On Tue, Jun 21, 2016 at 8:46 PM, Kees Cook wrote:
> This is v7 of Thomas Garnier's KASLR for memory areas (physical memory
> mapping, vmalloc, vmemmap). It expects to be applied on top of the
> x86/boot tip.
>
> The current implementation of KASLR randomizes only the base
On Fri, Jun 24, 2016 at 01:40:41PM -0700, Andy Lutomirski wrote:
> On Fri, Jun 24, 2016 at 12:04 PM, Kees Cook wrote:
> > On Fri, Jun 24, 2016 at 9:02 AM, Jason Cooper wrote:
> >> Thomas,
> >>
> >> Sorry for wandering off the topic of your series.
Hi Kees,
On Fri, Jun 24, 2016 at 12:04:32PM -0700, Kees Cook wrote:
> On Fri, Jun 24, 2016 at 9:02 AM, Jason Cooper wrote:
> > Thomas,
> >
> > Sorry for wandering off the topic of your series. The big take away for
> > me is that you and Kees are concerned about x86
On Fri, Jun 24, 2016 at 12:04 PM, Kees Cook wrote:
> On Fri, Jun 24, 2016 at 9:02 AM, Jason Cooper wrote:
>> Thomas,
>>
>> Sorry for wandering off the topic of your series. The big take away for
>> me is that you and Kees are concerned about x86
On Fri, Jun 24, 2016 at 9:02 AM, Jason Cooper wrote:
> Thomas,
>
> Sorry for wandering off the topic of your series. The big take away for
> me is that you and Kees are concerned about x86 systems pre-RDRAND.
> Just as I'm concerned about deployed embedded systems without
Thomas,
Sorry for wandering off the topic of your series. The big take away for
me is that you and Kees are concerned about x86 systems pre-RDRAND.
Just as I'm concerned about deployed embedded systems without bootloader
support for hw-rngs and so forth.
Whatever final form the approach takes
On 24 June 2016 at 03:11, Jason Cooper wrote:
> Hi Ard,
>
> On Thu, Jun 23, 2016 at 10:05:53PM +0200, Ard Biesheuvel wrote:
>> On 23 June 2016 at 21:58, Kees Cook wrote:
>> > On Thu, Jun 23, 2016 at 12:33 PM, Jason Cooper
>> >
Hi Ard,
On Thu, Jun 23, 2016 at 10:05:53PM +0200, Ard Biesheuvel wrote:
> On 23 June 2016 at 21:58, Kees Cook wrote:
> > On Thu, Jun 23, 2016 at 12:33 PM, Jason Cooper wrote:
> >> On Wed, Jun 22, 2016 at 10:05:51AM -0700, Kees Cook wrote:
> >>> On
Hey Sandy,
On Thu, Jun 23, 2016 at 03:45:54PM -0400, Sandy Harris wrote:
> Jason Cooper wrote:
>
> > Modern systems that receive a seed from the bootloader via the
> > random-seed property (typically from the hw-rng) can mix both sources
> > for increased resilience.
> >
>
On Thu, Jun 23, 2016 at 12:59:07PM -0700, Kees Cook wrote:
> On Thu, Jun 23, 2016 at 12:45 PM, Sandy Harris wrote:
> > Jason Cooper wrote:
> >
> >> Modern systems that receive a seed from the bootloader via the
> >> random-seed property (typically
On 23 June 2016 at 21:58, Kees Cook wrote:
> On Thu, Jun 23, 2016 at 12:33 PM, Jason Cooper wrote:
>> Hey Kees, Thomas,
>>
>> On Wed, Jun 22, 2016 at 10:05:51AM -0700, Kees Cook wrote:
>>> On Wed, Jun 22, 2016 at 8:59 AM, Thomas Garnier
On Thu, Jun 23, 2016 at 12:45 PM, Sandy Harris wrote:
> Jason Cooper wrote:
>
>> Modern systems that receive a seed from the bootloader via the
>> random-seed property (typically from the hw-rng) can mix both sources
>> for increased resilience.
>>
On Thu, Jun 23, 2016 at 12:33 PM, Jason Cooper wrote:
> Hey Kees, Thomas,
>
> On Wed, Jun 22, 2016 at 10:05:51AM -0700, Kees Cook wrote:
>> On Wed, Jun 22, 2016 at 8:59 AM, Thomas Garnier wrote:
>> > On Wed, Jun 22, 2016 at 5:47 AM, Jason Cooper
Hey Kees, Thomas,
On Wed, Jun 22, 2016 at 10:05:51AM -0700, Kees Cook wrote:
> On Wed, Jun 22, 2016 at 8:59 AM, Thomas Garnier wrote:
> > On Wed, Jun 22, 2016 at 5:47 AM, Jason Cooper wrote:
> >> Hey Kees,
> >>
> >> On Tue, Jun 21, 2016 at 05:46:57PM
Jason Cooper wrote:
> Modern systems that receive a seed from the bootloader via the
> random-seed property (typically from the hw-rng) can mix both sources
> for increased resilience.
>
> Unfortunately, I'm not very familiar with the internals of x86
> bootstrapping.
On Wed, Jun 22, 2016 at 8:59 AM, Thomas Garnier wrote:
> On Wed, Jun 22, 2016 at 5:47 AM, Jason Cooper wrote:
>> Hey Kees,
>>
>> On Tue, Jun 21, 2016 at 05:46:57PM -0700, Kees Cook wrote:
>>> Notable problems that needed solving:
>> ...
>>> -
On Wed, Jun 22, 2016 at 5:47 AM, Jason Cooper wrote:
> Hey Kees,
>
> On Tue, Jun 21, 2016 at 05:46:57PM -0700, Kees Cook wrote:
>> Notable problems that needed solving:
> ...
>> - Reasonable entropy is needed early at boot before get_random_bytes()
>>is available.
>
>
Hey Kees,
On Tue, Jun 21, 2016 at 05:46:57PM -0700, Kees Cook wrote:
> Notable problems that needed solving:
...
> - Reasonable entropy is needed early at boot before get_random_bytes()
>is available.
This series is targetting x86, which typically has RDRAND/RDSEED
instructions. Are you
This is v7 of Thomas Garnier's KASLR for memory areas (physical memory
mapping, vmalloc, vmemmap). It expects to be applied on top of the
x86/boot tip.
The current implementation of KASLR randomizes only the base address of
the kernel and its modules. Research was published showing that static
19 matches
Mail list logo