Re: [kernel-hardening] [PATCH v7 0/9] x86/mm: memory area address KASLR
From: Jason Cooper
Date: Wed Jun 22 2016 - 08:47:35 EST
Hey Kees,
On Tue, Jun 21, 2016 at 05:46:57PM -0700, Kees Cook wrote:
> Notable problems that needed solving:
...
> - Reasonable entropy is needed early at boot before get_random_bytes()
> is available.
This series is targetting x86, which typically has RDRAND/RDSEED
instructions. Are you referring to other arches? Older x86? Also,
isn't this the same requirement for base address KASLR?
Don't get me wrong, I want more diverse entropy sources available
earlier in the boot process as well. :-) I'm just wondering what's
different about this series vs base address KASLR wrt early entropy
sources.
thx,
Jason.