All of lore.kernel.org
 help / color / mirror / Atom feed
From: Sean Edmond <seanedmond@linux.microsoft.com>
To: Simon Glass <sjg@chromium.org>
Cc: u-boot@lists.denx.de, dphadke@linux.microsoft.com,
	macromorgan@hotmail.com
Subject: Re: [PATCH 1/3] fdt: common API to populate kaslr seed
Date: Wed, 9 Aug 2023 15:35:30 -0700	[thread overview]
Message-ID: <2e6afa29-53a1-38d4-d376-045669b931cb@linux.microsoft.com> (raw)
In-Reply-To: <CAPnjgZ2fYDcoYw3XOS4roL3yWVrgyVwKBNS9KEXOh_NHOtPhCQ@mail.gmail.com>


On 2023-08-08 7:03 p.m., Simon Glass wrote:
> Hi,
>
> On Fri, 4 Aug 2023 at 17:34, <seanedmond@linux.microsoft.com> wrote:
>> From: Dhananjay Phadke <dphadke@linux.microsoft.com>
>>
>> fdt_fixup_kaslr_seed() will update given FDT with random seed value.
>> Source for random seed can be TPM or RNG driver in u-boot or sec
>> firmware (ARM).
>>
>> Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com>
>> ---
>>   arch/arm/cpu/armv8/sec_firmware.c | 32 +++++++------------------------
>>   common/fdt_support.c              | 31 ++++++++++++++++++++++++++++++
>>   include/fdt_support.h             |  3 +++
>>   3 files changed, 41 insertions(+), 25 deletions(-)
> We need to find a way to use the ofnode API here.
>
>> diff --git a/arch/arm/cpu/armv8/sec_firmware.c b/arch/arm/cpu/armv8/sec_firmware.c
>> index c0e8726346..84ba49924e 100644
>> --- a/arch/arm/cpu/armv8/sec_firmware.c
>> +++ b/arch/arm/cpu/armv8/sec_firmware.c
>> @@ -411,46 +411,28 @@ int sec_firmware_init(const void *sec_firmware_img,
>>   /*
>>    * fdt_fix_kaslr - Add kalsr-seed node in Device tree
>>    * @fdt:               Device tree
>> - * @eret:              0 in case of error, 1 for success
>> + * @eret:              0 for success
>>    */
>>   int fdt_fixup_kaslr(void *fdt)
> You could pass an oftree to this function, e.g. obtained with:
>
> oftree_from_fdt(fdt)

The common API I added is fdt_fixup_kaslr_seed(), which was added to 
"common/fdt_support.c".

There are 3 callers:
sec_firmware_init()->fdt_fixup_kaslr_seed()
do_kaslr_seed()->fdt_fixup_kaslr_seed()
image_setup_libfdt()->fdt_tpm_kaslr_seed->fdt_fixup_kaslr_seed()

I think the ask is to create a common API that uses the ofnode API.  So, 
instead of fdt_fixup_kaslr_seed() I can create 
ofnode_fixup_kaslr_seed()?  Where should it live?  Are you also wanting 
the callers (eg. fdt_tpm_kaslr_seed, fdt_fixup_kaslr) to take oftree as 
input too?

>
>>   {
>> -       int nodeoffset;
>> -       int err, ret = 0;
>> -       u8 rand[8];
>> +       int ret = 0;
>>
>>   #if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT)
>> +       u8 rand[8];
>> +
>>          /* Check if random seed generation is  supported */
>>          if (sec_firmware_support_hwrng() == false) {
>>                  printf("WARNING: SEC firmware not running, no kaslr-seed\n");
>> -               return 0;
>> +               return -EOPNOTSUPP;
>>          }
>>
>>          err = sec_firmware_get_random(rand, 8);
>>          if (err < 0) {
>>                  printf("WARNING: No random number to set kaslr-seed\n");
>> -               return 0;
>> -       }
>> -
>> -       err = fdt_check_header(fdt);
>> -       if (err < 0) {
>> -               printf("fdt_chosen: %s\n", fdt_strerror(err));
>> -               return 0;
>> +               return ret;
>>          }
>>
>> -       /* find or create "/chosen" node. */
>> -       nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen");
>> -       if (nodeoffset < 0)
>> -               return 0;
>> -
>> -       err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", rand,
>> -                                 sizeof(rand));
>> -       if (err < 0) {
>> -               printf("WARNING: can't set kaslr-seed %s.\n",
>> -                      fdt_strerror(err));
>> -               return 0;
>> -       }
>> -       ret = 1;
>> +       ret = fdt_fixup_kaslr_seed(fdt, rand, sizeof(rand));
>>   #endif
>>
>>          return ret;
>> diff --git a/common/fdt_support.c b/common/fdt_support.c
>> index 5e49078f8c..35d4f26dbd 100644
>> --- a/common/fdt_support.c
>> +++ b/common/fdt_support.c
>> @@ -631,6 +631,37 @@ void fdt_fixup_ethernet(void *fdt)
>>          }
>>   }
>>
>> +/*
>> + * fdt_fix_kaslr_seed - Add kalsr-seed node in Device tree
>> + * @fdt:               Device tree
>> + * @eret:              0 for success
>> + */
>> +int fdt_fixup_kaslr_seed(void *fdt, const u8 *seed, int len)
>> +{
>> +       int nodeoffset;
>> +       int err;
>> +
>> +       err = fdt_check_header(fdt);
>> +       if (err < 0) {
>> +               printf("fdt_chosen: %s\n", fdt_strerror(err));
>> +               return err;
>> +       }
>> +
>> +       /* find or create "/chosen" node. */
>> +       nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen");
>> +       if (nodeoffset < 0)
>> +               return -ENOENT;
>> +
>> +       err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", seed, len);
>> +       if (err < 0) {
>> +               printf("WARNING: can't set kaslr-seed %s.\n",
>> +                      fdt_strerror(err));
>> +               return err;
>> +       }
>> +
>> +       return 0;
>> +}
>> +
>>   int fdt_record_loadable(void *blob, u32 index, const char *name,
>>                          uintptr_t load_addr, u32 size, uintptr_t entry_point,
>>                          const char *type, const char *os, const char *arch)
>> diff --git a/include/fdt_support.h b/include/fdt_support.h
>> index 2cd8366898..d74ef4e0a7 100644
>> --- a/include/fdt_support.h
>> +++ b/include/fdt_support.h
>> @@ -121,6 +121,9 @@ static inline int fdt_fixup_memory_banks(void *blob, u64 start[], u64 size[],
>>   #endif
>>
>>   void fdt_fixup_ethernet(void *fdt);
>> +
>> +int fdt_fixup_kaslr_seed(void *fdt, const u8 *seed, int len);
> Please get in the habit of adding full comments to exported functions.
>
>> +
>>   int fdt_find_and_setprop(void *fdt, const char *node, const char *prop,
>>                           const void *val, int len, int create);
>>   void fdt_fixup_qe_firmware(void *fdt);
>> --
>> 2.40.0
>>
> Regards,
> Simon
>
>

  reply	other threads:[~2023-08-09 22:35 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-04 23:33 [PATCH 0/3] Populate kaslr seed with TPM seanedmond
2023-08-04 23:33 ` [PATCH 1/3] fdt: common API to populate kaslr seed seanedmond
2023-08-09  2:03   ` Simon Glass
2023-08-09 22:35     ` Sean Edmond [this message]
2023-08-10  1:49       ` Simon Glass
2023-08-10 18:17         ` Chris Morgan
2023-08-11 17:14         ` Sean Edmond
2023-08-12 13:09           ` Simon Glass
2023-08-14 19:12             ` Sean Edmond
2023-08-15 14:44               ` Simon Glass
2023-08-15 17:46                 ` Sean Edmond
2023-08-17 16:03                   ` Sean Edmond
2023-08-18  3:09                     ` Simon Glass
2023-08-04 23:33 ` [PATCH 2/3] fdt: kaslr seed from tpm entropy seanedmond
2023-08-09  2:03   ` Simon Glass
2023-09-08 16:42   ` Ilias Apalodimas
2023-08-04 23:33 ` [PATCH 3/3] cmd: kaslrseed: Use common API to fixup FDT seanedmond

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2e6afa29-53a1-38d4-d376-045669b931cb@linux.microsoft.com \
    --to=seanedmond@linux.microsoft.com \
    --cc=dphadke@linux.microsoft.com \
    --cc=macromorgan@hotmail.com \
    --cc=sjg@chromium.org \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.