diff options
| author | George Spelvin <lkml@SDF.ORG> | 2020-03-30 20:38:01 +0300 |
|---|---|---|
| committer | Will Deacon <will@kernel.org> | 2020-04-28 15:55:51 +0300 |
| commit | 99ee28d99607d15c6b88c4a9b9fb4a9f0ebf598c (patch) | |
| tree | 7715e2cea292b716d4042c947891333a6cadbd30 /arch/arm64/kernel/machine_kexec_file.c | |
| parent | 348a625deef13d7f8537b9704d29d05cafdd8e72 (diff) | |
| download | linux-99ee28d99607d15c6b88c4a9b9fb4a9f0ebf598c.tar.xz | |
arm64: kexec_file: Avoid temp buffer for RNG seed
After using get_random_bytes(), you want to wipe the buffer
afterward so the seed remains secret.
In this case, we can eliminate the temporary buffer entirely.
fdt_setprop_placeholder() returns a pointer to the property value
buffer, allowing us to put the random data directly in there without
using a temporary buffer at all. Faster and less stack all in one.
Signed-off-by: George Spelvin <lkml@sdf.org>
Acked-by: Will Deacon <will@kernel.org>
Cc: Hsin-Yi Wang <hsinyi@chromium.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: linux-arm-kernel@lists.infradead.org
Link: https://lore.kernel.org/r/20200330173801.GA9199@SDF.ORG
Signed-off-by: Will Deacon <will@kernel.org>
Diffstat (limited to 'arch/arm64/kernel/machine_kexec_file.c')
| -rw-r--r-- | arch/arm64/kernel/machine_kexec_file.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/arch/arm64/kernel/machine_kexec_file.c b/arch/arm64/kernel/machine_kexec_file.c index b40c3b0def92..e5cbf91aadfe 100644 --- a/arch/arm64/kernel/machine_kexec_file.c +++ b/arch/arm64/kernel/machine_kexec_file.c @@ -138,12 +138,12 @@ static int setup_dtb(struct kimage *image, /* add rng-seed */ if (rng_is_initialized()) { - u8 rng_seed[RNG_SEED_SIZE]; - get_random_bytes(rng_seed, RNG_SEED_SIZE); - ret = fdt_setprop(dtb, off, FDT_PROP_RNG_SEED, rng_seed, - RNG_SEED_SIZE); + void *rng_seed; + ret = fdt_setprop_placeholder(dtb, off, FDT_PROP_RNG_SEED, + RNG_SEED_SIZE, &rng_seed); if (ret) goto out; + get_random_bytes(rng_seed, RNG_SEED_SIZE); } else { pr_notice("RNG is not initialised: omitting \"%s\" property\n", FDT_PROP_RNG_SEED); |