From: Daniel Borkmann <dan...@iogearbox.net> Date: Wed, 18 May 2016 14:14:28 +0200
> Start address randomization and blinding in BPF currently use > prandom_u32(). prandom_u32() values are not exposed to unpriviledged > user space to my knowledge, but given other kernel facilities such as > ASLR, stack canaries, etc make use of stronger get_random_int(), we > better make use of it here as well given blinding requests successively > new random values. get_random_int() has minimal entropy pool depletion, > is not cryptographically secure, but doesn't need to be for our use > cases here. > > Suggested-by: Hannes Frederic Sowa <han...@stressinduktion.org> > Signed-off-by: Daniel Borkmann <dan...@iogearbox.net> Ok, applied, thanks Daniel.
