From: Mark Rutland <mark.rutland@arm.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Kees Cook <keescook@chromium.org>,
Will Deacon <will.deacon@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
Rob Herring <robh+dt@kernel.org>,
Matt Redfearn <matt.redfearn@imgtec.com>
Subject: Re: [PATCH] Documentation: dt: chosen property for kaslr-seed
Date: Mon, 17 Jul 2017 12:56:10 +0100 [thread overview]
Message-ID: <20170717115557.GA29650@remoulade> (raw)
In-Reply-To: <CAKv+Gu82xiv0Yy79Hb=JCqmJNYoxxSt5HRu5j4TeSeznCvg_+w@mail.gmail.com>
On Sun, Jul 16, 2017 at 05:42:25PM +0100, Ard Biesheuvel wrote:
> On 16 July 2017 at 03:13, Kees Cook <keescook@chromium.org> wrote:
> > On Sat, Jul 15, 2017 at 5:42 AM, Ard Biesheuvel
> > <ard.biesheuvel@linaro.org> wrote:
> >> (+ Mark, Will, Catalin)
> >>
> >> On 15 July 2017 at 01:38, Kees Cook <keescook@chromium.org> wrote:
> >>> Document then /chosen/kaslr-seed property (and its interaction with the
> >>> EFI_RNG_PROTOCOL API).
> >>>
> >>> Signed-off-by: Kees Cook <keescook@chromium.org>
> >>> ---
> >>> Documentation/devicetree/bindings/chosen.txt | 22 ++++++++++++++++++++--
> >>> 1 file changed, 20 insertions(+), 2 deletions(-)
> >>
> >> For the textual changes:
> >>
> >> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >>
> >> *However*, documenting the /chosen/kaslr-seed property promotes it
> >> from a stub<->kernel private interface to an external ABI between the
> >> kernel and the bootloader, and we need to reach agreement on whether
> >> doing so is desirable first IMHO.
> >
> > Oh! I thought that was the point (having a bootloader provide kaslr
> > entropy). And that in the EFI case, it was the stub doing it.
>
> It was the opposite, actually, The /chosen node is the most
> appropriate way for the EFI stub to communicate a seed value to the
> kernel proper, given how it is needed extremely early in the boot.
> (Using UEFI config tables like we do for the /dev/random seed is not
> possible for this)
>
> So as a side effect, other bootloaders can use the same mechanism. I'm
> fine with that, but it needs to be an explicit decision by the
> maintainers imo.
I was under the impression that we'd already assumed other bootloaders could
set this, so I don't have a problem promoting this to a defined public
interface.
I guess we just need Will and Catalin to agree.
FWIW:
Acked-by: Mark Rutland <mark.rutland@arm.com>
As an aside, we might want to make a split between /chosen properties which are
Linux-specific (e.g. this), and those which are somewhat generic (e.g.
stdout-path), since other OSs may/should respect those generic ones.
Mark.
next prev parent reply other threads:[~2017-07-17 11:56 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-15 0:38 [PATCH] Documentation: dt: chosen property for kaslr-seed Kees Cook
2017-07-15 0:38 ` Kees Cook
2017-07-15 12:42 ` Ard Biesheuvel
2017-07-15 12:42 ` Ard Biesheuvel
2017-07-16 2:13 ` Kees Cook
[not found] ` <CAGXu5j+fX-E9ngW3MBhRFgpKBLzpyhR0TCx=ovosXOAqogzMMA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-07-16 16:42 ` Ard Biesheuvel
2017-07-16 16:42 ` Ard Biesheuvel
2017-07-17 11:56 ` Mark Rutland [this message]
2017-07-17 13:12 ` Will Deacon
2017-07-17 13:12 ` Will Deacon
2017-07-17 19:32 ` Rob Herring
2017-07-17 19:32 ` Rob Herring
2017-07-17 19:54 ` Kees Cook
2017-07-17 19:54 ` Kees Cook
2017-07-17 20:22 ` Ard Biesheuvel
[not found] ` <CAKv+Gu8X8d4HqVZOcusC2L9WzJNatBkAgtKONjzad9SgdsrFRA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-07-17 21:05 ` Rob Herring
2017-07-17 21:05 ` Rob Herring
2017-07-17 21:26 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170717115557.GA29650@remoulade \
--to=mark.rutland@arm.com \
--cc=ard.biesheuvel@linaro.org \
--cc=catalin.marinas@arm.com \
--cc=devicetree@vger.kernel.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matt.redfearn@imgtec.com \
--cc=robh+dt@kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.