If RANDOMIZE_BASE is enabled in the Linux kernel instructing it to
randomize the virtual address at which the kernel image is loaded, it
expects entropy to be provided by the bootloader by populating
/chosen/kaslr-seed with a 64-bit value from source of entropy at boot.
If we have DM_RNG enabled poulate this value automatically when
fdt_chosen is called.
Signed-off-by: Tim Harvey <thar...@gateworks.com>
---
boot/fdt_support.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/boot/fdt_support.c b/boot/fdt_support.c
index 874ca4d6f5af..cd3069baf450 100644
--- a/boot/fdt_support.c
+++ b/boot/fdt_support.c
@@ -7,10 +7,12 @@
*/
#include <abuf.h>
+#include <dm.h>
#include <env.h>
#include <log.h>
#include <mapmem.h>
#include <net.h>
+#include <rng.h>
#include <stdio_dev.h>
#include <dm/ofnode.h>
#include <linux/ctype.h>
@@ -300,6 +302,27 @@ int fdt_chosen(void *fdt)
if (nodeoffset < 0)
return nodeoffset;
+ if (IS_ENABLED(CONFIG_DM_RNG)) {
+ struct udevice *dev;
+ size_t len = 0x8;
+ u64 *data;
+
+ data = malloc(len);
+ if (!data)
+ return -ENOMEM;
+
+ err = uclass_get_device(UCLASS_RNG, 0, &dev);
+ if (!err)
+ err = dm_rng_read(dev, data, len);
+ if (!err)
+ err = fdt_setprop(fdt, nodeoffset, "kaslr-seed", data,
len);
+ if (err < 0) {
+ printf("WARNING: could not set kaslr-seed %s.\n",
+ fdt_strerror(err));
+ return err;
+ }
+ }
+
if (IS_ENABLED(CONFIG_BOARD_RNG_SEED) && !board_rng_seed(&buf)) {
err = fdt_setprop(fdt, nodeoffset, "rng-seed",
abuf_data(&buf), abuf_size(&buf));
--
2.25.1
