• Kees Cook's avatar
    random: move rand_initialize() earlier · d5553523
    Kees Cook authored
    Right now rand_initialize() is run as an early_initcall(), but it only
    depends on timekeeping_init() (for mixing ktime_get_real() into the
    pools). However, the call to boot_init_stack_canary() for stack canary
    initialization runs earlier, which triggers a warning at boot:
    
    random: get_random_bytes called from start_kernel+0x357/0x548 with crng_init=0
    
    Instead, this moves rand_initialize() to after timekeeping_init(), and moves
    canary initialization here as well.
    
    Note that this warning may still remain for machines that do not have
    UEFI RNG support (which initializes the RNG pools during setup_arch()),
    or for x86 machines without RDRAND (or booting without "random.trust=on"
    or CONFIG_RANDOM_TRUST_CPU=y).
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    d5553523
main.c 29.1 KB