On Wed, 10 Feb, at 06:55:05PM, Ard Biesheuvel wrote: > Since arm64 does not use a decompressor that supplies an execution > environment where it is feasible to some extent to provide a source of > randomness, the arm64 KASLR kernel depends on the bootloader to supply > some random bits in the /chosen/kaslr-seed DT property upon kernel entry. > > On UEFI systems, we can use the EFI_RNG_PROTOCOL, if supplied, to obtain > some random bits. At the same time, use it to randomize the offset of the > kernel Image in physical memory. > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > --- > arch/arm64/Kconfig | 5 ++ > drivers/firmware/efi/libstub/arm-stub.c | 40 ++++++---- > drivers/firmware/efi/libstub/arm64-stub.c | 78 ++++++++++++++------ > drivers/firmware/efi/libstub/fdt.c | 14 ++++ > 4 files changed, 102 insertions(+), 35 deletions(-) Reviewed-by: Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
