On Thu, 30 May 2024 at 16:06, Tim Harvey <[email protected]> wrote: > > Use the fdt_kaslrseed function to deduplicate code doing the same thing. > > Note that the kalsrseed command (CMD_KASLRSEED) is likely pointless now > but left in place in case boot scripts exist that rely on this command > existing and returning success. An informational message is printed to > alert users of this command that it is likely no longer needed. > > Note that the Kernel's EFI STUB only relies on EFI_RNG_PROTOCOL for > randomization and completely ignores the kaslr-seed for its own > randomness needs (i.e the randomization of the physical placement of > the kernel). It gets weeded out from the DTB that gets handed over via > efi_install_fdt() as it would also mess up the measured boot DTB TPM > measurements as well. > > Signed-off-by: Tim Harvey <[email protected]> > Cc: Michal Simek <[email protected]> > Cc: Andy Yan <[email protected]> > Cc: Akash Gajjar <[email protected]> > Cc: Ilias Apalodimas <[email protected]> > Cc: Simon Glass <[email protected]> > Cc: Patrick Delaunay <[email protected]> > Cc: Patrice Chotard <[email protected]> > Cc: Devarsh Thakkar <[email protected]> > Cc: Heinrich Schuchardt <[email protected]> > Cc: Hugo Villeneuve <[email protected]> > Cc: Marek Vasut <[email protected]> > Cc: Tom Rini <[email protected]> > Cc: Chris Morgan <[email protected]> > --- > v5: > - fixed typo in commit message s/it's/its/ > - use cmd_process_error per Michal's suggestion > v4: > - add missing /n to notice in kaslrseed cmd > - combine ints in declaration > - remove unused vars from board/xilinx/common/board.c ft_board_setup > v3: > - skip if CONFIG_MEASURED_BOOT > - fix skip for CONFIG_ARMV8_SEC_FIRMWARE_SUPPORT > - pass in rng index and bool to specify overwrite > - remove duplicate error strings printed outside of fdt_kaslrseed > - added note to commit log about how EFI STUB weeds out kalsr-seed > v2: > - fix typo in commit msg > - use stack for seed to avoid unecessary malloc/free > - move to a library function and deduplicate code by using it > elsewhere > --- > board/xilinx/common/board.c | 40 ------------------------------ > boot/pxe_utils.c | 34 +------------------------ > cmd/kaslrseed.c | 49 ++++++------------------------------- > 3 files changed, 8 insertions(+), 115 deletions(-) >
Reviewed-by: Simon Glass <[email protected]>
