From: Matt Mackall <mpm@selenic.com>
To: Arjan van de Ven <arjan@infradead.org>
Cc: Alexander Gabert <pappy@gentoo.org>,
linux-kernel@vger.kernel.org, torvalds@linux-foundation.org,
libc-alpha@sourceware.org, hardened@gentoo.org
Subject: Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, kernel 2.6.21.5
Date: Mon, 25 Jun 2007 00:12:10 -0500 [thread overview]
Message-ID: <20070625051210.GF11115@waste.org> (raw)
In-Reply-To: <1182746583.26621.5.camel@laptopd505.fenrus.org>
On Sun, Jun 24, 2007 at 09:43:03PM -0700, Arjan van de Ven wrote:
> On Sun, 2007-06-24 at 22:45 -0500, Matt Mackall wrote:
> > On Sun, Jun 24, 2007 at 07:45:04PM +0200, Alexander Gabert wrote:
> > > Hi Linus,
> > > hi LKML,
> > >
> > > i would like to thank LKML and especially Eric (thanks for the per_cpu
> > > macro tips and design guidelines!) and the other contributors to this idea.
> > >
> > > This time the patch is rather big because it also removes
> > > get_random_int() and introduces get_random_long() throughout the kernel.
> >
> > Stop right there. You still haven't answered my original question.
> > What is the point of this exercise in the first place, please?
> >
> > Am I right in thinking you have three unrelated patches here?
> >
> > - something to do with aux vector headers
>
> the primary goal is to pass a random value to userspace at process
> start; this to save glibc from having to open /dev/urandom on ever
> program start (which it does now for all apps compiled with
> -fstack-protector, which in various distros is "everything").
Interesting.
What are our requirements here? Defending against local attackers who
can build exploits on the fly probably means something stronger than get_random_int.
> > - sweeping change of get_random_int to get_random_long for no obvious reason
>
> and this is because Alexander wants 2 and not 1 random int to be passed
> for his own glibc proposed change (combined with get_random_int() being
> designed for only 4 bytes per process ;-)
Sure. Still, separate patches.
--
Mathematics is the supreme nostalgia of our time.
next prev parent reply other threads:[~2007-06-25 5:12 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-17 23:40 AT_ENTROPY1 and AT_ENTROPY2 values for include/linux/auxvec.h Alexander Gabert
2007-06-18 1:06 ` Arjan van de Ven
2007-06-18 1:28 ` Alexander Gabert
2007-06-18 1:38 ` Arjan van de Ven
2007-06-18 10:36 ` Alexander Gabert
2007-06-20 15:34 ` [PATCH] get_random_long() and AT_ENTROPY for auxv, kernel 2.6.21.5 Alexander Gabert
2007-06-20 15:38 ` Arjan van de Ven
2007-06-20 16:39 ` Linus Torvalds
2007-06-20 17:04 ` Eric Dumazet
2007-06-20 20:30 ` Matt Mackall
2007-06-24 17:45 ` Alexander Gabert
2007-06-25 3:45 ` Matt Mackall
2007-06-25 4:43 ` Arjan van de Ven
2007-06-25 5:12 ` Matt Mackall [this message]
2007-06-25 7:09 ` Jakub Jelinek
2007-06-25 15:02 ` Alexander Gabert
2007-06-25 15:20 ` Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070625051210.GF11115@waste.org \
--to=mpm@selenic.com \
--cc=arjan@infradead.org \
--cc=hardened@gentoo.org \
--cc=libc-alpha@sourceware.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pappy@gentoo.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.