Searched hist:"33973 e1e" (Results 1 – 3 of 3) sorted by relevance
/openbmc/qemu/docs/system/arm/ |
H A D | virt.rst | 33973e1e Wed Jan 05 07:49:56 CST 2022 Alex Bennée <alex.bennee@linaro.org> hw/arm: add control knob to disable kaslr_seed via DTB
Generally a guest needs an external source of randomness to properly enable things like address space randomisation. However in a trusted boot environment where the firmware will cryptographically verify components having random data in the DTB will cause verification to fail. Add a control knob so we can prevent this being added to the system DTB.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-Id: <20220105135009.1584676-22-alex.bennee@linaro.org>
|
/openbmc/qemu/include/hw/arm/ |
H A D | virt.h | 33973e1e Wed Jan 05 07:49:56 CST 2022 Alex Bennée <alex.bennee@linaro.org> hw/arm: add control knob to disable kaslr_seed via DTB
Generally a guest needs an external source of randomness to properly enable things like address space randomisation. However in a trusted boot environment where the firmware will cryptographically verify components having random data in the DTB will cause verification to fail. Add a control knob so we can prevent this being added to the system DTB.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-Id: <20220105135009.1584676-22-alex.bennee@linaro.org>
|
/openbmc/qemu/hw/arm/ |
H A D | virt.c | 33973e1e Wed Jan 05 07:49:56 CST 2022 Alex Bennée <alex.bennee@linaro.org> hw/arm: add control knob to disable kaslr_seed via DTB
Generally a guest needs an external source of randomness to properly enable things like address space randomisation. However in a trusted boot environment where the firmware will cryptographically verify components having random data in the DTB will cause verification to fail. Add a control knob so we can prevent this being added to the system DTB.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-Id: <20220105135009.1584676-22-alex.bennee@linaro.org>
|