[PATCH 3/3] vsprintf: Add use-early-random-bytes cmd line option

Tue, 01 May 2018 16:35:22 -0700 

Currently if an attempt is made to print a pointer before there is
enough entropy then '(____ptrval____)' is printed.  This makes debugging
early stage stack traces difficult.  We can relax the requirement for
cryptographically secure hashing when debugging while still maintaining
pointer hashing behaviour.

Add a command line option 'use-early-random-bytes'.  When enabled get
key material from the hw RNG if available.

This option should NOT be enabled on production kernels.

Suggested-by: Kees Cook <keesc...@chromium.org>
Signed-off-by: Tobin C. Harding <m...@tobin.cc>
---
 lib/vsprintf.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 47 insertions(+), 3 deletions(-)

diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index b82f0c6c2aec..7b9cf6bb9fd2 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -1654,12 +1654,39 @@ char *device_node_string(char *buf, char *end, struct 
device_node *dn,
        return widen_string(buf, buf - buf_start, end, spec);
 }
 
+/*
+ * Command line option use_early_random_bytes allows debugging early in
+ * the boot sequence, if enabled we attempt to use the hw RNG to get
+ * ptr_key material.  Do NOT use on production kernels.
+ */
+static int use_early_random_bytes;
+EXPORT_SYMBOL(use_early_random_bytes);
+
+/*
+ * Process kernel command-line parameter at boot time.
+ * use_early_random_bytes=0 or use_early_random_bytes=1
+ */
+static int __init use_early_random_bytes_enable(char *str)
+{
+       long option;
+       int ret;
+
+       ret = !!kstrtol(str, 10, &option);
+       if (ret == 0 && option != 0)
+               use_early_random_bytes = 1;
+
+       pr_info("use_early_random_bytes: %s\n",
+               use_early_random_bytes ? "enabled" : "disabled");
+
+       return 1;
+}
+__setup("use-early-random-bytes=", use_early_random_bytes_enable);
+
 static bool have_filled_random_ptr_key __read_mostly;
 static siphash_key_t ptr_key __read_mostly;
 
-static void fill_random_ptr_key(struct random_ready_callback *unused)
+static void ptr_key_ready(void)
 {
-       get_random_bytes(&ptr_key, sizeof(ptr_key));
        /*
         * have_filled_random_ptr_key==true is dependent on get_random_bytes().
         * ptr_to_id() needs to see have_filled_random_ptr_key==true
@@ -1669,13 +1696,30 @@ static void fill_random_ptr_key(struct 
random_ready_callback *unused)
        WRITE_ONCE(have_filled_random_ptr_key, true);
 }
 
+static void fill_random_ptr_key(struct random_ready_callback *unused)
+{
+       get_random_bytes(&ptr_key, sizeof(ptr_key));
+       ptr_key_ready();
+}
+
 static struct random_ready_callback random_ready = {
        .func = fill_random_ptr_key
 };
 
 static int __init initialize_ptr_random(void)
 {
-       int ret = add_random_ready_callback(&random_ready);
+       int ret;
+
+       if (use_early_random_bytes) {
+               int nbytes = sizeof(ptr_key);
+
+               if (get_random_bytes_arch(&ptr_key, nbytes) == nbytes) {
+                       ptr_key_ready();
+                       return 0;
+               }
+       }
+
+       ret = add_random_ready_callback(&random_ready);
 
        if (!ret) {
                return 0;
-- 
2.7.4

Reply via email to