From patchwork Wed Jan 20 16:38:10 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mark Brown <broonie@kernel.org>
X-Patchwork-Id: 367066
Delivered-To: patch@linaro.org
Received: by 2002:a02:a60d:0:0:0:0:0 with SMTP id c13csp629791jam;
 Wed, 20 Jan 2021 08:40:44 -0800 (PST)
X-Google-Smtp-Source: ABdhPJx+ttzJhRHlc5ZUnh5rWQu8BbcDKqLSgeaH2lIHEfTMnWWhAjItoRKodx43RV9fPVhN8kEw
X-Received: by 2002:a17:906:278b:: with SMTP id
 j11mr6692810ejc.438.1611160844774; 
 Wed, 20 Jan 2021 08:40:44 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1611160844; cv=none;
 d=google.com; s=arc-20160816;
 b=rvFsXMrvN3pzflIyv6oM923UXKQh7rwyE8tnXFbvs1DIE30hyeZMW0PY9gr20mUyKQ
 k30OJBxKSdpcdC2Sa4jQ9hsFIseFozOxwBIUi4B8aUEusaUGb6QfPbPhDXxaKDEIo5Yk
 LJQdRXzouERV0FD1g/iz48KGRN/a8FGzcKw4zM16jvaHDedRnKox8DVI9jvB0lCyu14o
 1yoZZQkWfC61xbeYstGJWv7x1V9Ef4D74s47pM1fxYS6TLyOsKQNlfH5oaB1PEpjajvk
 gdQYp/1kKyN9NBisYXLBmKE/hfutR/c9SKDU2uzluiV6ajiqoFHZk8kr4YCTP7sqGv5D
 AT9Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=list-id:precedence:content-transfer-encoding:mime-version
 :message-id:date:subject:cc:to:from:dkim-signature;
 bh=YKSX2heQLfF4bJXjwHdTh3OAX3ohpvrQ3qN1pmre2Gc=;
 b=hQnxVFx4Xl/j/qMLNBPE+lW7dNY+DcfpWCZqVqQP33HM/gTRcuh7IEH13NBMfmzJN/
 RYrPyxg7jSwPAj4Wk5n2T7/0R81iT6L/fpNd3UH5RcfmNB2LoYONGwoghBzvNLHX1EJC
 TQJKB2npg+5libwXRBCHRzAG0q3E0yCMgnSTKqVLcmtBiDkwsr2mGJWMd7dkT/vqp/bu
 iHB0OmvZxLXS52C71p6pHU/a82DivQbNKcBtAMiwr846RrSeCihYaLiW5vAk10FPOXbD
 wjofat1WnMBCnpsDi4DvjidkOQ6xcmKlPT+Cbr8iB97VwepRST94bO/ZM8eEjPD7n67t
 kiOw==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BTfXwMip; 
 spf=pass (google.com: domain of linux-efi-owner@vger.kernel.org
 designates 23.128.96.18 as permitted sender)
 smtp.mailfrom=linux-efi-owner@vger.kernel.org; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-efi-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
 by mx.google.com with ESMTP id n11si843347eje.293.2021.01.20.08.40.44;
 Wed, 20 Jan 2021 08:40:44 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-efi-owner@vger.kernel.org
 designates 23.128.96.18 as permitted sender)
 client-ip=23.128.96.18; 
Authentication-Results: mx.google.com;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BTfXwMip; 
 spf=pass (google.com: domain of linux-efi-owner@vger.kernel.org
 designates 23.128.96.18 as permitted sender)
 smtp.mailfrom=linux-efi-owner@vger.kernel.org; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1726694AbhATQkU (ORCPT <rfc822;patch@linaro.org> + 1 other);
 Wed, 20 Jan 2021 11:40:20 -0500
Received: from mail.kernel.org ([198.145.29.99]:51574 "EHLO mail.kernel.org"
 rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
 id S2391580AbhATQjf (ORCPT <rfc822;linux-efi@vger.kernel.org>);
 Wed, 20 Jan 2021 11:39:35 -0500
Received: by mail.kernel.org (Postfix) with ESMTPSA id EE82223358;
 Wed, 20 Jan 2021 16:38:54 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
 s=k20201202; t=1611160735;
 bh=iEApgplDtm8lPwRtxhGxbaMnpeicweHkW/js70sakAQ=;
 h=From:To:Cc:Subject:Date:From;
 b=BTfXwMipflxxsNXpiCjD4OOMwgi1I2IJqUhJXejc12D91hnZpUnFBpq7EMhlkjZlN
 LU9TjlooUNK9pZYggydItgz76/sn+AHU//ii8Ls3wRKd4/m8F+9nFM3l6CT/ns0kDm
 TWKziUtDF1N+DJ2flOStF94KGNg1KHTAzu+qCN1s+N4vWdLKt1A72a+1Lg9Sewz/TI
 cHDVMveTNzAdXeubvMSqFhD6Ts96fy7RMbcJ4cY/axptAyAS1FUFXhKChTM67m96oT
 G8s+PsbLwYdXDehZsxofdawpb07Nl7Uj3IdUt9L18qOy/3UG0qeJvp5DqsAul2QOy+
 0ZQUC5EAa+3YQ==
From: Mark Brown <broonie@kernel.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
 Mark Brown <broonie@kernel.org>
Subject: [PATCH v2] efi/arm64: Update debug prints to reflect other entropy
 sources
Date: Wed, 20 Jan 2021 16:38:10 +0000
Message-Id: <20210120163810.14973-1-broonie@kernel.org>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-efi.vger.kernel.org>
X-Mailing-List: linux-efi@vger.kernel.org

Currently the EFI stub prints a diagnostic on boot saying that KASLR will
be disabled if it is unable to use the EFI RNG protocol to obtain a seed
for KASLR.  With the addition of support for v8.5-RNG and the SMCCC RNG
protocol it is now possible for KASLR to obtain entropy even if the EFI
RNG protocol is unsupported in the system, and the main kernel now
explicitly says if KASLR is active itself.  This can result in a boot
log where the stub says KASLR has been disabled and the main kernel says
that it is enabled which is confusing for users.

Remove the explicit reference to KASLR from the diagnostics, the warnings
are still useful as EFI is the only source of entropy the stub uses when
randomizing the physical address of the kernel and the other sources may
not be available.

Signed-off-by: Mark Brown <broonie@kernel.org>
---

v2: Remove all reference to KASLR from the log messages and clarify
    physical address randomization use of the EFI RNG seed.

 drivers/firmware/efi/libstub/arm64-stub.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.20.1

diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c
index 22ece1ad68a8..b69d63143e0d 100644
--- a/drivers/firmware/efi/libstub/arm64-stub.c
+++ b/drivers/firmware/efi/libstub/arm64-stub.c
@@ -61,10 +61,10 @@ efi_status_t handle_kernel_image(unsigned long *image_addr,
 			status = efi_get_random_bytes(sizeof(phys_seed),
 						      (u8 *)&phys_seed);
 			if (status == EFI_NOT_FOUND) {
-				efi_info("EFI_RNG_PROTOCOL unavailable, KASLR will be disabled\n");
+				efi_info("EFI_RNG_PROTOCOL unavailable\n");
 				efi_nokaslr = true;
 			} else if (status != EFI_SUCCESS) {
-				efi_err("efi_get_random_bytes() failed (0x%lx), KASLR will be disabled\n",
+				efi_err("efi_get_random_bytes() failed (0x%lx)\n",
 					status);
 				efi_nokaslr = true;
 			}