From patchwork Fri Feb 26 11:01:57 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurentiu Tudor X-Patchwork-Id: 8435471 Return-Path: X-Original-To: patchwork-linux-arm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id ED747C0553 for ; Fri, 26 Feb 2016 11:04:14 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id F372D202EB for ; Fri, 26 Feb 2016 11:04:13 +0000 (UTC) Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.9]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9AA162035E for ; Fri, 26 Feb 2016 11:04:12 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1aZGAC-0000n4-U9; Fri, 26 Feb 2016 11:02:24 +0000 Received: from mail-am1on0091.outbound.protection.outlook.com ([157.56.112.91] helo=emea01-am1-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1aZGA8-0000kc-GM for linux-arm-kernel@lists.infradead.org; Fri, 26 Feb 2016 11:02:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NXP1.onmicrosoft.com; s=selector1-nxp-com; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=TY77LWm7vahA4IXla3t/ZvBocFvD93nLMZhUn6cKgzM=; b=xxswNZyVzBQlkeUSijDCLjHTfph1NvH7ll9C2I0BUCCCQE6zqqdSicaKdmi+G6cIxDdA7xIM/uDemNa7l4SGWZ7MhBJ2Gw5Ew+htkfDo37qbZ2a8em3qFAjL3NdfsQYoLVNPE8HQX3PwiJddoIt2IGhXlwk0VbIbN/OaERssnSY= Received: from DB3PR04MB0650.eurprd04.prod.outlook.com (10.160.45.26) by DB3PR04MB0649.eurprd04.prod.outlook.com (10.160.45.25) with Microsoft SMTP Server (TLS) id 15.1.409.15; Fri, 26 Feb 2016 11:01:57 +0000 Received: from DB3PR04MB0650.eurprd04.prod.outlook.com ([10.160.45.26]) by DB3PR04MB0650.eurprd04.prod.outlook.com ([10.160.45.26]) with mapi id 15.01.0409.024; Fri, 26 Feb 2016 11:01:57 +0000 From: Laurentiu Tudor To: "linux-arm-kernel@lists.infradead.org" Subject: [PATCH][RFC] arm64: kaslr: add pseudo-RNG in kernel Thread-Topic: [PATCH][RFC] arm64: kaslr: add pseudo-RNG in kernel Thread-Index: AQHRcIUbLeQFDYZPo0GMjoW0ry3UYA== Date: Fri, 26 Feb 2016 11:01:57 +0000 Message-ID: <56D030A4.5050205@nxp.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: lists.infradead.org; dkim=none (message not signed) header.d=none; lists.infradead.org; dmarc=none action=none header.from=nxp.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [192.88.146.1] x-microsoft-exchange-diagnostics: 1; DB3PR04MB0649; 5:BV6DgeDqsbtrxJvnWnWBpVpC6MSUncWapn2Dre2AfudzXeXDO/2wf6BhZFBOvLVh35oNi7NfDWNzuycnb+ytPWkxGvg3xGcLhCUzRC8UlGD0ISDkCHrtXE+JZMZx0yN0ShVe45XkqaaQQkG/IQcv2w==; 24:05OvaSKA2u+uYAEIl2nohzYq2rOby9a8HPGUX3FM7xJDy35DKvHj2UYNsh3LnAnIWOibVn3k5/M1UdsRSaI0OfxXCp3bdYaivBBhqYHE1Pw= x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB3PR04MB0649; x-ms-office365-filtering-correlation-id: bf1d4840-a69c-4148-4a4d-08d33e9c3e70 x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(185117386973197); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001); SRVR:DB3PR04MB0649; BCL:0; PCL:0; RULEID:; SRVR:DB3PR04MB0649; x-forefront-prvs: 0864A36BBF x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(5004730100002)(229853001)(92566002)(2351001)(10400500002)(3660700001)(6116002)(3280700002)(80316001)(77096005)(19580395003)(19580405001)(86362001)(33656002)(2501003)(122556002)(5008740100001)(2906002)(189998001)(87266999)(11100500001)(54356999)(5001960100002)(106116001)(110136002)(1220700001)(2900100001)(50986999)(87936001)(3846002)(102836003)(4326007)(65816999)(40100003)(586003)(15975445007)(36756003)(66066001)(1096002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB3PR04MB0649; H:DB3PR04MB0650.eurprd04.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en; spamdiagnosticoutput: 1:23 spamdiagnosticmetadata: NSPM Content-ID: <58F4B7AEA0286142A1AE1FD4EAD382DC@eurprd04.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Feb 2016 11:01:57.1488 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR04MB0649 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160226_030220_893033_3BE444A0 X-CRM114-Status: GOOD ( 14.17 ) X-Spam-Score: -1.9 (-) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel , Kees Cook , Laurentiu Tudor Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In case the bootloader doesn't provide randomness (through device tree or by uefi protocol) generate a pseudo-random seed based on the timer counter. People might find this "week rng" approach convenient as it gets rid of the bootloader dependency. The patch tries to mimic the x86's rdtsc based implementation authored by Kees Cook. Signed-off-by: Laurentiu Tudor Cc: Ard Biesheuvel Cc: Kees Cook --- based on http://git.linaro.org/people/ard.biesheuvel/linux-arm.git, branch arm64-kaslr-v6 arch/arm64/kernel/kaslr.c | 44 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c index 5829839..41e9cbd 100644 --- a/arch/arm64/kernel/kaslr.c +++ b/arch/arm64/kernel/kaslr.c @@ -13,6 +13,7 @@ #include #include +#include #include #include #include @@ -20,9 +21,30 @@ #include #include +#include +#include + +/* Simplified build-specific string for starting entropy. */ +static const char build_str[] = UTS_RELEASE " (" LINUX_COMPILE_BY "@" + LINUX_COMPILE_HOST ") (" LINUX_COMPILER ") " UTS_VERSION; + u64 __read_mostly module_alloc_base; u16 __initdata memstart_offset_seed; +static u64 rotate_xor(u64 hash, const void *area, size_t size) +{ + size_t i; + unsigned long *ptr = (unsigned long *)area; + + for (i = 0; i < size / sizeof(hash); i++) { + /* Rotate by odd number of bits and XOR. */ + hash = (hash << ((sizeof(hash) * 8) - 7)) | (hash >> 7); + hash ^= ptr[i]; + } + + return hash; +} + static __init u64 get_kaslr_seed(void *fdt) { int node, len; @@ -101,8 +123,26 @@ u64 __init kaslr_early_init(u64 dt_phys) * Retrieve (and wipe) the seed from the FDT */ seed = get_kaslr_seed(fdt); - if (!seed) - return 0; + if (!seed) { + u64 raw; + const u64 mix_const = 0x5d6008cbf3848dd3UL; + + /* + * Attempt to create a simple but unpredictable starting + * entropy. + */ + seed = rotate_xor(seed, build_str, sizeof(build_str)); + seed = rotate_xor(seed, fdt, size); + + raw = arch_counter_get_cntvct(); + seed ^= raw; + + /* Circular multiply for better bit diffusion */ + asm("mul %1, %2, %3; umulh %0, %2, %3" + : "=&r" (raw), "=&r" (seed) + : "r" (seed), "r" (mix_const)); + seed += raw; + } /* * Check if 'nokaslr' appears on the command line, and