lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAL_JsqKA1_HV5V17mHkKn8X72c_UN2Jg=TYtJkt93YM6SSDMSg@mail.gmail.com>
Date:   Mon, 7 Nov 2022 11:28:20 -0600
From:   Rob Herring <robh@...nel.org>
To:     "Jason A. Donenfeld" <Jason@...c4.com>
Cc:     devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
        Frank Rowand <frowand.list@...il.com>
Subject: Re: [PATCH] of: fdt: parse early params before adding bootloader randomness

On Fri, Nov 4, 2022 at 8:46 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
>
> FDT is examined so early that it's before the first incidental call to
> parse_early_param(). This is similar to EFI, except EFI actually added
> an explicitly call to parse_early_param(). Let's do the same here, so
> that specifying `random.trust_bootloader=0` is not ignored.
>
> Fixes: d97c68d178fb ("random: treat bootloader trust toggle the same way as cpu trust toggle")
> Cc: Rob Herring <robh@...nel.org>
> Cc: Frank Rowand <frowand.list@...il.com>
> Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
> ---
>  drivers/of/fdt.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index 7b571a631639..6d959117fd4f 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -1195,6 +1195,9 @@ int __init early_init_dt_scan_chosen(char *cmdline)
>
>         rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l);
>         if (rng_seed && l > 0) {
> +               /* Parse random.trust_bootloader if it's in command line. */
> +               parse_early_param();

I don't think it's good that the timing of calling this is dependent
on "rng-seed" being present or not. So perhaps move it up to after the
cmdline is set.

Either way, the other issue is the cmdline is not necessarily fixed at
this point with some architectures doing their own
append/prepend/override of the cmdline. We can't seem to get common
implementation there finished. I'm doubtful that corner case would
actually be hit though.

Rob

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ