lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <164978836579.3579300.2356881730976056198.b4-ty@chromium.org> Date: Tue, 12 Apr 2022 11:32:48 -0700 From: Kees Cook <keescook@...omium.org> To: linux-kernel@...r.kernel.org, "Jason A. Donenfeld" <Jason@...c4.com>, PaX Team <pageexec@...email.hu>, linux-hardening@...r.kernel.org Cc: Kees Cook <keescook@...omium.org>, stable@...r.kernel.org Subject: Re: [PATCH v4] gcc-plugins: latent_entropy: use /dev/urandom On Wed, 6 Apr 2022 00:28:15 +0200, Jason A. Donenfeld wrote: > While the latent entropy plugin mostly doesn't derive entropy from > get_random_const() for measuring the call graph, when __latent_entropy is > applied to a constant, then it's initialized statically to output from > get_random_const(). In that case, this data is derived from a 64-bit > seed, which means a buffer of 512 bits doesn't really have that amount > of compile-time entropy. > > [...] Applied to for-v5.18/hardening, thanks! I dropped the version number change, added a pointer to the GCC bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105171, and noted the rationale for the buffer size. I'll get this sent to Linus shortly. [1/1] gcc-plugins: latent_entropy: use /dev/urandom https://git.kernel.org/kees/c/c40160f2998c -- Kees Cook
Powered by blists - more mailing lists