT4nAfkxfLKNPW9mT+ujvWT+9NAmY+d3W/IBgP/k/oLfOX5Nr8hhFGb5Gd2AH4A 9AZ191MsoRUERTRYr4fDxDN3cPCMM9xk8sSlloxilzNuIH2Qw6T1F9TiSWV6AjmHU3qZztTJC bI/LpSpgbXYGOyMu099KT8njj363LET0pk+uLwahj1/VZBVZJFH9tzXlX6mGIHP1UsVXUY6pG 5DWgKzY6lCsyU0dCOWgmfzT25hhXJPXdLVbdrFlfMODQ37CSKG61XoMerCGI8VH9KIQm73Lyd 8Ci+5ky4WQrr0KDBuumcFvwms476jjpRTJNFB2IwrQPRx59BGgSBpj6rMmG9ykPmIQSMN1SsA 5pKO3OhjshI3idT3gu1UGNGleFro/60YLoPVlxF2H3kOR7cNQf4HsZbaWLz2xybaLnG+5yAdq eM1vVKBzSlcbR+p3LEIM2em7gflaa24RCYIvFxaV53ykocUYw1LP8A1HDzXBg4nZONvWcssE8 elz6PNC0x/W8c5p29yMayGzvWH3nq4EFeTskPZUhPfDmbdc9cTAaBGp/Sj2Tgb6Z5qq83HTKH SNahkkjAubpnA6dmaLLsZkfrYRObJKMlEoHxGmh9QBn8RvokhcdHCyVKcR++MAAmG90cBWuKj ydhlOOd X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Le 23/09/2022 à 14:50, Geert Uytterhoeven a écrit : > Hi Jason, > > On Fri, Sep 23, 2022 at 2:26 PM Jason A. Donenfeld wrote: >> On Fri, Sep 23, 2022 at 2:23 PM Geert Uytterhoeven wrote: >>>>>> + if (rng_seed_record && rng_seed_record->size > sizeof(*rng_seed_record) + 2) { >>>>>> + u16 len = rng_seed_record->size - sizeof(*rng_seed_record) - 2; >>>>>> + get_random_bytes((u8 *)rng_seed_record->data + 2, len); >>>>>> + *(u16 *)rng_seed_record->data = len; >>> >>> Storing the length should use the proper cpu_to_be16 accessor. >> >> Okay, I'll do that for v2. >> >> (Simply out of curiosity, why? Isn't m68k always big endian and this >> is arch/ code?) > > Yes it is. But virt_parse_bootinfo() below already uses the right > accessor. > > BTW, I guess people thought the same about PowerPC? > Although I agree the probability of someone creating a little-endian > m68k clone in an FPGA or SkyWater project and trying to run Linux on > it quite low ;-) > >>>> The way I tested this is by having my initramfs just call >>>> `reboot(RB_AUTOBOOT);`, and having add_bootloader_randomness() print >>>> its contents to the console. I checked that it was both present and >>>> different every time. >>> >>> Are you sure the new kernel did receive the same randomness as prepared >>> by get_random_bytes()? I would expect it to just reboot into qemu, >>> reload the kernel from disk, and recreate a new bootinfo from scratch, >>> including generating a new random seed. >> >> Yes I'm sure. Without this patch, the new kernel sees the zeroed state. > > That's interesting. So QEMU preserves the old bootinfo, which is > AFAIK not guaranteed to be still available (that's why I added > save_bootinfo()). Perhaps that works because only memory starting > from a rounded-up value of _end will be used, and you're just lucky? > I'm wondering what else it preserves. It sure has to reload the > kernel image, as at least the data section will no longer contain the > initialization values after a reboot... > > Laurent? > In QEMU the loader makes a copy of the kernel and the initrd and this copy is restored on a reset. I don't think there is a mechanism in QEMU to save the BOOTINFO section, so I think it works by luck. I will check. Thanks, Laurent