@@ -27,6 +27,8 @@
#define FDT_PROP_INITRD_END "linux,initrd-end"
#define FDT_PROP_BOOTARGS "bootargs"
#define FDT_PROP_KASLR_SEED "kaslr-seed"
+#define FDT_PROP_RNG_SEED "rng-seed"
+#define RNG_SEED_SIZE 128
const struct kexec_file_ops * const kexec_file_loaders[] = {
&kexec_image_ops,
@@ -102,6 +104,23 @@ static int setup_dtb(struct kimage *image,
FDT_PROP_KASLR_SEED);
}
+ /* add rng-seed */
+ if (rng_is_initialized()) {
+ void *rng_seed = kmalloc(RNG_SEED_SIZE, GFP_ATOMIC);
+ get_random_bytes(rng_seed, RNG_SEED_SIZE);
+
+ ret = fdt_setprop(dtb, off, FDT_PROP_RNG_SEED, rng_seed,
+ RNG_SEED_SIZE);
+ kfree(rng_seed);
+
+ if (ret)
+ goto out;
+
+ } else {
+ pr_notice("RNG is not initialised: omitting \"%s\" property\n",
+ FDT_PROP_RNG_SEED);
+ }
+
out:
if (ret)
return (ret == -FDT_ERR_NOSPACE) ? -ENOMEM : -EINVAL;
@@ -110,7 +129,8 @@ static int setup_dtb(struct kimage *image,
}
/*
- * More space needed so that we can add initrd, bootargs and kaslr-seed.
+ * More space needed so that we can add initrd, bootargs, kaslr-seed, and
+ * rng-seed.
*/
#define DTB_EXTRA_SPACE 0x1000
Adding "rng-seed" to dtb. It's fine to add this property if original fdt doesn't contain it. Since original seed will be deleted after read, so use a default size 128 bytes here. Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org> --- * Will add corresponding part to userspace kexec-tools if this is accepted. --- arch/arm64/kernel/machine_kexec_file.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-)