+++ /dev/null
-From 196dff2712ca5a2e651977bb2fe6b05474111a83 Mon Sep 17 00:00:00 2001
-From: Ard Biesheuvel <ardb@kernel.org>
-Date: Thu, 20 Oct 2022 10:39:10 +0200
-Subject: efi: random: combine bootloader provided RNG seed with RNG protocol output
-
-From: Ard Biesheuvel <ardb@kernel.org>
-
-commit 196dff2712ca5a2e651977bb2fe6b05474111a83 upstream.
-
-Instead of blindly creating the EFI random seed configuration table if
-the RNG protocol is implemented and works, check whether such a EFI
-configuration table was provided by an earlier boot stage and if so,
-concatenate the existing and the new seeds, leaving it up to the core
-code to mix it in and credit it the way it sees fit.
-
-This can be used for, e.g., systemd-boot, to pass an additional seed to
-Linux in a way that can be consumed by the kernel very early. In that
-case, the following definitions should be used to pass the seed to the
-EFI stub:
-
-struct linux_efi_random_seed {
- u32 size; // of the 'seed' array in bytes
- u8 seed[];
-};
-
-The memory for the struct must be allocated as EFI_ACPI_RECLAIM_MEMORY
-pool memory, and the address of the struct in memory should be installed
-as a EFI configuration table using the following GUID:
-
-LINUX_EFI_RANDOM_SEED_TABLE_GUID 1ce1e5bc-7ceb-42f2-81e5-8aadf180f57b
-
-Note that doing so is safe even on kernels that were built without this
-patch applied, but the seed will simply be overwritten with a seed
-derived from the EFI RNG protocol, if available. The recommended seed
-size is 32 bytes, and seeds larger than 512 bytes are considered
-corrupted and ignored entirely.
-
-In order to preserve forward secrecy, seeds from previous bootloaders
-are memzero'd out, and in order to preserve memory, those older seeds
-are also freed from memory. Freeing from memory without first memzeroing
-is not safe to do, as it's possible that nothing else will ever
-overwrite those pages used by EFI.
-
-Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
-[ardb: incorporate Jason's followup changes to extend the maximum seed
- size on the consumer end, memzero() it and drop a needless printk]
-Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
-Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- arch/x86/boot/compressed/eboot.c | 3 +
- drivers/firmware/efi/efi.c | 4 -
- drivers/firmware/efi/libstub/Makefile | 5 +
- drivers/firmware/efi/libstub/efistub.h | 3 -
- drivers/firmware/efi/libstub/random.c | 86 +++++++++++++++++++++++++++------
- include/linux/efi.h | 2
- 6 files changed, 83 insertions(+), 20 deletions(-)
-
---- a/arch/x86/boot/compressed/eboot.c
-+++ b/arch/x86/boot/compressed/eboot.c
-@@ -782,6 +782,9 @@ efi_main(struct efi_config *c, struct bo
-
- /* Ask the firmware to clear memory on unclean shutdown */
- efi_enable_reset_attack_mitigation(sys_table);
-+
-+ efi_random_get_seed(sys_table);
-+
- efi_retrieve_tpm2_eventlog(sys_table);
-
- setup_graphics(boot_params);
---- a/drivers/firmware/efi/efi.c
-+++ b/drivers/firmware/efi/efi.c
-@@ -546,7 +546,7 @@ int __init efi_config_parse_tables(void
-
- seed = early_memremap(efi.rng_seed, sizeof(*seed));
- if (seed != NULL) {
-- size = min(seed->size, EFI_RANDOM_SEED_SIZE);
-+ size = min_t(u32, seed->size, SZ_1K); // sanity check
- early_memunmap(seed, sizeof(*seed));
- } else {
- pr_err("Could not map UEFI random seed!\n");
-@@ -555,8 +555,8 @@ int __init efi_config_parse_tables(void
- seed = early_memremap(efi.rng_seed,
- sizeof(*seed) + size);
- if (seed != NULL) {
-- pr_notice("seeding entropy pool\n");
- add_bootloader_randomness(seed->bits, size);
-+ memzero_explicit(seed->bits, size);
- early_memunmap(seed, sizeof(*seed) + size);
- } else {
- pr_err("Could not map UEFI random seed!\n");
---- a/drivers/firmware/efi/libstub/Makefile
-+++ b/drivers/firmware/efi/libstub/Makefile
-@@ -39,7 +39,8 @@ OBJECT_FILES_NON_STANDARD := y
- # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
- KCOV_INSTRUMENT := n
-
--lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o
-+lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o \
-+ random.o
-
- # include the stub's generic dependencies from lib/ when building for ARM/arm64
- arm-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c
-@@ -48,7 +49,7 @@ arm-deps-$(CONFIG_ARM64) += sort.c
- $(obj)/lib-%.o: $(srctree)/lib/%.c FORCE
- $(call if_changed_rule,cc_o_c)
-
--lib-$(CONFIG_EFI_ARMSTUB) += arm-stub.o fdt.o string.o random.o \
-+lib-$(CONFIG_EFI_ARMSTUB) += arm-stub.o fdt.o string.o \
- $(patsubst %.c,lib-%.o,$(arm-deps-y))
-
- lib-$(CONFIG_ARM) += arm32-stub.o
---- a/drivers/firmware/efi/libstub/efistub.h
-+++ b/drivers/firmware/efi/libstub/efistub.h
-@@ -34,6 +34,7 @@ extern int __pure novamap(void);
- } while (0)
-
- #define pr_efi_err(sys_table, msg) efi_printk(sys_table, "EFI stub: ERROR: "msg)
-+#define pr_efi_warn(sys_table, msg) efi_printk(sys_table, "EFI stub: WARNING: "msg)
-
- void efi_char16_printk(efi_system_table_t *, efi_char16_t *);
-
-@@ -63,8 +64,6 @@ efi_status_t efi_random_alloc(efi_system
-
- efi_status_t check_platform_features(efi_system_table_t *sys_table_arg);
-
--efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg);
--
- void *get_efi_config_table(efi_system_table_t *sys_table, efi_guid_t guid);
-
- /* Helper macros for the usual case of using simple C variables: */
---- a/drivers/firmware/efi/libstub/random.c
-+++ b/drivers/firmware/efi/libstub/random.c
-@@ -9,12 +9,22 @@
-
- #include "efistub.h"
-
--struct efi_rng_protocol {
-+typedef struct efi_rng_protocol {
- efi_status_t (*get_info)(struct efi_rng_protocol *,
- unsigned long *, efi_guid_t *);
- efi_status_t (*get_rng)(struct efi_rng_protocol *,
- efi_guid_t *, unsigned long, u8 *out);
--};
-+} efi_rng_protocol_t;
-+
-+typedef struct {
-+ u32 get_info;
-+ u32 get_rng;
-+} efi_rng_protocol_32_t;
-+
-+typedef struct {
-+ u64 get_info;
-+ u64 get_rng;
-+} efi_rng_protocol_64_t;
-
- efi_status_t efi_get_random_bytes(efi_system_table_t *sys_table_arg,
- unsigned long size, u8 *out)
-@@ -28,7 +38,7 @@ efi_status_t efi_get_random_bytes(efi_sy
- if (status != EFI_SUCCESS)
- return status;
-
-- return rng->get_rng(rng, NULL, size, out);
-+ return efi_call_proto(efi_rng_protocol, get_rng, rng, NULL, size, out);
- }
-
- /*
-@@ -141,13 +151,27 @@ efi_status_t efi_random_alloc(efi_system
- return status;
- }
-
-+/**
-+ * efi_random_get_seed() - provide random seed as configuration table
-+ *
-+ * The EFI_RNG_PROTOCOL is used to read random bytes. These random bytes are
-+ * saved as a configuration table which can be used as entropy by the kernel
-+ * for the initialization of its pseudo random number generator.
-+ *
-+ * If the EFI_RNG_PROTOCOL is not available or there are not enough random bytes
-+ * available, the configuration table will not be installed and an error code
-+ * will be returned.
-+ *
-+ * Return: status code
-+ */
- efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg)
- {
- efi_guid_t rng_proto = EFI_RNG_PROTOCOL_GUID;
- efi_guid_t rng_algo_raw = EFI_RNG_ALGORITHM_RAW;
- efi_guid_t rng_table_guid = LINUX_EFI_RANDOM_SEED_TABLE_GUID;
-- struct efi_rng_protocol *rng;
-- struct linux_efi_random_seed *seed;
-+ struct linux_efi_random_seed *prev_seed, *seed = NULL;
-+ int prev_seed_size = 0, seed_size = EFI_RANDOM_SEED_SIZE;
-+ struct efi_rng_protocol *rng = NULL;
- efi_status_t status;
-
- status = efi_call_early(locate_protocol, &rng_proto, NULL,
-@@ -155,34 +179,68 @@ efi_status_t efi_random_get_seed(efi_sys
- if (status != EFI_SUCCESS)
- return status;
-
-- status = efi_call_early(allocate_pool, EFI_RUNTIME_SERVICES_DATA,
-- sizeof(*seed) + EFI_RANDOM_SEED_SIZE,
-+ /*
-+ * Check whether a seed was provided by a prior boot stage. In that
-+ * case, instead of overwriting it, let's create a new buffer that can
-+ * hold both, and concatenate the existing and the new seeds.
-+ * Note that we should read the seed size with caution, in case the
-+ * table got corrupted in memory somehow.
-+ */
-+ prev_seed = get_efi_config_table(sys_table_arg, LINUX_EFI_RANDOM_SEED_TABLE_GUID);
-+ if (prev_seed && prev_seed->size <= 512U) {
-+ prev_seed_size = prev_seed->size;
-+ seed_size += prev_seed_size;
-+ }
-+
-+ /*
-+ * Use EFI_ACPI_RECLAIM_MEMORY here so that it is guaranteed that the
-+ * allocation will survive a kexec reboot (although we refresh the seed
-+ * beforehand)
-+ */
-+ status = efi_call_early(allocate_pool, EFI_ACPI_RECLAIM_MEMORY,
-+ struct_size(seed, bits, seed_size),
- (void **)&seed);
-- if (status != EFI_SUCCESS)
-- return status;
-+ if (status != EFI_SUCCESS) {
-+ pr_efi_warn(sys_table_arg, "Failed to allocate memory for RNG seed.\n");
-+ goto err_warn;
-+ }
-
-- status = rng->get_rng(rng, &rng_algo_raw, EFI_RANDOM_SEED_SIZE,
-- seed->bits);
-+ status = efi_call_proto(efi_rng_protocol, get_rng, rng, &rng_algo_raw,
-+ EFI_RANDOM_SEED_SIZE, seed->bits);
- if (status == EFI_UNSUPPORTED)
- /*
- * Use whatever algorithm we have available if the raw algorithm
- * is not implemented.
- */
-- status = rng->get_rng(rng, NULL, EFI_RANDOM_SEED_SIZE,
-- seed->bits);
-+ status = efi_call_proto(efi_rng_protocol, get_rng, rng, NULL,
-+ EFI_RANDOM_SEED_SIZE, seed->bits);
-
- if (status != EFI_SUCCESS)
- goto err_freepool;
-
-- seed->size = EFI_RANDOM_SEED_SIZE;
-+ seed->size = seed_size;
-+ if (prev_seed_size)
-+ memcpy(seed->bits + EFI_RANDOM_SEED_SIZE, prev_seed->bits,
-+ prev_seed_size);
-+
- status = efi_call_early(install_configuration_table, &rng_table_guid,
- seed);
- if (status != EFI_SUCCESS)
- goto err_freepool;
-
-+ if (prev_seed_size) {
-+ /* wipe and free the old seed if we managed to install the new one */
-+ memzero_explicit(prev_seed->bits, prev_seed_size);
-+ efi_call_early(free_pool, prev_seed);
-+ }
- return EFI_SUCCESS;
-
- err_freepool:
-+ memzero_explicit(seed, struct_size(seed, bits, seed_size));
- efi_call_early(free_pool, seed);
-+ pr_efi_warn(sys_table_arg, "Failed to obtain seed from EFI_RNG_PROTOCOL\n");
-+err_warn:
-+ if (prev_seed)
-+ pr_efi_warn(sys_table_arg, "Retaining bootloader-supplied seed only");
- return status;
- }
---- a/include/linux/efi.h
-+++ b/include/linux/efi.h
-@@ -1653,6 +1653,8 @@ static inline void
- efi_enable_reset_attack_mitigation(efi_system_table_t *sys_table_arg) { }
- #endif
-
-+efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg);
-+
- void efi_retrieve_tpm2_eventlog(efi_system_table_t *sys_table);
-
- /*
projects / thirdparty / kernel / stable-queue.git / commitdiff
