Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1143916rwi; Wed, 19 Oct 2022 07:13:24 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7ahBbrZSB5Z4fhGpa6oudhjMcC6KE7FjBrYCmIEm/2gl+XJYnJ/u6yj7s5lvgLuInL4ycN X-Received: by 2002:a17:90a:6f84:b0:209:f35d:ad52 with SMTP id e4-20020a17090a6f8400b00209f35dad52mr45544596pjk.144.1666188804713; Wed, 19 Oct 2022 07:13:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666188804; cv=none; d=google.com; s=arc-20160816; b=cOHZpbNgeHL18YaeAzANjgUQ6tIf2QVrzTANhz9TdSPa5mP4UQTJgOC8iWbjB25WIO PJgtOVZrntgYC+1d88au4KFiAlKMthuo4sTa83MV7+Oi8N316i/fxm+fheG71s5psJa0 UElRarBwrbTHXF85d+OaiLasaWRbVeKInfksTlF/r9aQeX6Qd9EX39iaMkJUOLVABIyy Qs+XWvgvdeYqB21W3n+L39vWtPcjByXA8mtDB25bGAtgpeGATXnO1AyI9hIkQqH7CJa9 kIU/tzR5bODOerTlouCCYnXOtDAlQ7HbuNKTGuJ0KGI39ftwVyYu8OmqpNxyl2XR79R5 Th/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=gj5GSn/MoZ/VUk3+Ya5cGa6ssWwLWgNSDc/2zAeHGm8=; b=COrhxd2mheG0OpmCXY+ZMo2sMVgRzdvRRpbBBZX0dT1Lz72Kikv3TwJ9bU/H0GtyGt SRIR434dJ6EINpMEajozH7DOGm36g6/P5XMF53UWAw5yZe/FdVVifmXjOyPaCJp3HezV R8p4Am4/ZS/qR0Jbih9SAULOSROpdqUePHjxdSb+sOL+30M6UsuymTY9AjM8gzCUBul+ 68krLBjSVrU3di2q6nG/dof+vNyl8qfm7fYEEGP7jWkb2/FwDQWcndCYH+5P/I3mv+8F u19VQoSvVGkAqgj9yBxJLVceKRy6DE7pQJPn7t3BLL4uATHCm3LpfD8wwYHfGRVYaD6v +kPg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="d38KlR/M"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k189-20020a6384c6000000b00462b85376ecsi18080143pgd.668.2022.10.19.07.13.09; Wed, 19 Oct 2022 07:13:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="d38KlR/M"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233829AbiJSN51 (ORCPT + 99 others); Wed, 19 Oct 2022 09:57:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43538 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233446AbiJSNxU (ORCPT ); Wed, 19 Oct 2022 09:53:20 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B7BEB1DB271; Wed, 19 Oct 2022 06:36:50 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 3A235B82323; Wed, 19 Oct 2022 08:48:26 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 99325C433C1; Wed, 19 Oct 2022 08:48:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1666169305; bh=092M7OPnrt1mOCb9Id4pJ6ZjTgDA13Ex/8+A7MU3ylw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=d38KlR/MuYzxPAAbdRNEgBP8Mql75O7n8rJdEqjMQ+DcZdfqx36RTT3/gnMBJN9IJ tBunQN7Q9IRqaD+L7F8AJpkQKO6/yOwB0ijH14fusqOB4sUCHYEg50Wj7u/ZZZDr8B KTLW0leq7EhBdmDDkm3YUDHmnder2HztqtcCadIM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Jason A. Donenfeld" , Geert Uytterhoeven , Sasha Levin Subject: [PATCH 6.0 227/862] m68k: Process bootinfo records before saving them Date: Wed, 19 Oct 2022 10:25:14 +0200 Message-Id: <20221019083300.092742604@linuxfoundation.org> X-Mailer: git-send-email 2.38.0 In-Reply-To: <20221019083249.951566199@linuxfoundation.org> References: <20221019083249.951566199@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jason A. Donenfeld [ Upstream commit 7c236d93c6764dcaca7ab66d76768a044647876d ] The RNG seed boot record is memzeroed after processing, in order to preserve forward secrecy. By saving the bootinfo for procfs prior to that, forward secrecy is violated, since it becomes possible to recover past states. So, save the bootinfo block only after first processing them. Fixes: a1ee38ab1a75 ("m68k: virt: Use RNG seed from bootinfo block") Signed-off-by: Jason A. Donenfeld Link: https://lore.kernel.org/r/20220927130835.1629806-1-Jason@zx2c4.com Signed-off-by: Geert Uytterhoeven Signed-off-by: Sasha Levin --- arch/m68k/kernel/setup_mm.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/m68k/kernel/setup_mm.c b/arch/m68k/kernel/setup_mm.c index e62fa8f2149b..7e7ef67cff8b 100644 --- a/arch/m68k/kernel/setup_mm.c +++ b/arch/m68k/kernel/setup_mm.c @@ -109,10 +109,9 @@ extern void paging_init(void); static void __init m68k_parse_bootinfo(const struct bi_record *record) { + const struct bi_record *first_record = record; uint16_t tag; - save_bootinfo(record); - while ((tag = be16_to_cpu(record->tag)) != BI_LAST) { int unknown = 0; const void *data = record->data; @@ -182,6 +181,8 @@ static void __init m68k_parse_bootinfo(const struct bi_record *record) record = (struct bi_record *)((unsigned long)record + size); } + save_bootinfo(first_record); + m68k_realnum_memory = m68k_num_memory; #ifdef CONFIG_SINGLE_MEMORY_CHUNK if (m68k_num_memory > 1) { -- 2.35.1