From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D0B23C0015E for ; Wed, 9 Aug 2023 22:35:36 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 167B680711; Thu, 10 Aug 2023 00:35:35 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="dOMo32m9"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id C182D8071F; Thu, 10 Aug 2023 00:35:34 +0200 (CEST) Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by phobos.denx.de (Postfix) with ESMTP id 874DE800D2 for ; Thu, 10 Aug 2023 00:35:32 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=seanedmond@linux.microsoft.com Received: from [192.168.1.68] (d172-218-241-181.bchsia.telus.net [172.218.241.181]) by linux.microsoft.com (Postfix) with ESMTPSA id 4649C20FC4D2; Wed, 9 Aug 2023 15:35:31 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 4649C20FC4D2 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1691620531; bh=oJLfBawmLV/m1WBdrq3C0RfjU8+1RNQnvxYPwHzuysg=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=dOMo32m9VnWeqzbM+CcKK7rhsa8UN7pMbPlCeniAye1GK3Bq2VCR6zn6/6v9hM6Xg nkLXeqchpz2avVyo8401HGTB6LSNthnU0jlYQsiW9jW+VMzX5LzhsUIRxIjkBuztM1 4o8DcVNwL0y3oSeV0ywxr+XlJmxCl6eftogH8YiU= Subject: Re: [PATCH 1/3] fdt: common API to populate kaslr seed To: Simon Glass Cc: u-boot@lists.denx.de, dphadke@linux.microsoft.com, macromorgan@hotmail.com References: <20230804233357.65214-1-seanedmond@linux.microsoft.com> <20230804233357.65214-2-seanedmond@linux.microsoft.com> From: Sean Edmond Message-ID: <2e6afa29-53a1-38d4-d376-045669b931cb@linux.microsoft.com> Date: Wed, 9 Aug 2023 15:35:30 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean On 2023-08-08 7:03 p.m., Simon Glass wrote: > Hi, > > On Fri, 4 Aug 2023 at 17:34, wrote: >> From: Dhananjay Phadke >> >> fdt_fixup_kaslr_seed() will update given FDT with random seed value. >> Source for random seed can be TPM or RNG driver in u-boot or sec >> firmware (ARM). >> >> Signed-off-by: Dhananjay Phadke >> --- >> arch/arm/cpu/armv8/sec_firmware.c | 32 +++++++------------------------ >> common/fdt_support.c | 31 ++++++++++++++++++++++++++++++ >> include/fdt_support.h | 3 +++ >> 3 files changed, 41 insertions(+), 25 deletions(-) > We need to find a way to use the ofnode API here. > >> diff --git a/arch/arm/cpu/armv8/sec_firmware.c b/arch/arm/cpu/armv8/sec_firmware.c >> index c0e8726346..84ba49924e 100644 >> --- a/arch/arm/cpu/armv8/sec_firmware.c >> +++ b/arch/arm/cpu/armv8/sec_firmware.c >> @@ -411,46 +411,28 @@ int sec_firmware_init(const void *sec_firmware_img, >> /* >> * fdt_fix_kaslr - Add kalsr-seed node in Device tree >> * @fdt: Device tree >> - * @eret: 0 in case of error, 1 for success >> + * @eret: 0 for success >> */ >> int fdt_fixup_kaslr(void *fdt) > You could pass an oftree to this function, e.g. obtained with: > > oftree_from_fdt(fdt) The common API I added is fdt_fixup_kaslr_seed(), which was added to "common/fdt_support.c". There are 3 callers: sec_firmware_init()->fdt_fixup_kaslr_seed() do_kaslr_seed()->fdt_fixup_kaslr_seed() image_setup_libfdt()->fdt_tpm_kaslr_seed->fdt_fixup_kaslr_seed() I think the ask is to create a common API that uses the ofnode API.  So, instead of fdt_fixup_kaslr_seed() I can create ofnode_fixup_kaslr_seed()?  Where should it live?  Are you also wanting the callers (eg. fdt_tpm_kaslr_seed, fdt_fixup_kaslr) to take oftree as input too? > >> { >> - int nodeoffset; >> - int err, ret = 0; >> - u8 rand[8]; >> + int ret = 0; >> >> #if defined(CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT) >> + u8 rand[8]; >> + >> /* Check if random seed generation is supported */ >> if (sec_firmware_support_hwrng() == false) { >> printf("WARNING: SEC firmware not running, no kaslr-seed\n"); >> - return 0; >> + return -EOPNOTSUPP; >> } >> >> err = sec_firmware_get_random(rand, 8); >> if (err < 0) { >> printf("WARNING: No random number to set kaslr-seed\n"); >> - return 0; >> - } >> - >> - err = fdt_check_header(fdt); >> - if (err < 0) { >> - printf("fdt_chosen: %s\n", fdt_strerror(err)); >> - return 0; >> + return ret; >> } >> >> - /* find or create "/chosen" node. */ >> - nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen"); >> - if (nodeoffset < 0) >> - return 0; >> - >> - err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", rand, >> - sizeof(rand)); >> - if (err < 0) { >> - printf("WARNING: can't set kaslr-seed %s.\n", >> - fdt_strerror(err)); >> - return 0; >> - } >> - ret = 1; >> + ret = fdt_fixup_kaslr_seed(fdt, rand, sizeof(rand)); >> #endif >> >> return ret; >> diff --git a/common/fdt_support.c b/common/fdt_support.c >> index 5e49078f8c..35d4f26dbd 100644 >> --- a/common/fdt_support.c >> +++ b/common/fdt_support.c >> @@ -631,6 +631,37 @@ void fdt_fixup_ethernet(void *fdt) >> } >> } >> >> +/* >> + * fdt_fix_kaslr_seed - Add kalsr-seed node in Device tree >> + * @fdt: Device tree >> + * @eret: 0 for success >> + */ >> +int fdt_fixup_kaslr_seed(void *fdt, const u8 *seed, int len) >> +{ >> + int nodeoffset; >> + int err; >> + >> + err = fdt_check_header(fdt); >> + if (err < 0) { >> + printf("fdt_chosen: %s\n", fdt_strerror(err)); >> + return err; >> + } >> + >> + /* find or create "/chosen" node. */ >> + nodeoffset = fdt_find_or_add_subnode(fdt, 0, "chosen"); >> + if (nodeoffset < 0) >> + return -ENOENT; >> + >> + err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", seed, len); >> + if (err < 0) { >> + printf("WARNING: can't set kaslr-seed %s.\n", >> + fdt_strerror(err)); >> + return err; >> + } >> + >> + return 0; >> +} >> + >> int fdt_record_loadable(void *blob, u32 index, const char *name, >> uintptr_t load_addr, u32 size, uintptr_t entry_point, >> const char *type, const char *os, const char *arch) >> diff --git a/include/fdt_support.h b/include/fdt_support.h >> index 2cd8366898..d74ef4e0a7 100644 >> --- a/include/fdt_support.h >> +++ b/include/fdt_support.h >> @@ -121,6 +121,9 @@ static inline int fdt_fixup_memory_banks(void *blob, u64 start[], u64 size[], >> #endif >> >> void fdt_fixup_ethernet(void *fdt); >> + >> +int fdt_fixup_kaslr_seed(void *fdt, const u8 *seed, int len); > Please get in the habit of adding full comments to exported functions. > >> + >> int fdt_find_and_setprop(void *fdt, const char *node, const char *prop, >> const void *val, int len, int create); >> void fdt_fixup_qe_firmware(void *fdt); >> -- >> 2.40.0 >> > Regards, > Simon > >