On Fri, May 10, 2019 at 2:14 PM Rasmus Villemoes linux@rasmusvillemoes.dk wrote:
So, why not just have the bootloader add whatever entropy it has via the commandline, which already gets mixed in? That requires no kernel changes, and works for all architectures.
If anything, perhaps instead of just adding gobbledygook=abc123, make an official command line parameter (there was talk about this at some point), and have the kernel overwrite the value with xxx so it's not visible in /proc/cmdline.
Rasmus
For some arch, besides commandline, we also need to overwrite bootargs in fdt, otherwise it's still visible by /sys/firmware/devicetree/base/chosen/bootargs for example.
Originally planned to land v2 as
diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c index de893c9616a1..96ea5eba9dd5 100644 --- a/drivers/of/fdt.c +++ b/drivers/of/fdt.c @@ -24,6 +24,7 @@ #include <linux/debugfs.h> #include <linux/serial_core.h> #include <linux/sysfs.h> +#include <linux/random.h>
#include <asm/setup.h> /* for COMMAND_LINE_SIZE */ #include <asm/page.h> @@ -1079,6 +1080,7 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname, { int l; const char *p; + const void *rng_seed;
pr_debug("search "chosen", depth: %d, uname: %s\n", depth, uname);
@@ -1113,6 +1115,15 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
pr_debug("Command line is: %s\n", (char*)data);
+ rng_seed = of_get_flat_dt_prop(node, "rng-seed", &l); + if (!rng_seed || l == 0) + return 1; + + /* try to clear seed so it won't be found. */ + fdt_nop_property(initial_boot_params, node, "rng-seed"); + + add_device_randomness(rng_seed, l); + /* break now */ return 1; }
(For arm64 RW/RO issue, it will be done in other patch.)
If we add parameter into commandline, I think we probably also need to do similar changes here since there are fdt related overwrite.