| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 24 Aug 2019 12:04:01 -0700
From: Kees Cook <keescook@...omium.org>
To: Stephen Boyd <swboyd@...omium.org>
Cc: "Theodore Y . Ts'o" <tytso@....edu>,
Hsin-Yi Wang <hsinyi@...omium.org>,
linux-arm-kernel@...ts.infradead.org,
Russell King <linux@...linux.org.uk>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H . Peter Anvin" <hpa@...or.com>,
"Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
Kate Stewart <kstewart@...uxfoundation.org>,
"David S . Miller" <davem@...emloft.net>,
Viresh Kumar <viresh.kumar@...aro.org>,
Marek Szyprowski <m.szyprowski@...sung.com>,
Arnd Bergmann <arnd@...db.de>, Marc Zyngier <maz@...nel.org>,
Julien Thierry <julien.thierry.kdev@...il.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Wei Li <liwei391@...wei.com>,
Anders Roxell <anders.roxell@...aro.org>,
Rob Herring <robh@...nel.org>,
Aaro Koskinen <aaro.koskinen@...ia.com>,
Daniel Thompson <daniel.thompson@...aro.org>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Rik van Riel <riel@...riel.com>,
Waiman Long <longman@...hat.com>,
Marcelo Tosatti <mtosatti@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Armijn Hemel <armijn@...ldur.nl>,
Grzegorz Halat <ghalat@...hat.com>,
Len Brown <len.brown@...el.com>,
Shaokun Zhang <zhangshaokun@...ilicon.com>,
Mike Rapoport <rppt@...ux.vnet.ibm.com>,
Guenter Roeck <groeck@...omium.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Alexey Dobriyan <adobriyan@...il.com>,
Yury Norov <ynorov@...vell.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Jiri Kosina <jkosina@...e.cz>,
Mukesh Ojha <mojha@...eaurora.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v9 2/3] fdt: add support for rng-seed
On Thu, Aug 22, 2019 at 10:39:51AM -0700, Stephen Boyd wrote:
> Quoting Hsin-Yi Wang (2019-08-22 00:15:22)
> > Introducing a chosen node, rng-seed, which is an entropy that can be
> > passed to kernel called very early to increase initial device
> > randomness. Bootloader should provide this entropy and the value is
> > read from /chosen/rng-seed in DT.
> >
> > Obtain of_fdt_crc32 for CRC check after early_init_dt_scan_nodes(),
> > since early_init_dt_scan_chosen() would modify fdt to erase rng-seed.
> >
> > Add a new interface add_bootloader_randomness() for rng-seed use case.
> > Depends on whether the seed is trustworthy, rng seed would be passed to
> > add_hwgenerator_randomness(). Otherwise it would be passed to
> > add_device_randomness(). Decision is controlled by kernel config
> > RANDOM_TRUST_BOOTLOADER.
> >
> > Signed-off-by: Hsin-Yi Wang <hsinyi@...omium.org>
> > Reviewed-by: Stephen Boyd <swboyd@...omium.org>
> > Reviewed-by: Rob Herring <robh@...nel.org>
> > ---
> > Change from v8:
> > * Add a new interface add_bootloader_randomness
> > * Add a new kernel config
> > ---
> > drivers/char/Kconfig | 10 ++++++++++
> > drivers/char/random.c | 15 +++++++++++++++
> > drivers/of/fdt.c | 14 ++++++++++++--
> > include/linux/random.h | 1 +
> > 4 files changed, 38 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
> > index 96156c729a31..5974a5906fd0 100644
> > --- a/drivers/char/Kconfig
> > +++ b/drivers/char/Kconfig
> > @@ -551,3 +551,13 @@ config RANDOM_TRUST_CPU
> > has not installed a hidden back door to compromise the CPU's
> > random number generation facilities. This can also be configured
> > at boot with "random.trust_cpu=on/off".
> > +
> > +config RANDOM_TRUST_BOOTLOADER
> > + bool "Trust the bootloader to initialize Linux's CRNG"
> > + default n
>
> You can drop the default.
>
> > + help
> > + Bootloader could provide rng-seed set in /chosen/rng-seed in DT to help
> > + increase initial device randomness. Assume the entropy provided is
> > + trustworthy, it would be regarded as true hardware RNGs and update the
> > + entropy estimate. Otherwise it would be regarded as device input that
> > + could help mix the entropy pool, but won't be added to actual entropy.
>
> Maybe reword this to something like:
>
> Some bootloaders can provide entropy to increase the kernel's
> initial device randomness. Say Y here to assume the entropy
> provided by the booloader is trustworthy so it will be added to
> the kernel's entropy pool. Otherwise, say N here so it will be
> regarded as device input that only mixes the entropy pool.
>
> > \ No newline at end of file
> > diff --git a/drivers/char/random.c b/drivers/char/random.c
> > index 5d5ea4ce1442..29d3ff3de1e1 100644
> > --- a/drivers/char/random.c
> > +++ b/drivers/char/random.c
> > @@ -2445,3 +2445,18 @@ void add_hwgenerator_randomness(const char *buffer, size_t count,
> > credit_entropy_bits(poolp, entropy);
> > }
> > EXPORT_SYMBOL_GPL(add_hwgenerator_randomness);
> > +
> > +/* Handle random seed passed by bootloader.
> > + * If the seed is trustworthy, it would be regarded as hardware RNGs. Otherwise
> > + * it would be regarded as device data.
> > + * The decision is controlled by CONFIG_RANDOM_TRUST_BOOTLOADER.
> > + */
> > +void add_bootloader_randomness(const void *buf, unsigned int size)
> > +{
> > +#ifdef CONFIG_RANDOM_TRUST_BOOTLOADER
Can this please be a boot param (with the default controlled by the
CONFIG)? See how CONFIG_RANDOM_TRUST_CPU is wired up...
-Kees
> > + add_hwgenerator_randomness(buf, size, size * 8);
> > +#else
> > + add_device_randomness(buf, size);
> > +#endif
>
> Maybe use
>
> if (IS_ENABLED(CONFIG_RANDOM_TRUST_BOOTLOADER))
> add_hwgenerator_randomness(buf, size, size * 8);
> else
> add_device_randomness(buf, size);
>
> > +}
> > +EXPORT_SYMBOL_GPL(add_bootloader_randomness);
> > \ No newline at end of file
--
Kees Cook
Powered by blists - more mailing lists