| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKwvOdmczBu286Ju2+gZK2h=hmELeX0K55pMOwMK4dtH89bU9g@mail.gmail.com>
Date: Wed, 13 Oct 2021 11:10:31 -0700
From: Nick Desaulniers <ndesaulniers@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Borislav Petkov <bp@...e.de>, Josh Poimboeuf <jpoimboe@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Kristen Carlson Accardi <kristen@...ux.intel.com>,
Tony Luck <tony.luck@...el.com>,
Alexander Lobakin <alexandr.lobakin@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Arnd Bergmann <arnd@...db.de>, Joerg Roedel <jroedel@...e.de>,
Arvind Sankar <nivedita@...m.mit.edu>,
Jing Yangyang <jing.yangyang@....com.cn>,
Abaci Robot <abaci@...ux.alibaba.com>,
Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>,
Nathan Chancellor <nathan@...nel.org>,
Vincenzo Frascino <vincenzo.frascino@....com>,
Andrey Konovalov <andreyknvl@...il.com>,
Miroslav Benes <mbenes@...e.cz>,
"H. Nikolaus Schaller" <hns@...delico.com>,
Fangrui Song <maskray@...gle.com>,
linux-kernel@...r.kernel.org, x86@...nel.org,
linux-arch@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH 2/4] x86/boot: Allow a "silent" kaslr random byte fetch
On Wed, Oct 13, 2021 at 10:57 AM Kees Cook <keescook@...omium.org> wrote:
>
> Under earlyprintk, each RNG call produces a debug report line. To support
> the future FGKASLR feature, which will fetch random bytes during function
> shuffling, this is not useful information (each line is identical and
> tells us nothing new), needlessly spamming the console. Instead, allow
> for a NULL "purpose" to suppress the debug reporting.
Reviewed-by: Nick Desaulniers <ndesaulniers@...gle.com>
>
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---
> arch/x86/lib/kaslr.c | 18 ++++++++++++------
> 1 file changed, 12 insertions(+), 6 deletions(-)
>
> diff --git a/arch/x86/lib/kaslr.c b/arch/x86/lib/kaslr.c
> index a53665116458..2b3eb8c948a3 100644
> --- a/arch/x86/lib/kaslr.c
> +++ b/arch/x86/lib/kaslr.c
> @@ -56,11 +56,14 @@ unsigned long kaslr_get_random_long(const char *purpose)
> unsigned long raw, random = get_boot_seed();
> bool use_i8254 = true;
>
> - debug_putstr(purpose);
> - debug_putstr(" KASLR using");
> + if (purpose) {
> + debug_putstr(purpose);
> + debug_putstr(" KASLR using");
> + }
>
> if (has_cpuflag(X86_FEATURE_RDRAND)) {
> - debug_putstr(" RDRAND");
> + if (purpose)
> + debug_putstr(" RDRAND");
> if (rdrand_long(&raw)) {
> random ^= raw;
> use_i8254 = false;
> @@ -68,7 +71,8 @@ unsigned long kaslr_get_random_long(const char *purpose)
> }
>
> if (has_cpuflag(X86_FEATURE_TSC)) {
> - debug_putstr(" RDTSC");
> + if (purpose)
> + debug_putstr(" RDTSC");
> raw = rdtsc();
>
> random ^= raw;
> @@ -76,7 +80,8 @@ unsigned long kaslr_get_random_long(const char *purpose)
> }
>
> if (use_i8254) {
> - debug_putstr(" i8254");
> + if (purpose)
> + debug_putstr(" i8254");
> random ^= i8254();
> }
>
> @@ -86,7 +91,8 @@ unsigned long kaslr_get_random_long(const char *purpose)
> : "a" (random), "rm" (mix_const));
> random += raw;
>
> - debug_putstr("...\n");
> + if (purpose)
> + debug_putstr("...\n");
>
> return random;
> }
> --
> 2.30.2
>
--
Thanks,
~Nick Desaulniers
Powered by blists - more mailing lists