m68k: virt: Use RNG seed from bootinfo block

zx2c4 · geertu · commit a1ee38ab1a75 · 2022-07-06T14:07:04.000+02:00
Other virt VMs can pass RNG seeds via the "rng-seed" device tree property or via UEFI, but m68k doesn't have either. Instead it has its own bootinfo protocol. So this commit adds support for receiving a RNG seed from it, which will be used at the earliest possible time in boot, just like device tree. Reviewed-by: Laurent Vivier <laurent@vivier.eu> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Link: https://lore.kernel.org/r/20220626111509.330159-1-Jason@zx2c4.com Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
diff --git a/arch/m68k/include/uapi/asm/bootinfo-virt.h b/arch/m68k/include/uapi/asm/bootinfo-virt.h
@@ -13,6 +13,14 @@
 #define BI_VIRT_VIRTIO_BASE	0x8004
 #define BI_VIRT_CTRL_BASE	0x8005
 
+/*
+ * A random seed used to initialize the RNG. Record format:
+ *
+ *   - length       [ 2 bytes, 16-bit big endian ]
+ *   - seed data    [ `length` bytes, padded to preserve 2-byte alignment ]
+ */
+#define BI_VIRT_RNG_SEED	0x8006
+
 #define VIRT_BOOTI_VERSION	MK_BI_VERSION(2, 0)
 
 #endif /* _UAPI_ASM_M68K_BOOTINFO_MAC_H */
diff --git a/arch/m68k/virt/config.c b/arch/m68k/virt/config.c
@@ -2,6 +2,7 @@
 
 #include <linux/reboot.h>
 #include <linux/serial_core.h>
+#include <linux/random.h>
 #include <clocksource/timer-goldfish.h>
 
 #include <asm/bootinfo.h>
@@ -92,6 +93,16 @@ int __init virt_parse_bootinfo(const struct bi_record *record)
 		data += 4;
 		virt_bi_data.virtio.irq = be32_to_cpup(data);
 		break;
+	case BI_VIRT_RNG_SEED: {
+		u16 len = be16_to_cpup(data);
+		add_bootloader_randomness(data + 2, len);
+		/*
+		 * Zero the data to preserve forward secrecy, and zero the
+		 * length to prevent kexec from using it.
+		 */
+		memzero_explicit((void *)data, len + 2);
+		break;
+	}
 	default:
 		unknown = 1;
 		break;
