| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Oct 2020 15:43:46 +0100
From: André Przywara <andre.przywara@....com>
To: James Morse <james.morse@....com>
Cc: Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Lorenzo Pieralisi <lorenzo.pieralisi@....com>,
Richard Henderson <richard.henderson@...aro.org>,
linux-kernel@...r.kernel.org, Mark Brown <broonie@...nel.org>,
Sudeep Holla <sudeep.holla@....com>,
Ard Biesheuvel <ardb@...nel.org>,
linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH 2/2] arm64: Add support for SMCCC TRNG firmware interface
On 07/10/2020 15:16, James Morse wrote:
Hi,
> On 06/10/2020 21:18, Andre Przywara wrote:
>> The ARM architected TRNG firmware interface, described in ARM spec
>> DEN0098[1], defines an ARM SMCCC based interface to a true random number
>> generator, provided by firmware.
>> This can be discovered via the SMCCC >=v1.1 interface, and provides
>> up to 192 bits of entropy per call.
>>
>> Hook this SMC call into arm64's arch_get_random_*() implementation,
>> coming to the rescue when the CPU does not implement the ARM v8.5 RNG
>> system registers.
>>
>> For the detection, we piggy back on the PSCI/SMCCC discovery (which gives
>> us the conduit to use: hvc or smc), then try to call the
>> ARM_SMCCC_TRNG_VERSION function, which returns -1 if this interface is
>> not implemented.
>
>> arch/arm64/include/asm/archrandom.h | 83 +++++++++++++++++++++++++----
>> 1 file changed, 73 insertions(+), 10 deletions(-)
>
>> diff --git a/arch/arm64/include/asm/archrandom.h b/arch/arm64/include/asm/archrandom.h
>> index ffb1a40d5475..b6c291c42a48 100644
>> --- a/arch/arm64/include/asm/archrandom.h
>> +++ b/arch/arm64/include/asm/archrandom.h
>> @@ -7,6 +7,13 @@
>> #include <linux/bug.h>
>> #include <linux/kernel.h>
>> #include <asm/cpufeature.h>
>> +#include <linux/arm-smccc.h>
>> +
>> +static enum smc_trng_status {
>> + SMC_TRNG_UNKNOWN,
>> + SMC_TRNG_NOT_SUPPORTED,
>> + SMC_TRNG_SUPPORTED
>> +} smc_trng_status = SMC_TRNG_UNKNOWN;
>
> Doesn't this static variable in a header file mean each file that includes this has its
> own copy? Is that intentional?
Right, and it's not intentional. It doesn't really break, but since
random.h includes archrandom.h, we get an instance everywhere :-(
I wasn't too happy with this detection method to begin with (and also
not with stuffing everything into a header file), but wanted to
accommodate the early case, where PSCI hasn't been initialised yet, and
so we don't know the SMCCC conduit. A static key sounds better, but gets
a bit hairy with this scenario, I think.
Any ideas here?
I could copy Ard's solution and introduce random.c, if that makes more
sense.
Cheers,
Andre
Powered by blists - more mailing lists