From: Laura Abbott <lauraa@codeaurora.org>
To: Grant Likely <grant.likely@linaro.org>,
Rob Herring <robh+dt@kernel.org>, Arnd Bergmann <arnd@arndb.de>
Cc: Laura Abbott <lauraa@codeaurora.org>,
linux-kernel@vger.kernel.org, devicetree@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Kumar Gala <galak@codeaurora.org>,
Kees Cook <keescook@chromium.org>
Subject: [RFC/PATCH 0/3] Add devicetree scanning for randomness
Date: Tue, 11 Feb 2014 17:33:22 -0800 [thread overview]
Message-ID: <1392168805-14200-1-git-send-email-lauraa@codeaurora.org> (raw)
Hi,
This is an RFC to seed the random number pool earlier when using devicetree.
The big issue this is trying to solve is the fact that the stack canary for
ARM tends to be the same across bootups of the same device. This is because
the random number pools do not get initialized until after the canary has
been set up. The canary can be moved later, but in general there is still
no way to reliably get random numbers early for other features (e.g. vector
randomization).
The goal here is to allow devices to add to the random pools via
add_device_randomness or some other method of their chosing at FDT time.
I realize that ARCH_RANDOM is already available but this didn't work because
1) ARCH_RANDOM is not multi-platform compatible without added
infrastructure to ARM
2) There is no uniform way to generate the random numbers which
would require an additional framework (same result as #1, different
reasons)
3) Given there is no uniform way to generate the random numbers, it seems
unlikely that 'early' random numbers would work the same as 'non-early'
random number which adds another layer of complexity.
The big reason to skip ARCH_RANDOM though is that the random number generation
we have would be reasonable if only seeded earlier.
Thanks,
Laura
Laura Abbott (3):
of: Add early randomness hooks
arm: Add ARCH_WANT_OF_RANDOMNESS
init: Move stack canary initialization after setup_arch
arch/arm/Kconfig | 3 ++
arch/arm/kernel/vmlinux.lds.S | 1 +
drivers/of/Kconfig | 7 ++++++
drivers/of/Makefile | 1 +
drivers/of/fdt.c | 7 ++++++
drivers/of/of_randomness.c | 43 +++++++++++++++++++++++++++++++++++++
include/asm-generic/vmlinux.lds.h | 5 ++++
include/linux/of_randomness.h | 42 ++++++++++++++++++++++++++++++++++++
init/main.c | 9 +++----
9 files changed, 113 insertions(+), 5 deletions(-)
create mode 100644 drivers/of/of_randomness.c
create mode 100644 include/linux/of_randomness.h
--
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
hosted by The Linux Foundation
next reply other threads:[~2014-02-12 1:33 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-12 1:33 Laura Abbott [this message]
[not found] ` < 201402121251.06280.arnd@arndb.de>
2014-02-12 1:33 ` [RFC/PATCH 1/3] of: Add early randomness hooks Laura Abbott
2014-02-12 1:33 ` [RFC/PATCH 2/3] arm: Add ARCH_WANT_OF_RANDOMNESS Laura Abbott
2014-02-12 1:33 ` [RFC/PATCH 3/3] init: Move stack canary initialization after setup_arch Laura Abbott
2014-02-12 11:51 ` [RFC/PATCH 0/3] Add devicetree scanning for randomness Arnd Bergmann
[not found] ` <201402121251.06280.arnd-r2nGTMty4D4@public.gmane.org>
2014-02-12 17:45 ` Jason Cooper
[not found] ` <20140212174554.GM27395-u4khhh1J0LxI1Ri9qeTfzeTW4wlIGRCZ@public.gmane.org>
2014-02-12 18:13 ` Olof Johansson
[not found] ` <CAOesGMgNkdxW4znmns10-DPc4+OTWJLyx2fcJGTgdND6pp0zUQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-02-12 18:32 ` Jason Cooper
2014-02-12 18:20 ` Jason Gunthorpe
[not found] ` <20140212182000.GJ5554-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2014-02-12 18:51 ` Jason Cooper
2014-02-17 15:54 ` Grant Likely
2014-02-17 16:13 ` Arnd Bergmann
2014-02-17 18:23 ` Jason Cooper
2014-02-17 21:07 ` Geert Uytterhoeven
[not found] ` <CAMuHMdW7S=o4oHVsNtYo0i_giB5cgWhygo-GgSaA1Kur6m3vng-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-02-18 17:56 ` Jason Cooper
2014-02-18 9:39 ` Grant Likely
2014-02-18 18:19 ` Jason Gunthorpe
2014-02-12 18:17 ` Arnd Bergmann
2014-02-12 18:45 ` Jason Cooper
2014-02-12 19:12 ` Arnd Bergmann
2014-02-12 19:43 ` Jason Cooper
2014-02-12 23:55 ` Rob Herring
2014-02-12 21:35 ` Kees Cook
2014-02-13 0:06 ` Laura Abbott
[not found] ` < 1392168805-14200-2-git-send-email-lauraa@codeaurora.org>
[not found] ` <1392168805-14200-2-git-send-email-lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2014-02-12 16:47 ` [RFC/PATCH 1/3] of: Add early randomness hooks Grant Likely
[not found] ` < 1392168805-14200-3-git-send-email-lauraa@codeaurora.org>
[not found] ` <1392168805-14200-3-git-send-email-lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2014-02-12 16:49 ` [RFC/PATCH 2/3] arm: Add ARCH_WANT_OF_RANDOMNESS Grant Likely
[not found] ` <20140212164907.0E958C407C9-WNowdnHR2B42iJbIjFUEsiwD8/FfD2ys@public.gmane.org>
2014-02-13 0:54 ` Laura Abbott
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1392168805-14200-1-git-send-email-lauraa@codeaurora.org \
--to=lauraa@codeaurora.org \
--cc=arnd@arndb.de \
--cc=devicetree@vger.kernel.org \
--cc=galak@codeaurora.org \
--cc=grant.likely@linaro.org \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=robh+dt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).