Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-9]: src/sys/stand/efiboot Pull up following revision(s) (requeste...



details:   https://anonhg.NetBSD.org/src/rev/35592c82bb8e
branches:  netbsd-9
changeset: 963615:35592c82bb8e
user:      martin <martin%NetBSD.org@localhost>
date:      Wed Feb 12 20:10:09 2020 +0000

description:
Pull up following revision(s) (requested by riastradh in ticket #705):

        sys/arch/aarch64/aarch64/aarch64_machdep.c: revision 1.35
        sys/stand/efiboot/efifdt.c: revision 1.20
        sys/stand/efiboot/efifdt.h: revision 1.7
        sys/arch/aarch64/include/machdep.h: revision 1.9
        sys/stand/efiboot/efiboot.h: revision 1.11
        sys/arch/arm/arm32/arm32_machdep.c: revision 1.129
        sys/arch/arm/include/arm32/machdep.h: revision 1.30
        sys/stand/efiboot/exec.c: revision 1.12
        sys/arch/evbarm/fdt/fdt_machdep.c: revision 1.65
        sys/stand/efiboot/version: revision 1.14
        sys/stand/efiboot/boot.c: revision 1.19

New function cpu_startup_hook on arm.

Called at end of cpu_startup.  Can be defined in, e.g., evbarm to do
additional stuff after cpu_startup.  Defined as a weak alias to a
function that does nothing, so optional.
ok jmcneill

Implement rndseed support in efiboot and fdt arm.

The EFI environment variable `rndseed' specifies the path to the
random seed.  It is loaded only for fdt platforms at the moment.
Since the rndseed (an rndsave_t object as defined in <sys/rndio.h>)
is 536 bytes long (for hysterical raisins), and to avoid having to
erase parts of the fdt tree, we load it into a physical page whose
address is passed in the fdt tree, rather than passing the content of
the file as an fdt node directly; the kernel then reserves the page
from uvm, and maps it into kva to call rnd_seed.

For now, the only kernel that does use efiboot with fdt is evbarm,
which knows to handle the rndseed.  Any new kernels that use efiboot
with fdt must do the same; otherwise uvm may hand out the page with
the secret key on it for a normal page allocation in the kernel --
which should be OK if there are no kernel memory disclosure bugs, but
would lead to worse consequences than simply loading the seed late in
userland with /etc/rc.d/random_seed otherwise.

ok jmcneill

diffstat:

 sys/arch/aarch64/aarch64/aarch64_machdep.c |  12 +++-
 sys/arch/aarch64/include/machdep.h         |   5 +-
 sys/arch/arm/arm32/arm32_machdep.c         |  12 +++-
 sys/arch/arm/include/arm32/machdep.h       |   5 +-
 sys/arch/evbarm/fdt/fdt_machdep.c          |  79 +++++++++++++++++++++++++++++-
 sys/stand/efiboot/boot.c                   |  35 ++++++++++++-
 sys/stand/efiboot/efiboot.h                |   4 +-
 sys/stand/efiboot/efifdt.c                 |  24 ++++++++-
 sys/stand/efiboot/efifdt.h                 |   3 +-
 sys/stand/efiboot/exec.c                   |  16 ++++-
 sys/stand/efiboot/version                  |   3 +-
 11 files changed, 182 insertions(+), 16 deletions(-)

diffs (truncated from 446 to 300 lines):

diff -r 9addf709867c -r 35592c82bb8e sys/arch/aarch64/aarch64/aarch64_machdep.c
--- a/sys/arch/aarch64/aarch64/aarch64_machdep.c        Wed Feb 12 20:05:58 2020 +0000
+++ b/sys/arch/aarch64/aarch64/aarch64_machdep.c        Wed Feb 12 20:10:09 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: aarch64_machdep.c,v 1.28.4.2 2020/01/21 11:11:00 martin Exp $ */
+/* $NetBSD: aarch64_machdep.c,v 1.28.4.3 2020/02/12 20:10:09 martin Exp $ */
 
 /*-
  * Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: aarch64_machdep.c,v 1.28.4.2 2020/01/21 11:11:00 martin Exp $");
+__KERNEL_RCSID(1, "$NetBSD: aarch64_machdep.c,v 1.28.4.3 2020/02/12 20:10:09 martin Exp $");
 
 #include "opt_arm_debug.h"
 #include "opt_ddb.h"
@@ -599,6 +599,14 @@
 
        /* Hello! */
        banner();
+
+       cpu_startup_hook();
+}
+
+__weak_alias(cpu_startup_hook,cpu_startup_default)
+void
+cpu_startup_default(void)
+{
 }
 
 /*
diff -r 9addf709867c -r 35592c82bb8e sys/arch/aarch64/include/machdep.h
--- a/sys/arch/aarch64/include/machdep.h        Wed Feb 12 20:05:58 2020 +0000
+++ b/sys/arch/aarch64/include/machdep.h        Wed Feb 12 20:10:09 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: machdep.h,v 1.8 2019/07/16 16:18:56 skrll Exp $        */
+/*     $NetBSD: machdep.h,v 1.8.2.1 2020/02/12 20:10:09 martin Exp $   */
 
 /*
  * Copyright (c) 2017 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -83,6 +83,9 @@
 void parse_mi_bootargs(char *);
 void dumpsys(void);
 
+void cpu_startup_hook(void);
+void cpu_startup_default(void);
+
 struct trapframe;
 
 /* fault.c */
diff -r 9addf709867c -r 35592c82bb8e sys/arch/arm/arm32/arm32_machdep.c
--- a/sys/arch/arm/arm32/arm32_machdep.c        Wed Feb 12 20:05:58 2020 +0000
+++ b/sys/arch/arm/arm32/arm32_machdep.c        Wed Feb 12 20:10:09 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: arm32_machdep.c,v 1.128 2019/05/10 16:43:09 skrll Exp $        */
+/*     $NetBSD: arm32_machdep.c,v 1.128.2.1 2020/02/12 20:10:09 martin Exp $   */
 
 /*
  * Copyright (c) 1994-1998 Mark Brinicombe.
@@ -42,7 +42,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: arm32_machdep.c,v 1.128 2019/05/10 16:43:09 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: arm32_machdep.c,v 1.128.2.1 2020/02/12 20:10:09 martin Exp $");
 
 #include "opt_arm_debug.h"
 #include "opt_arm_start.h"
@@ -353,6 +353,14 @@
 #else
        tf->tf_spsr = PSR_USR32_MODE;
 #endif
+
+       cpu_startup_hook();
+}
+
+__weak_alias(cpu_startup_hook,cpu_startup_default)
+void
+cpu_startup_default(void)
+{
 }
 
 /*
diff -r 9addf709867c -r 35592c82bb8e sys/arch/arm/include/arm32/machdep.h
--- a/sys/arch/arm/include/arm32/machdep.h      Wed Feb 12 20:05:58 2020 +0000
+++ b/sys/arch/arm/include/arm32/machdep.h      Wed Feb 12 20:10:09 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: machdep.h,v 1.29 2019/07/16 14:41:43 skrll Exp $ */
+/* $NetBSD: machdep.h,v 1.29.2.1 2020/02/12 20:10:09 martin Exp $ */
 
 #ifndef _ARM32_MACHDEP_H_
 #define _ARM32_MACHDEP_H_
@@ -73,6 +73,9 @@
 struct pmap_devmap;
 struct boot_physmem;
 
+void cpu_startup_hook(void);
+void cpu_startup_default(void);
+
 static inline paddr_t
 aarch32_kern_vtophys(vaddr_t va)
 {
diff -r 9addf709867c -r 35592c82bb8e sys/arch/evbarm/fdt/fdt_machdep.c
--- a/sys/arch/evbarm/fdt/fdt_machdep.c Wed Feb 12 20:05:58 2020 +0000
+++ b/sys/arch/evbarm/fdt/fdt_machdep.c Wed Feb 12 20:10:09 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: fdt_machdep.c,v 1.64 2019/07/16 14:41:45 skrll Exp $ */
+/* $NetBSD: fdt_machdep.c,v 1.64.2.1 2020/02/12 20:10:09 martin Exp $ */
 
 /*-
  * Copyright (c) 2015-2017 Jared McNeill <jmcneill%invisible.ca@localhost>
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: fdt_machdep.c,v 1.64 2019/07/16 14:41:45 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: fdt_machdep.c,v 1.64.2.1 2020/02/12 20:10:09 martin Exp $");
 
 #include "opt_machdep.h"
 #include "opt_bootconfig.h"
@@ -64,6 +64,7 @@
 #include <sys/disk.h>
 #include <sys/md5.h>
 #include <sys/pserialize.h>
+#include <sys/rnd.h>
 
 #include <net/if.h>
 #include <net/if_dl.h>
@@ -117,6 +118,7 @@
 const uint8_t *fdt_addr_r __attribute__((__section__(".data")));
 
 static uint64_t initrd_start, initrd_end;
+static uint64_t rndseed_start, rndseed_end;
 
 #include <libfdt.h>
 #include <dev/fdt/fdtvar.h>
@@ -311,6 +313,10 @@
        if (initrd_size > 0)
                fdt_memory_remove_range(initrd_start, initrd_size);
 
+       const uint64_t rndseed_size = rndseed_end - rndseed_start;
+       if (rndseed_size > 0)
+               fdt_memory_remove_range(rndseed_start, rndseed_size);
+
        const int framebuffer = OF_finddevice("/chosen/framebuffer");
        if (framebuffer >= 0) {
                for (index = 0;
@@ -390,6 +396,65 @@
 #endif
 }
 
+static void
+fdt_probe_rndseed(uint64_t *pstart, uint64_t *pend)
+{
+       int chosen, len;
+       const void *start_data, *end_data;
+
+       *pstart = *pend = 0;
+       chosen = OF_finddevice("/chosen");
+       if (chosen < 0)
+               return;
+
+       start_data = fdtbus_get_prop(chosen, "netbsd,rndseed-start", &len);
+       end_data = fdtbus_get_prop(chosen, "netbsd,rndseed-end", NULL);
+       if (start_data == NULL || end_data == NULL)
+               return;
+
+       switch (len) {
+       case 4:
+               *pstart = be32dec(start_data);
+               *pend = be32dec(end_data);
+               break;
+       case 8:
+               *pstart = be64dec(start_data);
+               *pend = be64dec(end_data);
+               break;
+       default:
+               printf("Unsupported len %d for /chosen/rndseed-start\n", len);
+               return;
+       }
+}
+
+static void
+fdt_setup_rndseed(void)
+{
+       const uint64_t rndseed_size = rndseed_end - rndseed_start;
+       const paddr_t startpa = trunc_page(rndseed_start);
+       const paddr_t endpa = round_page(rndseed_end);
+       paddr_t pa;
+       vaddr_t va;
+       void *rndseed;
+
+       if (rndseed_size == 0)
+               return;
+
+       va = uvm_km_alloc(kernel_map, endpa - startpa, 0,
+           UVM_KMF_VAONLY | UVM_KMF_NOWAIT);
+       if (va == 0) {
+               printf("Failed to allocate VA for rndseed\n");
+               return;
+       }
+       rndseed = (void *)va;
+
+       for (pa = startpa; pa < endpa; pa += PAGE_SIZE, va += PAGE_SIZE)
+               pmap_kenter_pa(va, pa, VM_PROT_READ|VM_PROT_WRITE, 0);
+       pmap_update(pmap_kernel());
+
+       rnd_seed(rndseed, rndseed_size);
+}
+
 #ifdef EFI_RUNTIME
 static void
 fdt_map_efi_runtime(const char *prop, enum arm_efirt_mem_type type)
@@ -518,6 +583,9 @@
        /* Parse ramdisk info */
        fdt_probe_initrd(&initrd_start, &initrd_end);
 
+       /* Parse rndseed */
+       fdt_probe_rndseed(&rndseed_start, &rndseed_end);
+
        /*
         * Populate bootconfig structure for the benefit of
         * dodumpsys
@@ -629,6 +697,13 @@
 }
 
 void
+cpu_startup_hook(void)
+{
+
+       fdt_setup_rndseed();
+}
+
+void
 delay(u_int us)
 {
        const struct arm_platform *plat = arm_fdt_platform();
diff -r 9addf709867c -r 35592c82bb8e sys/stand/efiboot/boot.c
--- a/sys/stand/efiboot/boot.c  Wed Feb 12 20:05:58 2020 +0000
+++ b/sys/stand/efiboot/boot.c  Wed Feb 12 20:10:09 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: boot.c,v 1.18.4.1 2020/01/26 11:21:58 martin Exp $     */
+/*     $NetBSD: boot.c,v 1.18.4.2 2020/02/12 20:10:09 martin Exp $     */
 
 /*-
  * Copyright (c) 2016 Kimihiro Nonaka <nonaka%netbsd.org@localhost>
@@ -75,6 +75,7 @@
 static char efibootplist_path[255];
 static char netbsd_path[255];
 static char netbsd_args[255];
+static char rndseed_path[255];
 
 #define        DEFTIMEOUT      5
 #define DEFFILENAME    names[0]
@@ -87,6 +88,7 @@
 void   command_dtb(char *);
 void   command_plist(char *);
 void   command_initrd(char *);
+void   command_rndseed(char *);
 void   command_ls(char *);
 void   command_mem(char *);
 void   command_printenv(char *);
@@ -103,6 +105,7 @@
        { "dtb",        command_dtb,            "dtb [dev:][filename]" },
        { "plist",      command_plist,          "plist [dev:][filename]" },
        { "initrd",     command_initrd,         "initrd [dev:][filename]" },
+       { "rndseed",    command_rndseed,        "rndseed [dev:][filename]" },
        { "ls",         command_ls,             "ls [hdNn:/path]" },
        { "mem",        command_mem,            "mem" },
        { "printenv",   command_printenv,       "printenv [key]" },
@@ -183,6 +186,12 @@
 }
 
 void
+command_rndseed(char *arg)
+{
+       set_rndseed_path(arg);
+}
+
+void
 command_ls(char *arg)
 {
        ls(arg);
@@ -350,6 +359,21 @@
 }
 
 int
+set_rndseed_path(const char *arg)
+{
+       if (strlen(arg) + 1 > sizeof(rndseed_path))
+               return ERANGE;
+       strcpy(rndseed_path, arg);
+       return 0;
+}
+
+char *
+get_rndseed_path(void)
+{



Home | Main Index | Thread Index | Old Index