| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5d5ed368.1c69fb81.419fc.0803@mx.google.com>
Date: Thu, 22 Aug 2019 10:39:51 -0700
From: Stephen Boyd <swboyd@...omium.org>
To: "Theodore Y . Ts'o" <tytso@....edu>,
Hsin-Yi Wang <hsinyi@...omium.org>,
linux-arm-kernel@...ts.infradead.org
Cc: Russell King <linux@...linux.org.uk>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H . Peter Anvin" <hpa@...or.com>,
"Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
Kate Stewart <kstewart@...uxfoundation.org>,
"David S . Miller" <davem@...emloft.net>,
Viresh Kumar <viresh.kumar@...aro.org>,
Marek Szyprowski <m.szyprowski@...sung.com>,
Arnd Bergmann <arnd@...db.de>, Marc Zyngier <maz@...nel.org>,
Julien Thierry <julien.thierry.kdev@...il.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Wei Li <liwei391@...wei.com>,
Anders Roxell <anders.roxell@...aro.org>,
Rob Herring <robh@...nel.org>,
Aaro Koskinen <aaro.koskinen@...ia.com>,
Daniel Thompson <daniel.thompson@...aro.org>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Rik van Riel <riel@...riel.com>,
Waiman Long <longman@...hat.com>,
Marcelo Tosatti <mtosatti@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Armijn Hemel <armijn@...ldur.nl>,
Grzegorz Halat <ghalat@...hat.com>,
Len Brown <len.brown@...el.com>,
Shaokun Zhang <zhangshaokun@...ilicon.com>,
Mike Rapoport <rppt@...ux.vnet.ibm.com>,
Kees Cook <keescook@...omium.org>,
Guenter Roeck <groeck@...omium.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Alexey Dobriyan <adobriyan@...il.com>,
Yury Norov <ynorov@...vell.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Jiri Kosina <jkosina@...e.cz>,
Mukesh Ojha <mojha@...eaurora.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v9 2/3] fdt: add support for rng-seed
Quoting Hsin-Yi Wang (2019-08-22 00:15:22)
> Introducing a chosen node, rng-seed, which is an entropy that can be
> passed to kernel called very early to increase initial device
> randomness. Bootloader should provide this entropy and the value is
> read from /chosen/rng-seed in DT.
>
> Obtain of_fdt_crc32 for CRC check after early_init_dt_scan_nodes(),
> since early_init_dt_scan_chosen() would modify fdt to erase rng-seed.
>
> Add a new interface add_bootloader_randomness() for rng-seed use case.
> Depends on whether the seed is trustworthy, rng seed would be passed to
> add_hwgenerator_randomness(). Otherwise it would be passed to
> add_device_randomness(). Decision is controlled by kernel config
> RANDOM_TRUST_BOOTLOADER.
>
> Signed-off-by: Hsin-Yi Wang <hsinyi@...omium.org>
> Reviewed-by: Stephen Boyd <swboyd@...omium.org>
> Reviewed-by: Rob Herring <robh@...nel.org>
> ---
> Change from v8:
> * Add a new interface add_bootloader_randomness
> * Add a new kernel config
> ---
> drivers/char/Kconfig | 10 ++++++++++
> drivers/char/random.c | 15 +++++++++++++++
> drivers/of/fdt.c | 14 ++++++++++++--
> include/linux/random.h | 1 +
> 4 files changed, 38 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
> index 96156c729a31..5974a5906fd0 100644
> --- a/drivers/char/Kconfig
> +++ b/drivers/char/Kconfig
> @@ -551,3 +551,13 @@ config RANDOM_TRUST_CPU
> has not installed a hidden back door to compromise the CPU's
> random number generation facilities. This can also be configured
> at boot with "random.trust_cpu=on/off".
> +
> +config RANDOM_TRUST_BOOTLOADER
> + bool "Trust the bootloader to initialize Linux's CRNG"
> + default n
You can drop the default.
> + help
> + Bootloader could provide rng-seed set in /chosen/rng-seed in DT to help
> + increase initial device randomness. Assume the entropy provided is
> + trustworthy, it would be regarded as true hardware RNGs and update the
> + entropy estimate. Otherwise it would be regarded as device input that
> + could help mix the entropy pool, but won't be added to actual entropy.
Maybe reword this to something like:
Some bootloaders can provide entropy to increase the kernel's
initial device randomness. Say Y here to assume the entropy
provided by the booloader is trustworthy so it will be added to
the kernel's entropy pool. Otherwise, say N here so it will be
regarded as device input that only mixes the entropy pool.
> \ No newline at end of file
> diff --git a/drivers/char/random.c b/drivers/char/random.c
> index 5d5ea4ce1442..29d3ff3de1e1 100644
> --- a/drivers/char/random.c
> +++ b/drivers/char/random.c
> @@ -2445,3 +2445,18 @@ void add_hwgenerator_randomness(const char *buffer, size_t count,
> credit_entropy_bits(poolp, entropy);
> }
> EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
> +
> +/* Handle random seed passed by bootloader.
> + * If the seed is trustworthy, it would be regarded as hardware RNGs. Otherwise
> + * it would be regarded as device data.
> + * The decision is controlled by CONFIG_RANDOM_TRUST_BOOTLOADER.
> + */
> +void add_bootloader_randomness(const void *buf, unsigned int size)
> +{
> +#ifdef CONFIG_RANDOM_TRUST_BOOTLOADER
> + add_hwgenerator_randomness(buf, size, size * 8);
> +#else
> + add_device_randomness(buf, size);
> +#endif
Maybe use
if (IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER))
add_hwgenerator_randomness(buf, size, size * 8);
else
add_device_randomness(buf, size);
> +}
> +EXPORT_SYMBOL_GPL(add_bootloader_randomness);
> \ No newline at end of file
Powered by blists - more mailing lists