Date: Tue, 10 Nov 2015 12:24:05 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: kernel-hardening@...ts.openwall.com, Marcus Meissner <meissner@...e.de> Cc: Matthew Garrett <mjg59@...f.ucam.org>, Theodore Tso <tytso@...gle.com>, Emese Revfy <re.emese@...il.com>, Kees Cook <keescook@...omium.org>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Greg KH <gregkh@...uxfoundation.org>, Josh Triplett <josh@...htriplett.org> Subject: Re: Re: Proposal for kernel self protection features On mar., 2015-11-10 at 11:47 +0100, Marcus Meissner wrote: > The kernel has infrastructure for this (feeding hardware random generators > into the random pool) these days. > > e.g. > drivers/char/hw_random/tpm-rng.c Thanks, I was missing those bits. Actually those are in (on v4.3, starting from drivers/char/hw_random/core.c#L483): hwrng_register() add_early_randomness() rng_get_data() add_device_randomness() but as far as I can tell it only gets called once when registering the hwrng driver, and only if the RNG driver doesn't define an init function (tpm-rng doesn't). But that's still better than no randomness at all. Regards, -- Yves-Alexis Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.