| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090504162607.6c771323@infradead.org> Date: Mon, 4 May 2009 16:26:07 -0700 From: Arjan van de Ven <arjan@...radead.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, Jake Edge <jake@....net>, security@...nel.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, James Morris <jmorris@...ei.org>, linux-security-module@...r.kernel.org, Eric Paris <eparis@...hat.com>, Alan Cox <alan@...rguk.ukuu.org.uk>, Roland McGrath <roland@...hat.com>, mingo@...hat.com, Andrew Morton <akpm@...ux-foundation.org>, Greg KH <greg@...ah.com>, Matt Mackall <mpm@...enic.com> Subject: Re: [Security] [PATCH] proc: avoid information leaks to non-privileged processes On Mon, 4 May 2009 15:24:15 -0700 (PDT) Linus Torvalds <torvalds@...ux-foundation.org> wrote: > > > On Mon, 4 May 2009, Eric W. Biederman wrote: > > > Arjan van de Ven <arjan@...radead.org> writes: > > > > > On Mon, 4 May 2009 12:00:12 -0700 (PDT) > > > Linus Torvalds <torvalds@...ux-foundation.org> wrote: > > > > > >> > > >> > > >> On Mon, 4 May 2009, Jake Edge wrote: > > >> > > > >> > This is essentially v2 of "[PATCH] proc: avoid leaking eip, > > >> > esp, or wchan to non-privileged processes", adding some of > > >> > Eric Biederman's suggestions as well as the start_stack change > > >> > (only give out that address if the process is ptrace()-able). > > >> > This has been tested with ps and top without any ill effects > > >> > being seen. > > >> > > >> Looks sane to me. Anybody objects? > > >> > > > > > > Acked-by: Arjan van de Ven <arjan@...ux.intel.com> > > > > Looks sane here. > > > > Acked-by: "Eric W. Biederman" <ebiederm@...ssion.com> > > Ok, applied. > > Also, does anybody have any commentary or opinion on the patch by > Matt Mackall to use stronger random numbers than "get_random_int()". > I wonder what the performance impact of that is - "get_random_int()" > is very cheap by design, and many users may consider calling > "get_random_bytes()" to be overkill and a potential performance issue. > > Quite frankly, the way "get_random_bytes()" works now (it does a > _full_ sha thing every time), I think it's insane overkill. But I do > have to admit that our current "get_random_int()" is insane > _underkill_. > > I'd like to improve the latter without going to quie the extreme that > matt's patch did. doing something simple as hashing in the tsc will already help; while some people are nervous about the predictability of the tsc, in practice there's likely enough bits of unpredictability there to be worth the very low price of 50 cycles or less.... -- Arjan van de Ven Intel Open Source Technology Centre For development, discussion and tips for power savings, visit http://www.lesswatts.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists