From: "Theodore Ts'o" <tytso@mit.edu>
To: Kees Cook <keescook@chromium.org>
Cc: akpm@linux-foundation.org, jeff.liu@oracle.com,
aedilger@gmail.com, alan@linux.intel.com, arnn@arndb.de,
drepper@redhat.com, gregkh@linuxfoundation.org, jakub@redhat.com,
james.l.morris@oracle.com, john.sobecki@oracle.com,
viro@zeniv.linux.org.uk, LKML <linux-kernel@vger.kernel.org>
Subject: Re: + binfmt_elfc-use-get_random_int-to-fix-entropy-depleting.patch added to -mm tree
Date: Wed, 7 Nov 2012 04:32:46 -0500 [thread overview]
Message-ID: <20121107093246.GD21960@thunk.org> (raw)
In-Reply-To: <CAGXu5jJ779UvpZwO-fi7-m+i=OfqwgXh1PC4GNwjhfD9GD82wQ@mail.gmail.com>
On Tue, Nov 06, 2012 at 05:11:17PM -0800, Kees Cook wrote:
> Hrm, I don't like this. get_random_int() specifically says: "Get a
> random word for internal kernel use only." The intent of AT_RANDOM is
> for userspace pRNG seeding (though glibc currently uses it directly
> for stack protector and pointer mangling), which is not "internal
> kernel use only". :) Though I suppose this is already being used for
> the randomize_stack_top(), but I think it'd still be better to use
> higher quality bits.
Well, in practice, right now, get_random_int() is only being used for
different cases of ASLR of one variety or another (either by the
kernel in exec or mmap, or in userspace). So I'm not sure it really
is a major issue.
If we also change get_random_int() to use a more secure cryptographic
random generator (i.e., maybe AES instead of MD5), would that be
sufficient to address your concerns? We're not using get_random_int()
for anything that's timing sensitive, so that shouldn't be a problem.
Or maybe we should just add an explicit CRNG set of routines (like the
similar discussions to make an explicitly named PRNG set of routines),
so callers can use whatever random number generator is appropriate for
their performance and security needs.
- Ted
next prev parent reply other threads:[~2012-11-07 9:33 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20121107001609.9B7A9100047@wpzn3.hot.corp.google.com>
2012-11-07 1:11 ` + binfmt_elfc-use-get_random_int-to-fix-entropy-depleting.patch added to -mm tree Kees Cook
2012-11-07 4:21 ` Jeff Liu
2012-11-07 4:29 ` Kees Cook
2012-11-07 4:42 ` Jeff Liu
2012-11-07 9:32 ` Theodore Ts'o [this message]
2012-11-07 15:10 ` Kees Cook
2012-11-08 6:21 ` Jeff Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121107093246.GD21960@thunk.org \
--to=tytso@mit.edu \
--cc=aedilger@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=alan@linux.intel.com \
--cc=arnn@arndb.de \
--cc=drepper@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=jakub@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=jeff.liu@oracle.com \
--cc=john.sobecki@oracle.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).