diff options
| author | Mark Kettenis <kettenis@cvs.openbsd.org> | 2018-04-08 13:27:23 +0000 |
|---|---|---|
| committer | Mark Kettenis <kettenis@cvs.openbsd.org> | 2018-04-08 13:27:23 +0000 |
| commit | 53660460f4a04e47f41c2d8c2f97768e89a9455f (patch) | |
| tree | b6ff0d49f9062250756b8a64a41e15e4b995409c | |
| parent | acc32b52fc74cbf7f496808734425f432b718013 (diff) | |
Add support for the EFI Random Number Generator Protocol and use it to XOR
random data into the buffer that we feed the kernel.
ok deraadt@
| -rw-r--r-- | sys/arch/arm64/stand/efiboot/Makefile | 8 | ||||
| -rw-r--r-- | sys/arch/arm64/stand/efiboot/conf.c | 4 | ||||
| -rw-r--r-- | sys/arch/arm64/stand/efiboot/efirng.c | 87 |
3 files changed, 93 insertions, 6 deletions
diff --git a/sys/arch/arm64/stand/efiboot/Makefile b/sys/arch/arm64/stand/efiboot/Makefile index b93b19dc7c6..49247115a75 100644 --- a/sys/arch/arm64/stand/efiboot/Makefile +++ b/sys/arch/arm64/stand/efiboot/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2018/03/31 17:43:53 patrick Exp $ +# $OpenBSD: Makefile,v 1.5 2018/04/08 13:27:22 kettenis Exp $ NOMAN= # @@ -8,8 +8,8 @@ PROG= BOOTAA64.EFI OBJFMT= binary INSTALL_STRIP= BINDIR= /usr/mdec -SRCS= start.S self_reloc.c efiboot.c conf.c exec.c efidev.c efipxe.c -SRCS+= fdt.c +SRCS= start.S self_reloc.c efiboot.c conf.c exec.c efidev.c +SRCS+= efipxe.c efirng.c fdt.c S= ${.CURDIR}/../../../.. EFIDIR= ${S}/stand/efi @@ -43,7 +43,7 @@ CPPFLAGS+= -I${S} -I. -I${.CURDIR} CPPFLAGS+= -I${EFIDIR}/include -I${EFIDIR}/include/arm64 CPPFLAGS+= -D_STANDALONE CPPFLAGS+= -DSMALL -DSLOW -DNOBYFOUR -D__INTERNAL_LIBSA_CREAD -CPPFLAGS+= -DNEEDS_HEAP_H +CPPFLAGS+= -DNEEDS_HEAP_H -DFWRANDOM COPTS+= -Wno-attributes -Wno-format COPTS+= -ffreestanding -fno-stack-protector COPTS+= -fshort-wchar -fPIC -fno-builtin diff --git a/sys/arch/arm64/stand/efiboot/conf.c b/sys/arch/arm64/stand/efiboot/conf.c index b2e4c8f3caa..5e8fd5fa0e7 100644 --- a/sys/arch/arm64/stand/efiboot/conf.c +++ b/sys/arch/arm64/stand/efiboot/conf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.c,v 1.14 2018/03/31 17:44:57 patrick Exp $ */ +/* $OpenBSD: conf.c,v 1.15 2018/04/08 13:27:22 kettenis Exp $ */ /* * Copyright (c) 1996 Michael Shalayeff @@ -36,7 +36,7 @@ #include "efidev.h" #include "efipxe.h" -const char version[] = "0.12"; +const char version[] = "0.13"; int debug = 0; struct fs_ops file_system[] = { diff --git a/sys/arch/arm64/stand/efiboot/efirng.c b/sys/arch/arm64/stand/efiboot/efirng.c new file mode 100644 index 00000000000..a90f86d57f7 --- /dev/null +++ b/sys/arch/arm64/stand/efiboot/efirng.c @@ -0,0 +1,87 @@ +/* $OpenBSD: efirng.c,v 1.1 2018/04/08 13:27:22 kettenis Exp $ */ + +/* + * Copyright (c) 2018 Mark Kettenis <kettenis@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <sys/param.h> + +#include <efi.h> +#include <efiapi.h> + +#include "eficall.h" +#include "libsa.h" + +extern EFI_BOOT_SERVICES *BS; + +/* Random Number Generator Protocol */ + +#define EFI_RNG_PROTOCOL_GUID \ + { 0x3152bca5, 0xeade, 0x433d, {0x86, 0x2e, 0xc0, 0x1c, 0xdc, 0x29, 0x1f, 0x44} } + +INTERFACE_DECL(_EFI_RNG_PROTOCOL); + +typedef EFI_GUID EFI_RNG_ALGORITHM; + +typedef +EFI_STATUS +(EFIAPI *EFI_RNG_GET_INFO) ( + IN struct _EFI_RNG_PROTOCOL *This, + IN OUT UINTN *RNGAlgorithmListSize, + OUT EFI_RNG_ALGORITHM *RNGAlgorithmList + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_RNG_GET_RNG) ( + IN struct _EFI_RNG_PROTOCOL *This, + IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL + IN UINTN RNGValueLength, + OUT UINT8 *RNGValue + ); + +typedef struct _EFI_RNG_PROTOCOL { + EFI_RNG_GET_INFO GetInfo; + EFI_RNG_GET_RNG GetRNG; +} EFI_RNG_PROTOCOL; + +static EFI_GUID rng_guid = EFI_RNG_PROTOCOL_GUID; + +void +fwrandom(char *buf, size_t buflen) +{ + EFI_STATUS status; + EFI_RNG_PROTOCOL *rng = NULL; + UINT8 *random; + size_t i; + + status = EFI_CALL(BS->LocateProtocol, &rng_guid, NULL, (void **)&rng); + if (rng == NULL || EFI_ERROR(status)) + return; + + random = alloc(buflen); + + status = EFI_CALL(rng->GetRNG, rng, NULL, buflen, random); + if (EFI_ERROR(status)) { + printf("RNG GetRNG() failed (%d)\n", status); + goto out; + } + + for (i = 0; i < buflen; i++) + buf[i] ^= random[i]; + +out: + free(random, buflen); +} |