Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1447154645.29239.8.camel@debian.org>
Date: Tue, 10 Nov 2015 12:24:05 +0100
From: Yves-Alexis Perez <corsac@...ian.org>
To: kernel-hardening@...ts.openwall.com, Marcus Meissner <meissner@...e.de>
Cc: Matthew Garrett <mjg59@...f.ucam.org>, Theodore Tso <tytso@...gle.com>, 
 Emese Revfy <re.emese@...il.com>, Kees Cook <keescook@...omium.org>, PaX
 Team <pageexec@...email.hu>,  Brad Spengler <spender@...ecurity.net>, Greg
 KH <gregkh@...uxfoundation.org>, Josh Triplett <josh@...htriplett.org>
Subject: Re: Re: Proposal for kernel self protection
 features

On mar., 2015-11-10 at 11:47 +0100, Marcus Meissner wrote:
> The kernel has infrastructure for this (feeding hardware random generators
> into the random pool) these days.
> 
> e.g.
> drivers/char/hw_random/tpm-rng.c

Thanks, I was missing those bits. Actually those are in (on v4.3, starting
from drivers/char/hw_random/core.c#L483):

hwrng_register()
	add_early_randomness()
		rng_get_data()
		add_device_randomness()

but as far as I can tell it only gets called once when registering the hwrng
driver, and only if the RNG driver doesn't define an init function (tpm-rng
doesn't). But that's still better than no randomness at all.

Regards,
-- 
Yves-Alexis


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.