From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 43DEBC433F5
	for <u-boot@archiver.kernel.org>; Sat, 29 Jan 2022 13:04:57 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id A19F983675;
	Sat, 29 Jan 2022 14:04:55 +0100 (CET)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="aMCFTVec";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 1154C83677; Sat, 29 Jan 2022 14:04:54 +0100 (CET)
Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com
 [IPv6:2a00:1450:4864:20::630])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 32D8183282
 for <u-boot@lists.denx.de>; Sat, 29 Jan 2022 14:04:51 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org
Received: by mail-ej1-x630.google.com with SMTP id j2so25695275ejk.6
 for <u-boot@lists.denx.de>; Sat, 29 Jan 2022 05:04:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-disposition:in-reply-to;
 bh=LZWlcQkiVKjR/k7BYJNTNItn4I6D1ZL0KCD4i4+zWrs=;
 b=aMCFTVec+15eXPlojxJansxTQ8ofEJIbgvAZWeSd047lX30AAo/mVchFBv4+J1YtZy
 byvZCJJHKp4LiKpT8lrPS0VJQOMMRjjkK1XX8NW2TYh+2zdsAfcVdQ4uXTHvJdfMrAdj
 DcPeQV9mYUNVLCG8HEY2cYvcKHJkLY+Q4r80Swbe/kXe3ws7pM2Hg/zcjaDD0Kv4bhUw
 sdU/afBr1pfiTE8BegNeXrzP/4S1Wa+pLE+8DZFqMuFgAqytWBUbeEiJYK8ayNnEUGkX
 YG+jJ+Iui4BrgYu+zYMblT39Qwswu6wieaGz7IU9mqubavdzY3lbRc9Ua3zAeewuJ3Wk
 RiNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to;
 bh=LZWlcQkiVKjR/k7BYJNTNItn4I6D1ZL0KCD4i4+zWrs=;
 b=Xjaw4j9S1TpKmAEOpOvOcE3U044WiCfUYms/CKXg3MGbtXJdVeSEANj2oWQMacHPPy
 GASAL2aIoPUNrvexEbsdLFx4N7naK1lAVLq9XdP3Tb0j8SEKZy7Q/jXRsWPxSGvqjQFm
 ql+rhrbz/mxqn0dr28ib7z3Y7suddR7GEIgAe5BggTB+yl1UGgTYwZJdszWGJ0m/ZAsH
 FCb4RTlAd//9Y9lM2drPc6KtMcbA97cu79TYDqZJ3HIO3D3Yvpxf+yPao8pctnpPuB5X
 pmVYwsj4eQoOiIsGwi+5QR7pdv7+4/uHTUNgYZ4rE0TPhKM4rCQhdqzsabzUKjjl8Lep
 A0vg==
X-Gm-Message-State: AOAM533+jzIIXafvGnoqBuyGePi3QnFpa0hQJGKzXxsnL57+wO1+Yi8U
 USiO8CR4ZhDD8TbCABnUEg9oyXqof/IJY6sw
X-Google-Smtp-Source: ABdhPJxjXDWgU9gWo78Sogz78oTnvqUOi7tA1UNpmI6rFD1tcPcwHOCvtDuK8M5wu5gPCKbyIYKIDQ==
X-Received: by 2002:a17:906:6b12:: with SMTP id
 q18mr3677386ejr.660.1643461490775; 
 Sat, 29 Jan 2022 05:04:50 -0800 (PST)
Received: from hades (athedsl-4461669.home.otenet.gr. [94.71.4.85])
 by smtp.gmail.com with ESMTPSA id f19sm9801505edu.22.2022.01.29.05.04.49
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 29 Jan 2022 05:04:50 -0800 (PST)
Date: Sat, 29 Jan 2022 15:04:48 +0200
From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Zhang Ning <zhangn1985@qq.com>
Cc: u-boot@lists.denx.de
Subject: Re: [PATCH] add kaslr-seed generation to extlinux.conf
Message-ID: <YfU7cLOADKWhx/B/@hades>
References: <tencent_DDDF45F7D8537BA60D9974E7446D83994106@qq.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <tencent_DDDF45F7D8537BA60D9974E7446D83994106@qq.com>
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de
X-Virus-Status: Clean

Hi Zhang,

On Sat, Jan 29, 2022 at 10:06:53AM +0800, Zhang Ning wrote:
> add kaslrseed key word to extlinux.conf,
> which means generate kaslr-seed for linux
> 
> with this patch exlinux.conf boot item looks like

I am not too familiar with the extlinux stuff in U-Boot.  Does that boot
with efi or not?  On the efi booting kaslr-seed is close to useless for
linux.  In fact we explicitly strip it when booting with EFI and and RNG 
hardware is available. 

The EFI stub ignores it and uses the EFI_RNG_PROTOCOL. Since you
rely on an rng device to generate it the EFI_RNG_PROTOCOL will be
installed. 

> 
> label l0
>         menu testing
>         linux /boot/vmlinuz-5.15.16-arm
>         initrd /boot/initramfs-5.15.16-arm.img
>         fdtdir /boot/dtbs/5.15.16-arm/
>         kaslrseed
>         append root=UUID=92ae1e50-eeeb-4c5b-8939-7e1cd6cfb059 ro
> 
> Signed-off-by: Zhang Ning <zhangn1985@qq.com>
> ---
>  boot/pxe_utils.c    | 69 +++++++++++++++++++++++++++++++++++++++++++++
>  include/pxe_utils.h |  2 ++
>  2 files changed, 71 insertions(+)
> 
> diff --git a/boot/pxe_utils.c b/boot/pxe_utils.c
> index bb231b11a2..c7c422926e 100644
> --- a/boot/pxe_utils.c
> +++ b/boot/pxe_utils.c
> @@ -20,6 +20,11 @@
>  #include <errno.h>
>  #include <linux/list.h>
>  
> +#ifdef CONFIG_DM_RNG
> +#include <dm.h>
> +#include <rng.h>
> +#endif
> +
>  #include <splash.h>
>  #include <asm/io.h>
>  
> @@ -311,6 +316,61 @@ static int label_localboot(struct pxe_label *label)
>  	return run_command_list(localcmd, strlen(localcmd), 0);
>  }
>  
> +/*
> + * label_boot_kaslrseed generate kaslrseed from hw rng
> + */
> +
> +static void label_boot_kaslrseed(void)
> +{
> +#ifdef CONFIG_DM_RNG
> +	ulong fdt_addr;
> +	struct fdt_header *working_fdt;
> +	size_t n = 0x8;
> +	struct udevice *dev;
> +	u64 *buf;
> +	int nodeoffset;
> +	int err;
> +
> +	/* Get the main fdt and map it */
> +	fdt_addr = hextoul(env_get("fdt_addr_r"), NULL);
> +	working_fdt = map_sysmem(fdt_addr, 0);
> +	err = fdt_check_header(working_fdt);
> +	if (err)
> +		return;
> +
> +	if (uclass_get_device(UCLASS_RNG, 0, &dev) || !dev) {
> +		printf("No RNG device\n");
> +		return;
> +	}
> +
> +	buf = malloc(n);
> +	if (!buf) {
> +		printf("Out of memory\n");
> +		return;
> +	}
> +
> +	if (dm_rng_read(dev, buf, n)) {
> +		printf("Reading RNG failed\n");
> +		return;
> +	}
> +
> +	nodeoffset = fdt_find_or_add_subnode(working_fdt, 0, "chosen");
> +	if (nodeoffset < 0) {
> +		printf("Reading chosen node failed\n");
> +		return;
> +	}
> +
> +	err = fdt_setprop(working_fdt, nodeoffset, "kaslr-seed", buf, sizeof(buf));
> +	if (err < 0) {
> +		printf("Unable to set kaslr-seed on chosen node: %s\n", fdt_strerror(err));
> +		return;
> +	}

Almost all of the return cases fail to free the buffer.  I'd write that a
bit differently as well.  Just allocate the buffer *after* you made sure
the hardware and required nodes are there.

Regards
/Ilias
> +
> +	free(buf);
> +#endif
> +	return;
> +}
> +
>  /**
>   * label_boot_fdtoverlay() - Loads fdt overlays specified in 'fdtoverlays'
>   *
> @@ -631,6 +691,9 @@ static int label_boot(struct pxe_context *ctx, struct pxe_label *label)
>  				}
>  			}
>  
> +		if (label->kaslrseed)
> +			label_boot_kaslrseed();
> +
>  #ifdef CONFIG_OF_LIBFDT_OVERLAY
>  			if (label->fdtoverlays)
>  				label_boot_fdtoverlay(ctx, label);
> @@ -710,6 +773,7 @@ enum token_type {
>  	T_ONTIMEOUT,
>  	T_IPAPPEND,
>  	T_BACKGROUND,
> +	T_KASLRSEED,
>  	T_INVALID
>  };
>  
> @@ -741,6 +805,7 @@ static const struct token keywords[] = {
>  	{"ontimeout", T_ONTIMEOUT,},
>  	{"ipappend", T_IPAPPEND,},
>  	{"background", T_BACKGROUND,},
> +	{"kaslrseed", T_KASLRSEED,},
>  	{NULL, T_INVALID}
>  };
>  
> @@ -1194,6 +1259,10 @@ static int parse_label(char **c, struct pxe_menu *cfg)
>  			err = parse_integer(c, &label->ipappend);
>  			break;
>  
> +		case T_KASLRSEED:
> +			label->kaslrseed = 1;
> +			break;
> +
>  		case T_EOL:
>  			break;
>  
> diff --git a/include/pxe_utils.h b/include/pxe_utils.h
> index dad2668818..4a73b2aace 100644
> --- a/include/pxe_utils.h
> +++ b/include/pxe_utils.h
> @@ -33,6 +33,7 @@
>   * initrd - path to the initrd to use for this label.
>   * attempted - 0 if we haven't tried to boot this label, 1 if we have.
>   * localboot - 1 if this label specified 'localboot', 0 otherwise.
> + * kaslrseed - 1 if generate kaslrseed from hw_rng
>   * list - lets these form a list, which a pxe_menu struct will hold.
>   */
>  struct pxe_label {
> @@ -50,6 +51,7 @@ struct pxe_label {
>  	int attempted;
>  	int localboot;
>  	int localboot_val;
> +	int kaslrseed;
>  	struct list_head list;
>  };
>  
> -- 
> 2.34.1
>