x86, kaslr: Mix entropy sources together as needed
Depending on availability, mix the RDRAND and RDTSC entropy together with XOR. Only when neither is available should the i8254 be used. Update the Kconfig documentation to reflect this. Additionally, since bits used for entropy is masked elsewhere, drop the needless masking in the get_random_long(). Similarly, use the entire TSC, not just the low 32 bits. Finally, to improve the starting entropy, do a simple hashing of a build-time versions string and the boot-time boot_params structure for some additional level of unpredictability. Signed-off-by: NKees Cook <keescook@chromium.org> Link: http://lkml.kernel.org/r/20131111222839.GA28616@www.outflux.netSigned-off-by: NH. Peter Anvin <hpa@zytor.com>
Showing
想要评论请 注册 或 登录