From mboxrd@z Thu Jan 1 00:00:00 1970 Reply-To: kernel-hardening@lists.openwall.com MIME-Version: 1.0 References: <20160623193358.GL9922@io.lakedaemon.net> <20160624011115.GU9922@io.lakedaemon.net> <20160624160238.GV9922@io.lakedaemon.net> <20160630214856.GI9922@io.lakedaemon.net> In-Reply-To: <20160630214856.GI9922@io.lakedaemon.net> From: Thomas Garnier Date: Thu, 30 Jun 2016 21:56:27 +0000 Message-ID: Content-Type: multipart/alternative; boundary=94eb2c1154dcb4eb20053685f19b Subject: [kernel-hardening] Re: devicetree random-seed properties, was: "Re: [PATCH v7 0/9] x86/mm: memory area address KASLR" To: Jason Cooper , Andy Lutomirski Cc: Kees Cook , Ard Biesheuvel , "kernel-hardening@lists.openwall.com" , Ingo Molnar , Andy Lutomirski , "x86@kernel.org" , Borislav Petkov , Baoquan He , Yinghai Lu , Juergen Gross , Matt Fleming , Toshi Kani , Andrew Morton , Dan Williams , "Kirill A. Shutemov" , Dave Hansen , Xiao Guangrong , Martin Schwidefsky , "Aneesh Kumar K.V" , Alexander Kuleshov , Alexander Popov , Dave Young , Joerg Roedel , Lv Zheng , Mark Salter , Dmitry Vyukov , Stephen Smalley , Boris Ostrovsky , Christian Borntraeger , Jan Beulich , LKML , Jonathan Corbet , "linux-doc@vger.kernel.org" List-ID: --94eb2c1154dcb4eb20053685f19b Content-Type: text/plain; charset=UTF-8 So would I! On Thu, Jun 30, 2016, 2:49 PM Jason Cooper wrote: > On Fri, Jun 24, 2016 at 01:40:41PM -0700, Andy Lutomirski wrote: > > On Fri, Jun 24, 2016 at 12:04 PM, Kees Cook > wrote: > > > On Fri, Jun 24, 2016 at 9:02 AM, Jason Cooper > wrote: > > >> Thomas, > > >> > > >> Sorry for wandering off the topic of your series. The big take away > for > > >> me is that you and Kees are concerned about x86 systems pre-RDRAND. > > >> Just as I'm concerned about deployed embedded systems without > bootloader > > >> support for hw-rngs and so forth. > > >> > > >> Whatever final form the approach takes for ARM/dt, I'll make sure we > can > > >> extend it to legacy x86 systems. > > > > > > Yeah, this seems like a productive conversation to me. :) > > > > I have an old patch and spec I need to dust off that does this during > > *very* early boot on x86 using MSRs so that kASLR can use it. > > I'd love to see that. ;-) > > thx, > > Jason. > -- Thomas --94eb2c1154dcb4eb20053685f19b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

So would I!


On Thu, Jun 30, 2016, 2:49 = PM Jason Cooper <jason@lakedaemo= n.net> wrote:
On Fri, Jun 24= , 2016 at 01:40:41PM -0700, Andy Lutomirski wrote:
> On Fri, Jun 24, 2016 at 12:04 PM, Kees Cook <keescook@chromium.org> wrote: > > On Fri, Jun 24, 2016 at 9:02 AM, Jason Cooper <jason@lakedaemon.net> wro= te:
> >> Thomas,
> >>
> >> Sorry for wandering off the topic of your series.=C2=A0 The b= ig take away for
> >> me is that you and Kees are concerned about x86 systems pre-R= DRAND.
> >> Just as I'm concerned about deployed embedded systems wit= hout bootloader
> >> support for hw-rngs and so forth.
> >>
> >> Whatever final form the approach takes for ARM/dt, I'll m= ake sure we can
> >> extend it to legacy x86 systems.
> >
> > Yeah, this seems like a productive conversation to me. :)
>
> I have an old patch and spec I need to dust off that does this during<= br> > *very* early boot on x86 using MSRs so that kASLR can use it.

I'd love to see that. ;-)

thx,

Jason.
--

Thomas

--94eb2c1154dcb4eb20053685f19b--