From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5C68BC433F5 for ; Mon, 3 Jan 2022 07:27:39 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 91A97805F9; Mon, 3 Jan 2022 08:27:36 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="wGIs1sWh"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 297F082EBB; Mon, 3 Jan 2022 08:27:35 +0100 (CET) Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8A2968015E for ; Mon, 3 Jan 2022 08:27:31 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-ed1-x52e.google.com with SMTP id j21so132492056edt.9 for ; Sun, 02 Jan 2022 23:27:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=809ZxKpJGbVFjt3AbHIyueUOojbZakAcwZoaaU6zt8M=; b=wGIs1sWhvIFdtEiuwspG2omodHMB1xEfoVhDIaNAWzZhOsLwLVg+5CYFYHyz6xLCGE FezSElEgJW1nVs5hYeJZb1njN/+jGvm4Ja0jE96AdZXAt4s3vQzkJxNSQZludUI5WpjH ETRKnaYs7P31kl8GA1yPpxmi5JM18nI2w5Aw4PXsWT8B8R/FXaiylRdOI4vzVbjx4rPL ire64K2Nl6cpmH/4RXEzjFTi3Hd3FSYEaPo1fK6UfEYUG09OI3VRgQgvg8tZBf7n8RTv XgUJxmBsfzjelD9VzyVsnmNn9bZUonLMiQjF9ShEAIJzW/nkmvDJUyDkdB8MeaSIQvR2 4iBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=809ZxKpJGbVFjt3AbHIyueUOojbZakAcwZoaaU6zt8M=; b=2ZWVqlCqetIwaYpqktmFPQ4pBZN/R78XH693GcNZMXwgS8sCmQy82nS6PKsr7lm1yq yXbDeEo03RF1CsxRn3W+/zLAtE8nYpqhiWEe15El3nZu2fZYe4aAl1MwIP5JFZ37+mEB RX6g+7Vcao7WV/G6kXQhma1F8tXb2BSUOEiAGCmDhmOJFXPl1ahQf8CCsJzOtELCHdkK CJkzn+3ukP8zMmleYIm9Ccp1fGESkWmPGFsnyAAgJWQSmHxxq1PFeyNzIdvqNwKZP2uz b17j+wkM2eVLGk+r2jGm53w3eSvjODki643D1Al0A3lK4NJu5qvuEDCavcb6FkCYJOM0 ZMQg== X-Gm-Message-State: AOAM533m0Hr2Er0Y2d/A5GAo9pxYAN8NYo6Y++Bx9iolii5+LSCJyoQd ztfXDk+JxGFvXjxRvK6814xAvA== X-Google-Smtp-Source: ABdhPJyZURpJWTay4EJZkfGb7WqFkQVz02/ov/z5gijYB6dPiQz7kAWAtvQvAjdbO0sf1BVbIYiU5A== X-Received: by 2002:a17:907:d0b:: with SMTP id gn11mr34260184ejc.379.1641194850924; Sun, 02 Jan 2022 23:27:30 -0800 (PST) Received: from hades (athedsl-4461669.home.otenet.gr. [94.71.4.85]) by smtp.gmail.com with ESMTPSA id hq29sm10597174ejc.141.2022.01.02.23.27.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 02 Jan 2022 23:27:30 -0800 (PST) Date: Mon, 3 Jan 2022 09:27:28 +0200 From: Ilias Apalodimas To: Heinrich Schuchardt Cc: ardb@kernel.org, agraf@csgraf.de, u-boot@lists.denx.de, Mark Kettenis Subject: Re: [PATCH v2] efi_loader: Get rid of kaslr-seed Message-ID: References: <20211217070644.2458603-1-ilias.apalodimas@linaro.org> <16F01EF8-EE64-4B2D-B48E-D91E1E3DF4A7@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <16F01EF8-EE64-4B2D-B48E-D91E1E3DF4A7@gmx.de> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.38 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean On Sun, Jan 02, 2022 at 10:06:11PM +0100, Heinrich Schuchardt wrote: > Am 2. Januar 2022 21:50:35 MEZ schrieb Ilias Apalodimas : > >Hi Heinrich, > > > >> > > > > > > > >[...] > > > >> > > > > diff --git a/cmd/bootefi.c b/cmd/bootefi.c > >> > > > > index d77d3b6e943d..57f13ce701ec 100644 > >> > > > > --- a/cmd/bootefi.c > >> > > > > +++ b/cmd/bootefi.c > >> > > > > @@ -310,6 +310,8 @@ efi_status_t efi_install_fdt(void *fdt) > >> > > > > /* Create memory reservations as indicated by the device tree */ > >> > > > > efi_carve_out_dt_rsv(fdt); > >> > > > > > >> > > > > + efi_try_purge_kaslr_seed(fdt); > >> > >> This function should only be invoked for CONFIG_EFI_TCG2_PROTOCOL=y. > > > >Why? As we discussed the kernel ignores the kaslr-seed for the > >physical randomization. The only reason we would like to keep it is > >for the randomization of the virtual address. But if the EFI > >RNG protocol is installed the EFI stub is already doing the right thing. > >So I really think purging it if EFI RNG is installed is the best option > >here (regardless of TPM measurements) > > > > The only reason to delete kaslr-seed is that it conflicts with measured boot. If an OS prefers the RNG protocol over kaslr-seed is the decision of the OS and nothing U-Boot has to care about. > I thought Mark said OpenBSD has a similar approach and prefers RNG over kaslr-seed. I pretty much agree with Ard here [1] for a cleaner way forward. > You will have to delete kaslr-seed no matter if you have a RNG protocol or not if and only if you want to use measured boot. But an RNG protocol seems to take priority over kaslr-seed so why keep it? Also having a TPM (and measured boot) means you can *always* have an RNG protocol installed. [1] https://lore.kernel.org/u-boot/CAMj1kXGpnmKaZLzQ5LuHA=CqEm=2zjyu9Ri7TZxbM-tE3ZzAew@mail.gmail.com/ Regards /Ilias > > Best regards > > Heinrich > > >> > > > > + > >> > > > > /* Install device tree as UEFI table */ > >> > > > > ret = efi_install_configuration_table(&efi_guid_fdt, fdt); > >> > > > > if (ret != EFI_SUCCESS) { > >> > > > > diff --git a/include/efi_loader.h b/include/efi_loader.h > >> > > > > index 9dd6c2033634..1fe003db69e0 100644 > >> > > > > --- a/include/efi_loader.h > >> > > > > +++ b/include/efi_loader.h > >> > > > > @@ -519,6 +519,8 @@ efi_status_t EFIAPI efi_convert_pointer(efi_uintn_t debug_disposition, > >> > > > > void **address); > >> > > > > /* Carve out DT reserved memory ranges */ > >> > > > > void efi_carve_out_dt_rsv(void *fdt); > >> > > > > +/* Purge unused kaslr-seed */ > >> > > > > +void efi_try_purge_kaslr_seed(void *fdt); > >> > > > > /* Called by bootefi to make console interface available */ > >> > > > > efi_status_t efi_console_register(void); > >> > > > > /* Called by bootefi to make all disk storage accessible as EFI objects */ > >> > > > > diff --git a/lib/efi_loader/efi_dt_fixup.c b/lib/efi_loader/efi_dt_fixup.c > >> > > > > index b6fe5d2e5a34..d3923e5dba1b 100644 > >> > > > > --- a/lib/efi_loader/efi_dt_fixup.c > >> > > > > +++ b/lib/efi_loader/efi_dt_fixup.c > >> > > > > @@ -8,6 +8,7 @@ > >> > > > > #include > >> > > > > #include > >> > > > > #include > >> > > > > +#include > >> > > > > #include > >> > > > > #include > >> > > > > > >> > > > > @@ -40,6 +41,38 @@ static void efi_reserve_memory(u64 addr, u64 size, bool nomap) > >> > > > > addr, size); > >> > > > > } > >> > > > > > >> > > > > +/** > >> > > > > + * efi_try_purge_kaslr_seed() - Remove unused kaslr-seed > >> > > > > + * > >> > > > > + * Kernel's EFI STUB only relies on EFI_RNG_PROTOCOL for randomization > >> > > > > + * and completely ignores the kaslr-seed for its own randomness needs > >> > > > > + * (i.e the randomization of the physical placement of the kernel). > >> > > > > + * Weed it out from the DTB we hand over, which would mess up our DTB > >> > > > > + * TPM measurements as well. > >> > > > > + * > >> > > > > + * @fdt: Pointer to device tree > >> > > > > + */ > >> > > > > +void efi_try_purge_kaslr_seed(void *fdt) > >> > > > > +{ > >> > > > > + const efi_guid_t efi_guid_rng_protocol = EFI_RNG_PROTOCOL_GUID; > >> > >> There is not need to check if the RNG protocol is installed. If > >> CONFIG_EFI_TCG2_PROTOCOL=y, you should unconditionally remove > >> 'kaslr-seed' as it is incompatible with measured boot. > > > >That's not entirely correct. Right now having the kaslr-seed hurts no one, > >since we don't measure the DTB to begin with. What I intend to do is > >expose the RNG hardware of the TPM and use that if the hardware doesn't > >provide one already. This obviously means the kaslr-seed will be removed > >because the RNG protocol will always be installed with the current patch. > > > >I really don't see a connection between a *compile* time option which > >might not even have any effect if a TPM is not present, with an entry in > >the /chosen node. IMHO we should merge this patch since it improves > >existing use cases. I'll work on the rest and send patches soon. > > > >Cheers > >/Ilias > > > > > >> > >> Best regards > >> > >> Heinrich > >> > >> > > > > + struct efi_handler *handler; > >> > > > > + efi_status_t ret; > >> > > > > + int nodeoff = 0; > >> > > > > + int err = 0; > >> > > > > + > >> > > > > + ret = efi_search_protocol(efi_root, &efi_guid_rng_protocol, &handler); > >> > > > > + if (ret != EFI_SUCCESS) > >> > > > > + return; > >> > > > > + > >> > > > > + nodeoff = fdt_path_offset(fdt, "/chosen"); > >> > > > > + if (nodeoff < 0) > >> > > > > + return; > >> > > > > + > >> > > > > + err = fdt_delprop(fdt, nodeoff, "kaslr-seed"); > >> > > > > + if (err < 0 && err != -FDT_ERR_NOTFOUND) > >> > > > > + log_err("Error deleting kaslr-seed\n"); > >> > > > > +} > >> > > > > + > >> > > > > /** > >> > > > > * efi_carve_out_dt_rsv() - Carve out DT reserved memory ranges > >> > > > > * > >> > > > > -- > >> > > > > 2.30.2 > >> > > > > > >> > > > > > >> > > >