Support forums

Architectures and Processors forum why output of rndr instruction is mixed with bootloader's entropy to form linux kaslr on arm64

State Not Answered
Locked Locked
Replies 3 replies
Subscribers 351 subscribers
Views 3918 views
Users 0 members are here

Options

How was your experience today?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

why output of rndr instruction is mixed with bootloader's entropy to form linux kaslr on arm64

scopichmu over 3 years ago

It is code snippet from Linux kernel (arch/arm64/kernel/kaslr.c) how kaslr seeed is obtained:

u64 __init kaslr_early_init(u64 dt_phys)
{
      ...

        /*
         * Retrieve (and wipe) the seed from the FDT
         */
        seed = get_kaslr_seed(fdt);


        /*
         * Mix in any entropy obtainable architecturally if enabled
         * and supported.
         */
	if (arch_get_random_seed_long_early(&raw))
                seed ^= raw;
       ...
}

Does someone can explain why seed is xor'ed with output of arch random instruction (RNDR instruction that appears in ARMV8.5 Random extensions). If we already have bootloader's entropy then why need additionally get arch random?

Top replies

Robert Wolff over 3 years ago +1

Moved thread to Cortex-A forum.

Parents

0 Zenon Xiu (修志龙） over 3 years ago

I think it combines boot time and runtime generated random number, and should make it more secure.
Cancel
Up 0 Down

Cancel

Reply

0 Zenon Xiu (修志龙） over 3 years ago

I think it combines boot time and runtime generated random number, and should make it more secure.
Cancel
Up 0 Down

Cancel

Children

No data