[RFC/PATCH 0/3] Add devicetree scanning for randomness

Kees Cook keescook at chromium.org
Wed Feb 12 16:35:54 EST 2014


On Wed, Feb 12, 2014 at 9:45 AM, Jason Cooper <jason at lakedaemon.net> wrote:
> I brought this up at last weeks devicetree irc meeting.  My goal is to
> provide early randomness for kaslr on ARM.  Currently, my idea is modify
> the init script to save an additional random seed from /dev/urandom to
> /boot/random-seed.

I'm all for a good entropy source for early boot. :)

I need to figure out what's needed for relocation support first
though, before we can really tackle kernel base-address randomization
on ARM. I haven't had a chance to look around too closely yet, but it
seems like only x86 and ppc do this currently? Has anyone looked in
detail and what would be needed on ARM for CONFIG_RELOCATABLE
behavior?

-Kees

-- 
Kees Cook
Chrome OS Security



More information about the linux-arm-kernel mailing list