Re: [kernel-hardening] [PATCH v7 0/9] x86/mm: memory area address KASLR

From: Jason Cooper
Date: Wed Jun 22 2016 - 08:47:35 EST


Hey Kees,

On Tue, Jun 21, 2016 at 05:46:57PM -0700, Kees Cook wrote:
> Notable problems that needed solving:
...
> - Reasonable entropy is needed early at boot before get_random_bytes()
> is available.

This series is targetting x86, which typically has RDRAND/RDSEED
instructions. Are you referring to other arches? Older x86? Also,
isn't this the same requirement for base address KASLR?

Don't get me wrong, I want more diverse entropy sources available
earlier in the boot process as well. :-) I'm just wondering what's
different about this series vs base address KASLR wrt early entropy
sources.

thx,

Jason.