TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / third_party / linux / 92d4c21e51fc12736c39c2a161a42f20e2be8a00 / . / drivers / firmware / efi / libstub / random.c
blob: 33ab567695951d6c3c9df4217d067fb53367a373 [file] [log] [blame]
David Brazdil0f672f62019-12-10 10:32:29 +0000[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]2/*
3 * Copyright (C) 2016 Linaro Ltd; <ard.biesheuvel@linaro.org>
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]4 */
5
6#include <linux/efi.h>
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]7#include <asm/efi.h>
8
9#include "efistub.h"
10
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]11typedef union efi_rng_protocol efi_rng_protocol_t;
12
13union efi_rng_protocol {
14 struct {
15 efi_status_t (__efiapi *get_info)(efi_rng_protocol_t *,
16 unsigned long *,
17 efi_guid_t *);
18 efi_status_t (__efiapi *get_rng)(efi_rng_protocol_t *,
19 efi_guid_t *, unsigned long,
20 u8 *out);
21 };
22 struct {
23 u32 get_info;
24 u32 get_rng;
25 } mixed_mode;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]26};
27
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]28/**
29 * efi_get_random_bytes() - fill a buffer with random bytes
30 * @size: size of the buffer
31 * @out: caller allocated buffer to receive the random bytes
32 *
33 * The call will fail if either the firmware does not implement the
34 * EFI_RNG_PROTOCOL or there are not enough random bytes available to fill
35 * the buffer.
36 *
37 * Return: status code
38 */
39efi_status_t efi_get_random_bytes(unsigned long size, u8 *out)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]40{
41 efi_guid_t rng_proto = EFI_RNG_PROTOCOL_GUID;
42 efi_status_t status;
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]43 efi_rng_protocol_t *rng = NULL;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]44
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]45 status = efi_bs_call(locate_protocol, &rng_proto, NULL, (void **)&rng);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]46 if (status != EFI_SUCCESS)
47 return status;
48
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]49 return efi_call_proto(rng, get_rng, NULL, size, out);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]50}
51
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]52/**
53 * efi_random_get_seed() - provide random seed as configuration table
54 *
55 * The EFI_RNG_PROTOCOL is used to read random bytes. These random bytes are
56 * saved as a configuration table which can be used as entropy by the kernel
57 * for the initialization of its pseudo random number generator.
58 *
59 * If the EFI_RNG_PROTOCOL is not available or there are not enough random bytes
60 * available, the configuration table will not be installed and an error code
61 * will be returned.
62 *
63 * Return: status code
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]64 */
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]65efi_status_t efi_random_get_seed(void)
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]66{
67 efi_guid_t rng_proto = EFI_RNG_PROTOCOL_GUID;
68 efi_guid_t rng_algo_raw = EFI_RNG_ALGORITHM_RAW;
69 efi_guid_t rng_table_guid = LINUX_EFI_RANDOM_SEED_TABLE_GUID;
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]70 efi_rng_protocol_t *rng = NULL;
71 struct linux_efi_random_seed *seed = NULL;
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]72 efi_status_t status;
73
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]74 status = efi_bs_call(locate_protocol, &rng_proto, NULL, (void **)&rng);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]75 if (status != EFI_SUCCESS)
76 return status;
77
Olivier Deprez92d4c212022-12-06 15:05:30 +0100[diff] [blame^]78 /*
79 * Use EFI_ACPI_RECLAIM_MEMORY here so that it is guaranteed that the
80 * allocation will survive a kexec reboot (although we refresh the seed
81 * beforehand)
82 */
83 status = efi_bs_call(allocate_pool, EFI_ACPI_RECLAIM_MEMORY,
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]84 sizeof(*seed) + EFI_RANDOM_SEED_SIZE,
85 (void **)&seed);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]86 if (status != EFI_SUCCESS)
87 return status;
88
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]89 status = efi_call_proto(rng, get_rng, &rng_algo_raw,
90 EFI_RANDOM_SEED_SIZE, seed->bits);
91
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]92 if (status == EFI_UNSUPPORTED)
93 /*
94 * Use whatever algorithm we have available if the raw algorithm
95 * is not implemented.
96 */
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]97 status = efi_call_proto(rng, get_rng, NULL,
98 EFI_RANDOM_SEED_SIZE, seed->bits);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]99
100 if (status != EFI_SUCCESS)
101 goto err_freepool;
102
103 seed->size = EFI_RANDOM_SEED_SIZE;
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]104 status = efi_bs_call(install_configuration_table, &rng_table_guid, seed);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]105 if (status != EFI_SUCCESS)
106 goto err_freepool;
107
108 return EFI_SUCCESS;
109
110err_freepool:
Olivier Deprez157378f2022-04-04 15:47:50 +0200[diff] [blame]111 efi_bs_call(free_pool, seed);
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]112 return status;
113}