On Wed, 6 Apr 2022 00:28:15 +0200, Jason A. Donenfeld wrote: > While the latent entropy plugin mostly doesn't derive entropy from > get_random_const() for measuring the call graph, when __latent_entropy is > applied to a constant, then it's initialized statically to output from > get_random_const(). In that case, this data is derived from a 64-bit > seed, which means a buffer of 512 bits doesn't really have that amount > of compile-time entropy. > > [...] Applied to for-v5.18/hardening, thanks! I dropped the version number change, added a pointer to the GCC bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105171, and noted the rationale for the buffer size. I'll get this sent to Linus shortly. [1/1] gcc-plugins: latent_entropy: use /dev/urandom https://git.kernel.org/kees/c/c40160f2998c -- Kees Cook
