| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <161177586990.23325.5752801051222862535.tip-bot2@tip-bot2>
Date: Wed, 27 Jan 2021 19:31:09 -0000
From: "tip-bot2 for Mark Brown" <tip-bot2@...utronix.de>
To: linux-tip-commits@...r.kernel.org
Cc: Mark Brown <broonie@...nel.org>, Ard Biesheuvel <ardb@...nel.org>,
x86@...nel.org, linux-kernel@...r.kernel.org
Subject: [tip: efi/core] efi/arm64: Update debug prints to reflect other
entropy sources
The following commit has been merged into the efi/core branch of tip:
Commit-ID: 1c761ee9da1ac6ba7e40d14457fac94c87eaff35
Gitweb: https://git.kernel.org/tip/1c761ee9da1ac6ba7e40d14457fac94c87eaff35
Author: Mark Brown <broonie@...nel.org>
AuthorDate: Wed, 20 Jan 2021 16:38:10
Committer: Ard Biesheuvel <ardb@...nel.org>
CommitterDate: Thu, 21 Jan 2021 10:54:08 +01:00
efi/arm64: Update debug prints to reflect other entropy sources
Currently the EFI stub prints a diagnostic on boot saying that KASLR will
be disabled if it is unable to use the EFI RNG protocol to obtain a seed
for KASLR. With the addition of support for v8.5-RNG and the SMCCC RNG
protocol it is now possible for KASLR to obtain entropy even if the EFI
RNG protocol is unsupported in the system, and the main kernel now
explicitly says if KASLR is active itself. This can result in a boot
log where the stub says KASLR has been disabled and the main kernel says
that it is enabled which is confusing for users.
Remove the explicit reference to KASLR from the diagnostics, the warnings
are still useful as EFI is the only source of entropy the stub uses when
randomizing the physical address of the kernel and the other sources may
not be available.
Signed-off-by: Mark Brown <broonie@...nel.org>
Link: https://lore.kernel.org/r/20210120163810.14973-1-broonie@kernel.org
Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
---
drivers/firmware/efi/libstub/arm64-stub.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c
index 22ece1a..b69d631 100644
--- a/drivers/firmware/efi/libstub/arm64-stub.c
+++ b/drivers/firmware/efi/libstub/arm64-stub.c
@@ -61,10 +61,10 @@ efi_status_t handle_kernel_image(unsigned long *image_addr,
status = efi_get_random_bytes(sizeof(phys_seed),
(u8 *)&phys_seed);
if (status == EFI_NOT_FOUND) {
- efi_info("EFI_RNG_PROTOCOL unavailable, KASLR will be disabled\n");
+ efi_info("EFI_RNG_PROTOCOL unavailable\n");
efi_nokaslr = true;
} else if (status != EFI_SUCCESS) {
- efi_err("efi_get_random_bytes() failed (0x%lx), KASLR will be disabled\n",
+ efi_err("efi_get_random_bytes() failed (0x%lx)\n",
status);
efi_nokaslr = true;
}
Powered by blists - more mailing lists