Re: [PATCH v5 75/75] x86/sev-es: Check required CPU features for SEV-ES
From: Kees Cook
Date: Fri Jul 24 2020 - 13:55:56 EST
On Fri, Jul 24, 2020 at 06:03:36PM +0200, Joerg Roedel wrote:
> From: Martin Radev <martin.b.radev@xxxxxxxxx>
>
> Make sure the machine supports RDRAND, otherwise there is no trusted
> source of of randomness in the system.
>
> To also check this in the pre-decompression stage, make has_cpuflag
> not depend on CONFIG_RANDOMIZE_BASE anymore.
>
> Signed-off-by: Martin Radev <martin.b.radev@xxxxxxxxx>
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
--
Kees Cook