diff options
author | Daniel Borkmann <daniel@iogearbox.net> | 2016-05-18 14:14:28 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-05-20 11:18:21 -0700 |
commit | b7552e1bccbe3da9c8e7386c6188e8ea4667c8e7 (patch) | |
tree | b688a09ce700098d34a06040dba03406feb0e439 /mm | |
parent | 09ec8e7fb6bcb351bbded18a571ea037504bb3a6 (diff) |
bpf: rather use get_random_int for randomizations
Start address randomization and blinding in BPF currently use
prandom_u32(). prandom_u32() values are not exposed to unpriviledged
user space to my knowledge, but given other kernel facilities such as
ASLR, stack canaries, etc make use of stronger get_random_int(), we
better make use of it here as well given blinding requests successively
new random values. get_random_int() has minimal entropy pool depletion,
is not cryptographically secure, but doesn't need to be for our use
cases here.
Suggested-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'mm')
0 files changed, 0 insertions, 0 deletions