On Thu, 16 Dec 2021 at 16:25, Mark Kettenis <mark.kette...@xs4all.nl> wrote: > > > From: Ilias Apalodimas <ilias.apalodi...@linaro.org> > > Date: Thu, 16 Dec 2021 16:52:08 +0200 > > > > Right now we unconditionally pass a 'kaslr-seed' property to the kernel > > if the DTB we ended up in EFI includes the entry. However the kernel > > EFI stub completely ignores it and only relies on EFI_RNG_PROTOCOL. > > So let's get rid of it unconditionally since it would mess up the > > (upcoming) DTB TPM measuring as well. > > NAK > > OpenBSD uses the kaslr-seed property in the bootloader to mix in some > additional entropy. (It will also use EFI_RNG_PROTOCOL if it is > avilable, but most U-Boot boards don't provide that, or at least not > yet). >
What is the point of using both the DT property and the protocol if both are available? > Even on Linux the EFI stub isn't the only way to load a Linux kernel. > You can use a conventional EFI bootloader like grub. > No, you cannot, at least not on architectures other than x86. GRUB on ARM always boots via the EFI stub.
