drivers/firmware/efi/libstub/random.c

   1 /*
   2  * Copyright (C) 2016 Linaro Ltd;  <ard.biesheuvel@linaro.org>
   3  *
   4  * This program is free software; you can redistribute it and/or modify
   5  * it under the terms of the GNU General Public License version 2 as
   6  * published by the Free Software Foundation.
   7  *
   8  */
   9
  10 #include <linux/efi.h>
  11 #include <linux/log2.h>
  12 #include <asm/efi.h>
  13
  14 #include "efistub.h"
  15
  16 struct efi_rng_protocol {
  17         efi_status_t (*get_info)(struct efi_rng_protocol *,
  18                                  unsigned long *, efi_guid_t *);
  19         efi_status_t (*get_rng)(struct efi_rng_protocol *,
  20                                 efi_guid_t *, unsigned long, u8 *out);
  21 };
  22
  23 efi_status_t efi_get_random_bytes(efi_system_table_t *sys_table_arg,
  24                                   unsigned long size, u8 *out)
  25 {
  26         efi_guid_t rng_proto = EFI_RNG_PROTOCOL_GUID;
  27         efi_status_t status;
  28         struct efi_rng_protocol *rng;
  29
  30         status = efi_call_early(locate_protocol, &rng_proto, NULL,
  31                                 (void **)&rng);
  32         if (status != EFI_SUCCESS)
  33                 return status;
  34
  35         return rng->get_rng(rng, NULL, size, out);
  36 }
  37
  38 /*
  39  * Return the number of slots covered by this entry, i.e., the number of
  40  * addresses it covers that are suitably aligned and supply enough room
  41  * for the allocation.
  42  */
  43 static unsigned long get_entry_num_slots(efi_memory_desc_t *md,
  44                                          unsigned long size,
  45                                          unsigned long align_shift)
  46 {
  47         unsigned long align = 1UL << align_shift;
  48         u64 first_slot, last_slot, region_end;
  49
  50         if (md->type != EFI_CONVENTIONAL_MEMORY)
  51                 return 0;
  52
  53         region_end = min((u64)ULONG_MAX, md->phys_addr + md->num_pages*EFI_PAGE_SIZE - 1);
  54
  55         first_slot = round_up(md->phys_addr, align);
  56         last_slot = round_down(region_end - size + 1, align);
  57
  58         if (first_slot > last_slot)
  59                 return 0;
  60
  61         return ((unsigned long)(last_slot - first_slot) >> align_shift) + 1;
  62 }
  63
  64 /*
  65  * The UEFI memory descriptors have a virtual address field that is only used
  66  * when installing the virtual mapping using SetVirtualAddressMap(). Since it
  67  * is unused here, we can reuse it to keep track of each descriptor's slot
  68  * count.
  69  */
  70 #define MD_NUM_SLOTS(md)        ((md)->virt_addr)
  71
  72 efi_status_t efi_random_alloc(efi_system_table_t *sys_table_arg,
  73                               unsigned long size,
  74                               unsigned long align,
  75                               unsigned long *addr,
  76                               unsigned long random_seed)
  77 {
  78         unsigned long map_size, desc_size, total_slots = 0, target_slot;
  79         unsigned long buff_size;
  80         efi_status_t status;
  81         efi_memory_desc_t *memory_map;
  82         int map_offset;
  83         struct efi_boot_memmap map;
  84
  85         map.map =       &memory_map;
  86         map.map_size =  &map_size;
  87         map.desc_size = &desc_size;
  88         map.desc_ver =  NULL;
  89         map.key_ptr =   NULL;
  90         map.buff_size = &buff_size;
  91
  92         status = efi_get_memory_map(sys_table_arg, &map);
  93         if (status != EFI_SUCCESS)
  94                 return status;
  95
  96         if (align < EFI_ALLOC_ALIGN)
  97                 align = EFI_ALLOC_ALIGN;
  98
  99         /* count the suitable slots in each memory map entry */
 100         for (map_offset = 0; map_offset < map_size; map_offset += desc_size) {
 101                 efi_memory_desc_t *md = (void *)memory_map + map_offset;
 102                 unsigned long slots;
 103
 104                 slots = get_entry_num_slots(md, size, ilog2(align));
 105                 MD_NUM_SLOTS(md) = slots;
 106                 total_slots += slots;
 107         }
 108
 109         /* find a random number between 0 and total_slots */
 110         target_slot = (total_slots * (u16)random_seed) >> 16;
 111
 112         /*
 113          * target_slot is now a value in the range [0, total_slots), and so
 114          * it corresponds with exactly one of the suitable slots we recorded
 115          * when iterating over the memory map the first time around.
 116          *
 117          * So iterate over the memory map again, subtracting the number of
 118          * slots of each entry at each iteration, until we have found the entry
 119          * that covers our chosen slot. Use the residual value of target_slot
 120          * to calculate the randomly chosen address, and allocate it directly
 121          * using EFI_ALLOCATE_ADDRESS.
 122          */
 123         for (map_offset = 0; map_offset < map_size; map_offset += desc_size) {
 124                 efi_memory_desc_t *md = (void *)memory_map + map_offset;
 125                 efi_physical_addr_t target;
 126                 unsigned long pages;
 127
 128                 if (target_slot >= MD_NUM_SLOTS(md)) {
 129                         target_slot -= MD_NUM_SLOTS(md);
 130                         continue;
 131                 }
 132
 133                 target = round_up(md->phys_addr, align) + target_slot * align;
 134                 pages = round_up(size, EFI_PAGE_SIZE) / EFI_PAGE_SIZE;
 135
 136                 status = efi_call_early(allocate_pages, EFI_ALLOCATE_ADDRESS,
 137                                         EFI_LOADER_DATA, pages, &target);
 138                 if (status == EFI_SUCCESS)
 139                         *addr = target;
 140                 break;
 141         }
 142
 143         efi_call_early(free_pool, memory_map);
 144
 145         return status;
 146 }
 147
 148 #define RANDOM_SEED_SIZE        32
 149
 150 efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg)
 151 {
 152         efi_guid_t rng_proto = EFI_RNG_PROTOCOL_GUID;
 153         efi_guid_t rng_algo_raw = EFI_RNG_ALGORITHM_RAW;
 154         efi_guid_t rng_table_guid = LINUX_EFI_RANDOM_SEED_TABLE_GUID;
 155         struct efi_rng_protocol *rng;
 156         struct linux_efi_random_seed *seed;
 157         efi_status_t status;
 158
 159         status = efi_call_early(locate_protocol, &rng_proto, NULL,
 160                                 (void **)&rng);
 161         if (status != EFI_SUCCESS)
 162                 return status;
 163
 164         status = efi_call_early(allocate_pool, EFI_RUNTIME_SERVICES_DATA,
 165                                 sizeof(*seed) + RANDOM_SEED_SIZE,
 166                                 (void **)&seed);
 167         if (status != EFI_SUCCESS)
 168                 return status;
 169
 170         status = rng->get_rng(rng, &rng_algo_raw, RANDOM_SEED_SIZE,
 171                               seed->bits);
 172         if (status == EFI_UNSUPPORTED)
 173                 /*
 174                  * Use whatever algorithm we have available if the raw algorithm
 175                  * is not implemented.
 176                  */
 177                 status = rng->get_rng(rng, NULL, RANDOM_SEED_SIZE,
 178                                       seed->bits);
 179
 180         if (status != EFI_SUCCESS)
 181                 goto err_freepool;
 182
 183         seed->size = RANDOM_SEED_SIZE;
 184         status = efi_call_early(install_configuration_table, &rng_table_guid,
 185                                 seed);
 186         if (status != EFI_SUCCESS)
 187                 goto err_freepool;
 188
 189         return EFI_SUCCESS;
 190
 191 err_freepool:
 192         efi_call_early(free_pool, seed);
 193         return status;
 194 }