1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright IBM Corp. 2019 4 */ 5 #include <asm/mem_detect.h> 6 #include <asm/cpacf.h> 7 #include <asm/timex.h> 8 #include <asm/sclp.h> 9 #include "compressed/decompressor.h" 10 11 #define PRNG_MODE_TDES 1 12 #define PRNG_MODE_SHA512 2 13 #define PRNG_MODE_TRNG 3 14 15 struct prno_parm { 16 u32 res; 17 u32 reseed_counter; 18 u64 stream_bytes; 19 u8 V[112]; 20 u8 C[112]; 21 }; 22 23 struct prng_parm { 24 u8 parm_block[32]; 25 u32 reseed_counter; 26 u64 byte_counter; 27 }; 28 29 static int check_prng(void) 30 { 31 if (!cpacf_query_func(CPACF_KMC, CPACF_KMC_PRNG)) { 32 sclp_early_printk("KASLR disabled: CPU has no PRNG\n"); 33 return 0; 34 } 35 if (cpacf_query_func(CPACF_PRNO, CPACF_PRNO_TRNG)) 36 return PRNG_MODE_TRNG; 37 if (cpacf_query_func(CPACF_PRNO, CPACF_PRNO_SHA512_DRNG_GEN)) 38 return PRNG_MODE_SHA512; 39 else 40 return PRNG_MODE_TDES; 41 } 42 43 static unsigned long get_random(unsigned long limit) 44 { 45 struct prng_parm prng = { 46 /* initial parameter block for tdes mode, copied from libica */ 47 .parm_block = { 48 0x0F, 0x2B, 0x8E, 0x63, 0x8C, 0x8E, 0xD2, 0x52, 49 0x64, 0xB7, 0xA0, 0x7B, 0x75, 0x28, 0xB8, 0xF4, 50 0x75, 0x5F, 0xD2, 0xA6, 0x8D, 0x97, 0x11, 0xFF, 51 0x49, 0xD8, 0x23, 0xF3, 0x7E, 0x21, 0xEC, 0xA0 52 }, 53 }; 54 unsigned long seed, random; 55 struct prno_parm prno; 56 __u64 entropy[4]; 57 int mode, i; 58 59 mode = check_prng(); 60 seed = get_tod_clock_fast(); 61 switch (mode) { 62 case PRNG_MODE_TRNG: 63 cpacf_trng(NULL, 0, (u8 *) &random, sizeof(random)); 64 break; 65 case PRNG_MODE_SHA512: 66 cpacf_prno(CPACF_PRNO_SHA512_DRNG_SEED, &prno, NULL, 0, 67 (u8 *) &seed, sizeof(seed)); 68 cpacf_prno(CPACF_PRNO_SHA512_DRNG_GEN, &prno, (u8 *) &random, 69 sizeof(random), NULL, 0); 70 break; 71 case PRNG_MODE_TDES: 72 /* add entropy */ 73 *(unsigned long *) prng.parm_block ^= seed; 74 for (i = 0; i < 16; i++) { 75 cpacf_kmc(CPACF_KMC_PRNG, prng.parm_block, 76 (char *) entropy, (char *) entropy, 77 sizeof(entropy)); 78 memcpy(prng.parm_block, entropy, sizeof(entropy)); 79 } 80 random = seed; 81 cpacf_kmc(CPACF_KMC_PRNG, prng.parm_block, (u8 *) &random, 82 (u8 *) &random, sizeof(random)); 83 break; 84 default: 85 random = 0; 86 } 87 return random % limit; 88 } 89 90 unsigned long get_random_base(unsigned long safe_addr) 91 { 92 unsigned long base, start, end, kernel_size; 93 unsigned long block_sum, offset; 94 int i; 95 96 if (IS_ENABLED(CONFIG_BLK_DEV_INITRD) && INITRD_START && INITRD_SIZE) { 97 if (safe_addr < INITRD_START + INITRD_SIZE) 98 safe_addr = INITRD_START + INITRD_SIZE; 99 } 100 safe_addr = ALIGN(safe_addr, THREAD_SIZE); 101 102 kernel_size = vmlinux.image_size + vmlinux.bss_size; 103 block_sum = 0; 104 for_each_mem_detect_block(i, &start, &end) { 105 if (memory_end_set) { 106 if (start >= memory_end) 107 break; 108 if (end > memory_end) 109 end = memory_end; 110 } 111 if (end - start < kernel_size) 112 continue; 113 block_sum += end - start - kernel_size; 114 } 115 if (!block_sum) { 116 sclp_early_printk("KASLR disabled: not enough memory\n"); 117 return 0; 118 } 119 120 base = get_random(block_sum); 121 if (base == 0) 122 return 0; 123 if (base < safe_addr) 124 base = safe_addr; 125 block_sum = offset = 0; 126 for_each_mem_detect_block(i, &start, &end) { 127 if (memory_end_set) { 128 if (start >= memory_end) 129 break; 130 if (end > memory_end) 131 end = memory_end; 132 } 133 if (end - start < kernel_size) 134 continue; 135 block_sum += end - start - kernel_size; 136 if (base <= block_sum) { 137 base = start + base - offset; 138 base = ALIGN_DOWN(base, THREAD_SIZE); 139 break; 140 } 141 offset = block_sum; 142 } 143 return base; 144 } 145