From nobody Sun Apr 19 21:56:59 2026
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D97CAC43334
	for <linux-kernel@archiver.kernel.org>; Sun, 26 Jun 2022 11:15:33 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233675AbiFZLPc (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Sun, 26 Jun 2022 07:15:32 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52866 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229631AbiFZLPa (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 26 Jun 2022 07:15:30 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org
 [IPv6:2604:1380:4641:c500::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 57C77BE2E
        for <linux-kernel@vger.kernel.org>;
 Sun, 26 Jun 2022 04:15:29 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id F025E611F9
        for <linux-kernel@vger.kernel.org>;
 Sun, 26 Jun 2022 11:15:28 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id D25DAC34114;
        Sun, 26 Jun 2022 11:15:27 +0000 (UTC)
Authentication-Results: smtp.kernel.org;
        dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com
 header.b="fny0/IT4"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105;
        t=1656242125;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=ztpCLeJiN8x8NtOpZ42f8MSD1Gm0OAEWaX3b+SAs9kA=;
        b=fny0/IT4ZwXmr6J7YriIEf3MCfCq11FKNasaW4DcI58lhhHAUNvJtLW59OCCqNICTRq13s
        lSUgR6eU7MNTm0Laq+DYAcVxlKaMZ9eWR7VenLKXpbvGhx3/T0D7B32EsYc2wzJGdWOkYm
        fRsH+lUBjLdV9RMyIcusngxCiXZ7++U=
Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id c89af2ac
 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO);
        Sun, 26 Jun 2022 11:15:25 +0000 (UTC)
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: geert@linux-m68k.org, laurent@vivier.eu,
        linux-m68k@lists.linux-m68k.org, linux-kernel@vger.kernel.org
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH v2] m68k: virt: use RNG seed from bootinfo block
Date: Sun, 26 Jun 2022 13:15:09 +0200
Message-Id: <20220626111509.330159-1-Jason@zx2c4.com>
In-Reply-To: <Yrg6BzpKIJBTAVmO@zx2c4.com>
References: <Yrg6BzpKIJBTAVmO@zx2c4.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Other virt VMs can pass RNG seeds via the "rng-seed" device tree
property or via UEFI, but m68k doesn't have either. Instead it has its
own bootinfo protocol. So this commit adds support for receiving a RNG
seed from it, which will be used at the earliest possible time in boot,
just like device tree.

Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
---
 arch/m68k/include/uapi/asm/bootinfo-virt.h | 7 +++++++
 arch/m68k/virt/config.c                    | 9 +++++++++
 2 files changed, 16 insertions(+)

diff --git a/arch/m68k/include/uapi/asm/bootinfo-virt.h b/arch/m68k/include=
/uapi/asm/bootinfo-virt.h
index e4db7e2213ab..0cb2c2a41610 100644
--- a/arch/m68k/include/uapi/asm/bootinfo-virt.h
+++ b/arch/m68k/include/uapi/asm/bootinfo-virt.h
@@ -13,6 +13,13 @@
 #define BI_VIRT_VIRTIO_BASE	0x8004
 #define BI_VIRT_CTRL_BASE	0x8005
=20
+/* A random seed used to initialize the RNG. Record format:
+ *
+ *   - length       [ 2 bytes, 16-bit big endian ]
+ *   - seed data    [ `length` bytes ]
+ */
+#define BI_VIRT_RNG_SEED	0x8006
+
 #define VIRT_BOOTI_VERSION	MK_BI_VERSION(2, 0)
=20
 #endif /* _UAPI_ASM_M68K_BOOTINFO_MAC_H */
diff --git a/arch/m68k/virt/config.c b/arch/m68k/virt/config.c
index 632ba200ad42..645acc6918b2 100644
--- a/arch/m68k/virt/config.c
+++ b/arch/m68k/virt/config.c
@@ -2,6 +2,7 @@
=20
 #include <linux/reboot.h>
 #include <linux/serial_core.h>
+#include <linux/random.h>
 #include <clocksource/timer-goldfish.h>
=20
 #include <asm/bootinfo.h>
@@ -92,6 +93,14 @@ int __init virt_parse_bootinfo(const struct bi_record *r=
ecord)
 		data +=3D 4;
 		virt_bi_data.virtio.irq =3D be32_to_cpup(data);
 		break;
+	case BI_VIRT_RNG_SEED: {
+		u16 len =3D be16_to_cpup(data);
+		add_bootloader_randomness(data + 2, len);
+		/* Zero the data to preserve forward secrecy, and zero the
+		 * length to prevent kexec from using it. */
+		memzero_explicit((void *)data, len + 2);
+		break;
+	}
 	default:
 		unknown =3D 1;
 		break;
--=20
2.35.1