[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kaslr: better rng
> Date: Tue, 07 Nov 2017 07:57:58 +1100
> from: matthew green <mrg%eterna.com.au@localhost>
> > Well, we could indeed extend /var/db/entropy-file. However, I would really
> > prefer the random area to be generated from a previous run of the system, and
> > not from the bootloader taking a seed in the file. Unless there is a
> > combination of both?
> it would be nice if the lack of this file wasn't a major problem
> and that, eg, if rdrand was available it would be used as a seed
> the two cases i see this regularly are pxe booted systems and in
> the installer, both a fairly important cases so i think supporting
> them as well would be worthwhile.
Yes -- we should hash together the file and cpu_rng.
Main Index |
Thread Index |