From: Andrew Morton <akpm@linux-foundation.org>
To: Jeff Liu <jeff.liu@oracle.com>
Cc: "linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
Andreas Dilger <aedilger@gmail.com>,
"arnd@arndb.de" <arnd@arndb.de>,
"viro@zeniv.linux.org.uk" <viro@zeniv.linux.org.uk>,
Alan Cox <alan@linux.intel.com>, "Ted Ts'o" <tytso@mit.edu>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
James Morris <james.l.morris@oracle.com>,
John Sobecki <john.sobecki@oracle.com>,
Jakub Jelinek <jakub@redhat.com>,
Ulrich Drepper <drepper@redhat.com>
Subject: Re: [PATCH V2] binfmt_elf.c: Introduce a wrapper of get_random_int() to fix entropy depleting
Date: Tue, 6 Nov 2012 16:09:21 -0800 [thread overview]
Message-ID: <20121106160921.bb3834f3.akpm@linux-foundation.org> (raw)
In-Reply-To: <5092234B.80405@oracle.com>
On Thu, 01 Nov 2012 15:22:51 +0800
Jeff Liu <jeff.liu@oracle.com> wrote:
> Hello,
>
> Entropy quickly depleting under normal I/O operations like ls(1), cat(1), etc...
> between 2.6.30 to current mainline,
Well that's bad. Let's cc Kees, who broke it ;)
> for instance:
>
> $ cat /proc/sys/kernel/random/entropy_avail
> 3428
> $ cat /proc/sys/kernel/random/entropy_avail
> 2911
> $cat /proc/sys/kernel/random/entropy_avail
> 2620
>
> We observed this problem has been occurred with fs/binfmt_elf.c: create_elf_tables()->get_random_bytes()
> was introduced began at 2.6.30.
> /*
> * Generate 16 random bytes for userspace PRNG seeding.
> */
> get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
>
> This proposal patch is trying to introduce a wrapper of get_random_int() which has lower overhead
> than calling get_random_bytes() directly.
>
> With this patch applied:
> $ cat /proc/sys/kernel/random/entropy_avail
> 2731
> $ cat /proc/sys/kernel/random/entropy_avail
> 2802
> $ cat /proc/sys/kernel/random/entropy_avail
> 2878
>
> ...
>
> --- a/fs/binfmt_elf.c
> +++ b/fs/binfmt_elf.c
> @@ -48,6 +48,7 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs);
> static int load_elf_library(struct file *);
> static unsigned long elf_map(struct file *, unsigned long, struct elf_phdr *,
> int, int, unsigned long);
> +static void randomize_stack_user(unsigned char *buf, size_t nbytes);
>
> /*
> * If we don't support core dumping, then supply a NULL so we
> @@ -200,7 +201,7 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec,
> /*
> * Generate 16 random bytes for userspace PRNG seeding.
> */
> - get_random_bytes(k_rand_bytes, sizeof(k_rand_bytes));
> + randomize_stack_user(k_rand_bytes, sizeof(k_rand_bytes));
> u_rand_bytes = (elf_addr_t __user *)
> STACK_ALLOC(p, sizeof(k_rand_bytes));
> if (__copy_to_user(u_rand_bytes, k_rand_bytes, sizeof(k_rand_bytes)))
> @@ -558,6 +559,29 @@ static unsigned long randomize_stack_top(unsigned long stack_top)
> #endif
> }
>
> +/*
> + * A wrapper of get_random_int() to generate random bytes which has lower
> + * overhead than call get_random_bytes() directly.
> + * create_elf_tables() call this function to generate 16 random bytes for
> + * userspace PRNG seeding.
> + */
> +static void randomize_stack_user(unsigned char *buf, size_t nbytes)
> +{
> + unsigned char *p = buf;
> +
> + while (nbytes) {
> + unsigned int random_variable;
> + size_t chunk = min(nbytes, sizeof(unsigned int));
> +
> + random_variable = get_random_int() & STACK_RND_MASK;
> + random_variable <<= PAGE_SHIFT;
> +
> + memcpy(p, &random_variable, chunk);
> + p += chunk;
> + nbytes -= chunk;
> + }
> +}
Prior to f06295b44c296 ("ELF: implement AT_RANDOM for glibc PRNG
seeding"), glibc was opening and using /dev/urandom for this. So
presumably the urandom level of security was sufficient.
Or perhaps it wasn't and the stronger get_random_bytes() works better -
I don't know?
>From my reading of the source, get_random_int() is weaker even than
/dev/urandom?
So my bottom line is: I don't know! Kees? Ted? Ulrich?
next prev parent reply other threads:[~2012-11-07 0:09 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-25 7:53 [PATCH] binfmt_elf.c: Introduce a wrapper of get_random_int() to fix entropy depleting Jeff Liu
2012-10-26 18:52 ` Andreas Dilger
2012-10-27 5:00 ` Jeff Liu
2012-11-01 7:22 ` [PATCH V2] " Jeff Liu
2012-11-07 0:09 ` Andrew Morton [this message]
2012-11-07 3:01 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121106160921.bb3834f3.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=aedilger@gmail.com \
--cc=alan@linux.intel.com \
--cc=arnd@arndb.de \
--cc=drepper@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=jakub@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=jeff.liu@oracle.com \
--cc=john.sobecki@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).