summaryrefslogtreecommitdiff
path: root/sys/arch
diff options
context:
space:
mode:
authorMark Kettenis <kettenis@cvs.openbsd.org>2018-04-08 13:27:23 +0000
committerMark Kettenis <kettenis@cvs.openbsd.org>2018-04-08 13:27:23 +0000
commit53660460f4a04e47f41c2d8c2f97768e89a9455f (patch)
treeb6ff0d49f9062250756b8a64a41e15e4b995409c /sys/arch
parentacc32b52fc74cbf7f496808734425f432b718013 (diff)
Add support for the EFI Random Number Generator Protocol and use it to XOR
random data into the buffer that we feed the kernel. ok deraadt@
Diffstat (limited to 'sys/arch')
-rw-r--r--sys/arch/arm64/stand/efiboot/Makefile8
-rw-r--r--sys/arch/arm64/stand/efiboot/conf.c4
-rw-r--r--sys/arch/arm64/stand/efiboot/efirng.c87
3 files changed, 93 insertions, 6 deletions
diff --git a/sys/arch/arm64/stand/efiboot/Makefile b/sys/arch/arm64/stand/efiboot/Makefile
index b93b19dc7c6..49247115a75 100644
--- a/sys/arch/arm64/stand/efiboot/Makefile
+++ b/sys/arch/arm64/stand/efiboot/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.4 2018/03/31 17:43:53 patrick Exp $
+# $OpenBSD: Makefile,v 1.5 2018/04/08 13:27:22 kettenis Exp $
NOMAN= #
@@ -8,8 +8,8 @@ PROG= BOOTAA64.EFI
OBJFMT= binary
INSTALL_STRIP=
BINDIR= /usr/mdec
-SRCS= start.S self_reloc.c efiboot.c conf.c exec.c efidev.c efipxe.c
-SRCS+= fdt.c
+SRCS= start.S self_reloc.c efiboot.c conf.c exec.c efidev.c
+SRCS+= efipxe.c efirng.c fdt.c
S= ${.CURDIR}/../../../..
EFIDIR= ${S}/stand/efi
@@ -43,7 +43,7 @@ CPPFLAGS+= -I${S} -I. -I${.CURDIR}
CPPFLAGS+= -I${EFIDIR}/include -I${EFIDIR}/include/arm64
CPPFLAGS+= -D_STANDALONE
CPPFLAGS+= -DSMALL -DSLOW -DNOBYFOUR -D__INTERNAL_LIBSA_CREAD
-CPPFLAGS+= -DNEEDS_HEAP_H
+CPPFLAGS+= -DNEEDS_HEAP_H -DFWRANDOM
COPTS+= -Wno-attributes -Wno-format
COPTS+= -ffreestanding -fno-stack-protector
COPTS+= -fshort-wchar -fPIC -fno-builtin
diff --git a/sys/arch/arm64/stand/efiboot/conf.c b/sys/arch/arm64/stand/efiboot/conf.c
index b2e4c8f3caa..5e8fd5fa0e7 100644
--- a/sys/arch/arm64/stand/efiboot/conf.c
+++ b/sys/arch/arm64/stand/efiboot/conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf.c,v 1.14 2018/03/31 17:44:57 patrick Exp $ */
+/* $OpenBSD: conf.c,v 1.15 2018/04/08 13:27:22 kettenis Exp $ */
/*
* Copyright (c) 1996 Michael Shalayeff
@@ -36,7 +36,7 @@
#include "efidev.h"
#include "efipxe.h"
-const char version[] = "0.12";
+const char version[] = "0.13";
int debug = 0;
struct fs_ops file_system[] = {
diff --git a/sys/arch/arm64/stand/efiboot/efirng.c b/sys/arch/arm64/stand/efiboot/efirng.c
new file mode 100644
index 00000000000..a90f86d57f7
--- /dev/null
+++ b/sys/arch/arm64/stand/efiboot/efirng.c
@@ -0,0 +1,87 @@
+/* $OpenBSD: efirng.c,v 1.1 2018/04/08 13:27:22 kettenis Exp $ */
+
+/*
+ * Copyright (c) 2018 Mark Kettenis <kettenis@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/param.h>
+
+#include <efi.h>
+#include <efiapi.h>
+
+#include "eficall.h"
+#include "libsa.h"
+
+extern EFI_BOOT_SERVICES *BS;
+
+/* Random Number Generator Protocol */
+
+#define EFI_RNG_PROTOCOL_GUID \
+ { 0x3152bca5, 0xeade, 0x433d, {0x86, 0x2e, 0xc0, 0x1c, 0xdc, 0x29, 0x1f, 0x44} }
+
+INTERFACE_DECL(_EFI_RNG_PROTOCOL);
+
+typedef EFI_GUID EFI_RNG_ALGORITHM;
+
+typedef
+EFI_STATUS
+(EFIAPI *EFI_RNG_GET_INFO) (
+ IN struct _EFI_RNG_PROTOCOL *This,
+ IN OUT UINTN *RNGAlgorithmListSize,
+ OUT EFI_RNG_ALGORITHM *RNGAlgorithmList
+ );
+
+typedef
+EFI_STATUS
+(EFIAPI *EFI_RNG_GET_RNG) (
+ IN struct _EFI_RNG_PROTOCOL *This,
+ IN EFI_RNG_ALGORITHM *RNGAlgorithm, OPTIONAL
+ IN UINTN RNGValueLength,
+ OUT UINT8 *RNGValue
+ );
+
+typedef struct _EFI_RNG_PROTOCOL {
+ EFI_RNG_GET_INFO GetInfo;
+ EFI_RNG_GET_RNG GetRNG;
+} EFI_RNG_PROTOCOL;
+
+static EFI_GUID rng_guid = EFI_RNG_PROTOCOL_GUID;
+
+void
+fwrandom(char *buf, size_t buflen)
+{
+ EFI_STATUS status;
+ EFI_RNG_PROTOCOL *rng = NULL;
+ UINT8 *random;
+ size_t i;
+
+ status = EFI_CALL(BS->LocateProtocol, &rng_guid, NULL, (void **)&rng);
+ if (rng == NULL || EFI_ERROR(status))
+ return;
+
+ random = alloc(buflen);
+
+ status = EFI_CALL(rng->GetRNG, rng, NULL, buflen, random);
+ if (EFI_ERROR(status)) {
+ printf("RNG GetRNG() failed (%d)\n", status);
+ goto out;
+ }
+
+ for (i = 0; i < buflen; i++)
+ buf[i] ^= random[i];
+
+out:
+ free(random, buflen);
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 03:47:01 +0000