Re: [PATCH v4 5/5] x86,kaslr: Use MSR_KVM_GET_RNG_SEED for KASLR if available

From: Kees Cook
Date: Thu Jul 17 2014 - 14:49:00 EST

Next message: Nick Krause: "Build allyesconfig for PowerPc tested"
Previous message: Dietmar Eggemann: "Re: Scheduler regression from caffcdd8d27ba78730d5540396ce72ad022aff2c"
In reply to: Andy Lutomirski: "[PATCH v4 5/5] x86,kaslr: Use MSR_KVM_GET_RNG_SEED for KASLR if available"
Next in thread: Andy Lutomirski: "[PATCH v4 4/5] x86,random,kvm: Use KVM_GET_RNG_SEED in arch_get_rng_seed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 17, 2014 at 11:22 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> It's considerably better than any of the alternatives on KVM.
>
> Rather than reinventing all of the cpu feature query code, this fixes
> native_cpuid to work in PIC objects.
>
> I haven't combined it with boot/cpuflags.c's cpuid implementation:
> including asm/processor.h from boot/cpuflags.c results in a flood of
> unrelated errors, and fixing it might be messy.
>
> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxxxxxx>

This will be very nice to have under kvm!

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

Thanks,

-Kees

--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nick Krause: "Build allyesconfig for PowerPc tested"
Previous message: Dietmar Eggemann: "Re: Scheduler regression from caffcdd8d27ba78730d5540396ce72ad022aff2c"
In reply to: Andy Lutomirski: "[PATCH v4 5/5] x86,kaslr: Use MSR_KVM_GET_RNG_SEED for KASLR if available"
Next in thread: Andy Lutomirski: "[PATCH v4 4/5] x86,random,kvm: Use KVM_GET_RNG_SEED in arch_get_rng_seed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]