feat: initialize random entropy from device tree

cartesi · Sep 28, 2023 · 15982d6 · 15982d6
1 parent d19e792
commit 15982d6
Show file tree

Hide file tree

Showing 4 changed files with 250 additions and 4 deletions.
diff --git a/src/cartesi-machine.lua b/src/cartesi-machine.lua
@@ -402,8 +402,8 @@ local memory_range_replace = {}
 local ram_image_filename = images_path .. "linux.bin"
 local ram_length = 64 << 20
 local rom_image_filename = nil
-local rom_bootargs =
-    "console=hvc0 rootfstype=ext2 root=/dev/mtdblock0 rw quiet swiotlb=noforce init=/opt/cartesi/bin/init"
+local rom_bootargs = "console=hvc0 rootfstype=ext2 root=/dev/mtdblock0 rw quiet \z
+                      swiotlb=noforce init=/opt/cartesi/bin/init random.trust_bootloader=on"
 local rollup
 local uarch
 local rollup_advance

diff --git a/src/machine.cpp b/src/machine.cpp
@@ -64,12 +64,16 @@ const pma_entry::flags machine::m_ram_flags{
     PMA_ISTART_DID::memory // DID
 };
 
+// The ROM is not really read-only, this might seem counter-intuitive at first.
+// When we pass a RNG seed in a FDT stored in ROM,
+// Linux will wipe out its contents as a security measure,
+// therefore we need to make ROM writable, otherwise boot will hang.
 const pma_entry::flags machine::m_rom_flags{
     true,                  // R
-    false,                 // W
+    true,                  // W
     true,                  // X
     true,                  // IR
-    false,                 // IW
+    true,                  // IW
     PMA_ISTART_DID::memory // DID
 };