From: "tip-bot for H. Peter Anvin" <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@kernel.org,
keescook@chromium.org, tglx@linutronix.de
Subject: [tip:x86/kaslr] x86, kaslr: Add a circular multiply for better bit diffusion
Date: Mon, 11 Nov 2013 23:09:44 -0800 [thread overview]
Message-ID: <tip-e8236c4d9338d52d0f2fcecc0b792ac0542e4ee9@git.kernel.org> (raw)
In-Reply-To: <20131111222839.GA28616@www.outflux.net>
Commit-ID: e8236c4d9338d52d0f2fcecc0b792ac0542e4ee9
Gitweb: http://git.kernel.org/tip/e8236c4d9338d52d0f2fcecc0b792ac0542e4ee9
Author: H. Peter Anvin <hpa@zytor.com>
AuthorDate: Mon, 11 Nov 2013 22:45:20 -0800
Committer: H. Peter Anvin <hpa@zytor.com>
CommitDate: Mon, 11 Nov 2013 23:05:49 -0800
x86, kaslr: Add a circular multiply for better bit diffusion
If we don't have RDRAND (in which case nothing else *should* matter),
most sources have a highly biased entropy distribution. Use a
circular multiply to diffuse the entropic bits. A circular multiply
is a good operation for this: it is cheap on standard hardware and
because it is symmetric (unlike an ordinary multiply) it doesn't
introduce its own bias.
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Link: http://lkml.kernel.org/r/20131111222839.GA28616@www.outflux.net
---
arch/x86/boot/compressed/aslr.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
index 8746487..38a07cc 100644
--- a/arch/x86/boot/compressed/aslr.c
+++ b/arch/x86/boot/compressed/aslr.c
@@ -64,6 +64,11 @@ static unsigned long get_random_boot(void)
static unsigned long get_random_long(void)
{
+#ifdef CONFIG_X86_64
+ const unsigned long mix_const = 0x5d6008cbf3848dd3UL;
+#else
+ const unsigned long mix_const = 0x3f39e593UL;
+#endif
unsigned long raw, random = get_random_boot();
bool use_i8254 = true;
@@ -90,6 +95,12 @@ static unsigned long get_random_long(void)
random ^= i8254();
}
+ /* Circular multiply for better bit diffusion */
+ asm("mul %3"
+ : "=a" (random), "=d" (raw)
+ : "a" (random), "rm" (mix_const));
+ random += raw;
+
debug_putstr("...\n");
return random;
prev parent reply other threads:[~2013-11-12 7:10 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-11 22:28 [PATCH v4] x86, kaslr: mix entropy sources together as needed Kees Cook
2013-11-12 7:09 ` [tip:x86/kaslr] x86, kaslr: Mix " tip-bot for Kees Cook
2013-11-12 7:09 ` tip-bot for H. Peter Anvin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-e8236c4d9338d52d0f2fcecc0b792ac0542e4ee9@git.kernel.org \
--to=tipbot@zytor.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.