Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp957010rwb; Fri, 23 Sep 2022 06:30:13 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7J7VFiwRitKFsc6UcMV/imoMf9FvOykx6dj8NAk5nFL8vcEhsoEjhPXMgsdN8ZyWcVpgOB X-Received: by 2002:a05:6a00:1624:b0:540:984f:9a64 with SMTP id e4-20020a056a00162400b00540984f9a64mr8992518pfc.46.1663939812897; Fri, 23 Sep 2022 06:30:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663939812; cv=none; d=google.com; s=arc-20160816; b=vRfuxwzxu5U3BcYW1A4bSc7H2VMMa9LD3n7FyzAZ+89W7/MEOlgjRqvlz5XFpHaCsT t0A2bNOM/njl6MJIPfiW+xBG2v900cQ3mZdhSANZBiw28qIxqwBsjIcVt+y2ImcDcS6y fCbhYUbyl5ETDjs0zIjq5flR8i2oQJeBxLpGipYzEmrJa2JmBEwJ9EUYFuX9yccwNDuU gczTFT3xGusiIKPPA6XNTTT31aqTYujVXLm4p6CirlsZxVfR99VXX8+zc7Jeb1eGY6Xz gyclI8p8+n0h3+Q5Wl04iqpMJiWuJpEv30vUUphfUgaV1hVWPl8khrMAylpo43Iae2D3 Kg3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=zSq4SOzJNqbi4MDYH6SNjZYv9uMDpNSoVaymUl1nOfg=; b=r2JGfpcIW62JjL4WXm6Eldh++UQZHEGAfPsvrC9UjtBoAdYU5EqVdzmaujNfea0edf VbINqNvs6x9pp0aMbfYzqd9VmFAvLpz6SNsIy/6+dywF9Lmbn7Ihcs//Z4NdfaaGKTnF E/DzPC01o4pesYmF4g5n0DJvu2tqyamBQdMsvsbiu4X5mtEP/F0WjYGVzJYNtR+TDrRV f8oorV8nyCtsmyl2+ya5PI9GGSnu2KBZhTv1OfwDOMA+AreSZr+PYR0wFXX/PDkgld38 EYqVrinJTDYVap/wTdvMi4s20oROxueLOQVRS3rAuIGdtKzM1iewK8ucxOfbNDz+pZUI /UPA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=libcu3Rl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s203-20020a632cd4000000b0043c0b519c4csi5519976pgs.3.2022.09.23.06.30.01; Fri, 23 Sep 2022 06:30:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=libcu3Rl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231674AbiIWMbV (ORCPT + 99 others); Fri, 23 Sep 2022 08:31:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231670AbiIWMaw (ORCPT ); Fri, 23 Sep 2022 08:30:52 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7EC47139F47 for ; Fri, 23 Sep 2022 05:28:42 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id E0661B82DF4 for ; Fri, 23 Sep 2022 12:28:40 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1C4DEC433D7; Fri, 23 Sep 2022 12:28:39 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="libcu3Rl" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1663936117; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=zSq4SOzJNqbi4MDYH6SNjZYv9uMDpNSoVaymUl1nOfg=; b=libcu3RldYb5QBIWZCuGukOV+DW3+7tu9JU7z9Sklrm/FPk+55Hd/kFXNQEK38Eokk6IC3 1pRcnV8WnflcMh8B8QYTdqXP8JZTdkBO9tYMF2RVfRpYzz/JMdWuhFG++biFc2GBHr85ja U/mBkmUDO9lN08s2QADGF8NYn2AsmHQ= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 28a4fe44 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Fri, 23 Sep 2022 12:28:37 +0000 (UTC) From: "Jason A. Donenfeld" To: Geert Uytterhoeven , linux-m68k@lists.linux-m68k.org, linux-kernel@vger.kernel.org Cc: "Jason A. Donenfeld" Subject: [PATCH v2 1/2] m68k: process bootinfo records before saving them Date: Fri, 23 Sep 2022 14:28:29 +0200 Message-Id: <20220923122830.3941367-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The RNG seed boot record is memzeroed after processing, in order to preserve forward secrecy. By saving the bootinfo for procfs prior to that, forward secrecy is violated, since it becomes possible to recover past states. So, save the bootinfo block only after first processing them. Fixes: a1ee38ab1a75 ("m68k: virt: Use RNG seed from bootinfo block") Signed-off-by: Jason A. Donenfeld --- arch/m68k/kernel/setup_mm.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/m68k/kernel/setup_mm.c b/arch/m68k/kernel/setup_mm.c index e62fa8f2149b..7e7ef67cff8b 100644 --- a/arch/m68k/kernel/setup_mm.c +++ b/arch/m68k/kernel/setup_mm.c @@ -109,10 +109,9 @@ extern void paging_init(void); static void __init m68k_parse_bootinfo(const struct bi_record *record) { + const struct bi_record *first_record = record; uint16_t tag; - save_bootinfo(record); - while ((tag = be16_to_cpu(record->tag)) != BI_LAST) { int unknown = 0; const void *data = record->data; @@ -182,6 +181,8 @@ static void __init m68k_parse_bootinfo(const struct bi_record *record) record = (struct bi_record *)((unsigned long)record + size); } + save_bootinfo(first_record); + m68k_realnum_memory = m68k_num_memory; #ifdef CONFIG_SINGLE_MEMORY_CHUNK if (m68k_num_memory > 1) { -- 2.37.3