| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Jul 2015 16:37:42 +0100
From: Matt Fleming <matt.fleming@...el.com>
To: "Lee, Chun-Yi" <joeyli.kernel@...il.com>
CC: <linux-kernel@...r.kernel.org>, <linux-efi@...r.kernel.org>,
<linux-pm@...r.kernel.org>, "Rafael J. Wysocki" <rjw@...k.pl>,
"Matthew Garrett" <matthew.garrett@...ula.com>,
Len Brown <len.brown@...el.com>, Pavel Machek <pavel@....cz>,
Josh Boyer <jwboyer@...hat.com>,
"Vojtech Pavlik" <vojtech@...e.cz>, Jiri Kosina <jkosina@...e.cz>,
"H. Peter Anvin" <hpa@...or.com>, "Lee, Chun-Yi" <jlee@...e.com>
Subject: Re: [RFC PATCH 04/16] x86/efi: Generating random number in EFI stub
On Thu, 2015-07-16 at 22:25 +0800, Lee, Chun-Yi wrote:
> This patch adds the codes for generating random number array as the
> HMAC key that will used by later EFI stub codes.
>
> The original codes in efi_random copied from aslr and add the codes
> to accept input entropy and EFI debugging. In later patch will add
> the codes to get random number by EFI protocol. The separate codes
> can avoid impacting aslr function.
>
> Signed-off-by: Lee, Chun-Yi <jlee@...e.com>
> ---
> arch/x86/boot/compressed/Makefile | 1 +
> arch/x86/boot/compressed/efi_random.c | 88 +++++++++++++++++++++++++++++++++++
> arch/x86/boot/compressed/misc.c | 4 +-
> arch/x86/boot/compressed/misc.h | 2 +-
> 4 files changed, 92 insertions(+), 3 deletions(-)
> create mode 100644 arch/x86/boot/compressed/efi_random.c
[...]
> +static unsigned long get_random_long(unsigned long entropy,
> + struct boot_params *boot_params,
> + efi_system_table_t *sys_table)
> +{
> +#ifdef CONFIG_X86_64
> + const unsigned long mix_const = 0x5d6008cbf3848dd3UL;
> +#else
> + const unsigned long mix_const = 0x3f39e593UL;
> +#endif
> + unsigned long raw, random;
> + bool use_i8254 = true;
> +
> + efi_printk(sys_table, " EFI random");
Probably want to remove these efi_printk()s from the final version ;-)
> + if (entropy)
> + random = entropy;
> + else
> + random = get_random_boot(boot_params);
> +
> + if (rdrand_feature()) {
> + efi_printk(sys_table, " RDRAND");
> + if (rdrand_long(&raw)) {
> + random ^= raw;
> + use_i8254 = false;
> + }
> + }
> +
> + if (rdtsc_feature()) {
> + efi_printk(sys_table, " RDTSC");
> + rdtscll(raw);
> +
> + random ^= raw;
> + use_i8254 = false;
> + }
> +
> + if (use_i8254) {
> + efi_printk(sys_table, " i8254");
> + random ^= i8254();
> + }
> +
> + /* Circular multiply for better bit diffusion */
> + asm("mul %3"
> + : "=a" (random), "=d" (raw)
> + : "a" (random), "rm" (mix_const));
> + random += raw;
> +
> + efi_printk(sys_table, "...\n");
> +
> + return random;
> +}
> +
> +void efi_get_random_key(efi_system_table_t *sys_table,
> + struct boot_params *params, u8 key[], int size)
> +{
I would think that the size of the key array should be unsigned.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists