On Wed, Aug 21, 2019 at 09:39:28AM +0300, Ard Biesheuvel wrote:
>
> Whether to trust the firmware provided entropy is a policy decision,
> and typically, we try to avoid dictating policy in the kernel, and
> instead, we try to provide a sane default but give the user control
> over it.
>
> So in
On Wed, 21 Aug 2019 at 08:57, Hsin-Yi Wang wrote:
>
> Then we'd still use add_device_randomness() in case that bootloader
> provides weak entropy.
>
(please don't top post)
Whether to trust the firmware provided entropy is a policy decision,
and typically, we try to avoid dictating policy in
Then we'd still use add_device_randomness() in case that bootloader
provides weak entropy.
On Tue, Aug 20, 2019 at 7:14 PM Ard Biesheuvel
wrote:
>
> On Tue, 20 Aug 2019 at 10:43, Hsin-Yi Wang wrote:
> >
> > Hi Ted,
> >
> > Thanks for raising this question.
> >
> > For UEFI based system, they
On Tue, 20 Aug 2019 at 10:43, Hsin-Yi Wang wrote:
>
> Hi Ted,
>
> Thanks for raising this question.
>
> For UEFI based system, they have a config table that carries rng seed
> and can be passed to device randomness. However, they also use
> add_device_randomness (not sure if it's the same reason
Hi Ted,
Thanks for raising this question.
For UEFI based system, they have a config table that carries rng seed
and can be passed to device randomness. However, they also use
add_device_randomness (not sure if it's the same reason that they
can't guarantee _all_ bootloader can be trusted)
This
On Mon, Aug 19, 2019 at 03:16:04PM +0800, Hsin-Yi Wang wrote:
> Introducing a chosen node, rng-seed, which is an entropy that can be
> passed to kernel called very early to increase initial device
> randomness. Bootloader should provide this entropy and the value is
> read from /chosen/rng-seed in
Introducing a chosen node, rng-seed, which is an entropy that can be
passed to kernel called very early to increase initial device
randomness. Bootloader should provide this entropy and the value is
read from /chosen/rng-seed in DT.
Obtain of_fdt_crc32 for CRC check after
7 matches
Mail list logo
