[PATCH v4 22/22] arm64: efi: invoke EFI_RNG_PROTOCOL to supply KASLR randomness

[PATCH v4 00/22] arm64: implement support for KASLR · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 01/22] of/fdt: make memblock minimum physical address arch configurable · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 02/22] arm64: introduce KIMAGE_VADDR as the virtual base of the kernel region · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 03/22] arm64: pgtable: implement static [pte|pmd|pud]_offset variants · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 04/22] arm64: decouple early fixmap init from linear mapping · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 07/22] arm64: move kernel image to base of vmalloc area · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 10/22] arm64: switch to relative exception tables · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 09/22] extable: add support for relative extables to search and sort routines · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 12/22] arm64: avoid dynamic relocations in early boot code · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 15/22] scripts/sortextable: add support for ET_DYN binaries · Ard Biesheuvel <hidden> · 2016-01-26
Re: [PATCH v4 15/22] scripts/sortextable: add support for ET_DYN binaries · Kees Cook <hidden> · 2016-01-26
[PATCH v4 16/22] kallsyms: add support for relative offsets in kallsyms address table · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 19/22] efi: stub: implement efi_get_random_bytes() based on EFI_RNG_PROTOCOL · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 21/22] efi: stub: use high allocation for converted command line · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 22/22] arm64: efi: invoke EFI_RNG_PROTOCOL to supply KASLR randomness · Ard Biesheuvel <hidden> · 2016-01-26
Re: [PATCH v4 22/22] arm64: efi: invoke EFI_RNG_PROTOCOL to supply KASLR randomness · Matt Fleming <hidden> · 2016-01-29
[PATCH v4 20/22] efi: stub: add implementation of efi_random_alloc() · Ard Biesheuvel <hidden> · 2016-01-26
Re: [PATCH v4 20/22] efi: stub: add implementation of efi_random_alloc() · Kees Cook <hidden> · 2016-01-26
Re: [PATCH v4 20/22] efi: stub: add implementation of efi_random_alloc() · Matt Fleming <hidden> · 2016-01-29
[PATCH v4 18/22] arm64: add support for kernel ASLR · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 17/22] arm64: add support for building the kernel as a relocate PIE binary · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 14/22] arm64: make asm/elf.h available to asm files · Ard Biesheuvel <hidden> · 2016-01-26
Re: [PATCH v4 14/22] arm64: make asm/elf.h available to asm files · Mark Rutland <mark.rutland@arm.com> · 2016-01-26
[PATCH v4 13/22] arm64: allow kernel Image to be loaded anywhere in physical memory · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 11/22] arm64: avoid R_AARCH64_ABS64 relocations for Image header fields · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 08/22] arm64: add support for module PLTs · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 06/22] arm64: add support for ioremap() block mappings · Ard Biesheuvel <hidden> · 2016-01-26
[PATCH v4 05/22] arm64: kvm: deal with kernel symbols outside of linear mapping · Ard Biesheuvel <hidden> · 2016-01-26
Re: [PATCH v4 05/22] arm64: kvm: deal with kernel symbols outside of linear mapping · Marc Zyngier <hidden> · 2016-01-26
Re: [PATCH v4 00/22] arm64: implement support for KASLR · Catalin Marinas <catalin.marinas@arm.com> · 2016-01-29
Re: [PATCH v4 00/22] arm64: implement support for KASLR · Ard Biesheuvel <hidden> · 2016-01-29

From: Matt Fleming <hidden>
Date: 2016-01-29 15:57:07
Also in: lkml

On Tue, 26 Jan, at 06:10:49PM, Ard Biesheuvel wrote:

Since arm64 does not use a decompressor that supplies an execution
environment where it is feasible to some extent to provide a source of
randomness, the arm64 KASLR kernel depends on the bootloader to supply
some random bits in the /chosen/kaslr-seed DT property upon kernel entry.

On UEFI systems, we can use the EFI_RNG_PROTOCOL, if supplied, to obtain
some random bits. At the same time, use it to randomize the offset of the
kernel Image in physical memory.

Signed-off-by: Ard Biesheuvel <redacted>
---
 arch/arm64/Kconfig                        |  5 ++
 drivers/firmware/efi/libstub/arm-stub.c   | 40 ++++++----
 drivers/firmware/efi/libstub/arm64-stub.c | 78 ++++++++++++++------
 drivers/firmware/efi/libstub/fdt.c        |  9 +++
 4 files changed, 97 insertions(+), 35 deletions(-)

 
[...]

quoted hunk ↗ jump to hunk

diff --git a/drivers/firmware/efi/libstub/fdt.c b/drivers/firmware/efi/libstub/fdt.c
index cf7b7d46302a..04c9302b0ef1 100644
--- a/drivers/firmware/efi/libstub/fdt.c
+++ b/drivers/firmware/efi/libstub/fdt.c

@@ -147,6 +147,15 @@ efi_status_t update_fdt(efi_system_table_t *sys_table, void *orig_fdt,
 	if (status)
 		goto fdt_set_fail;
 
+	if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) {
+		status = efi_get_random_bytes(sys_table, sizeof(fdt_val64),
+					      (u8 *)&fdt_val64);
+		if (status == EFI_SUCCESS)
+			status = fdt_setprop(fdt, node, "kaslr-seed",
+					     &fdt_val64, sizeof(fdt_val64));
+		else if (status != EFI_NOT_FOUND)
+			goto fdt_set_fail;
+	}
 	return EFI_SUCCESS;
 
 fdt_set_fail:

I think you want to handle the case where fdt_setprop() fails. With
this new code you'll silently return EFI_SUCCESS even if you fail to
set "kaslr-seed".

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help