| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Feb 2014 13:32:09 -0500 From: Jason Cooper <jason@...edaemon.net> To: Olof Johansson <olof@...om.net> Cc: "devicetree@...r.kernel.org" <devicetree@...r.kernel.org>, Laura Abbott <lauraa@...eaurora.org>, Kees Cook <keescook@...omium.org>, Arnd Bergmann <arnd@...db.de>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Rob Herring <robh+dt@...nel.org>, Kumar Gala <galak@...eaurora.org>, Grant Likely <grant.likely@...aro.org>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org> Subject: Re: [RFC/PATCH 0/3] Add devicetree scanning for randomness On Wed, Feb 12, 2014 at 10:13:59AM -0800, Olof Johansson wrote: > On Wed, Feb 12, 2014 at 9:45 AM, Jason Cooper <jason@...edaemon.net> wrote: > > > I brought this up at last weeks devicetree irc meeting. My goal is to > > provide early randomness for kaslr on ARM. Currently, my idea is modify > > the init script to save an additional random seed from /dev/urandom to > > /boot/random-seed. > > > > The bootloader would then load this file into ram, and pass the > > address/size to the kernel either via dt, or commandline. kaslr (run in > > the decompressor) would consume some of this randomness, and then > > random.c would consume the rest in a non-crediting initialization. > > > > While not ideal, it works in absence of an HRNG, and is no worse than > > the current situation of storing the seed in /var/lib/misc/random-seed. > > It also doesn't require modification of the bootloaders. Just an > > updated kernel, and update the bootloader environment to load the > > seed. > > Hmm. There are some drawbacks with this -- it assumes you can "just > update the bootloader environment" which in general isn't easy to do. true, the scope of my experience is consumer grade NASs, routers and APs. At the very least, it's much easier than upgrading the bootloader. Also, my pov is as a hobbyist modifying devices post-sale. The idea is something I could add to my existing boxes without having to upgrade the bootloaders. > Also, you can't assume that /boot is writable or exists on all > embedded systems. In systems missing this capability, they often have the ability to update the kernel. All that's needed is one block of flash. Current random-seed size is 512 bytes. I'm not saying it's easy or desirable. But for folks who feel it's necessary to have kaslr on embedded devices, it would facilitate better random numbers. "Better" meaning much harder for an attacker to guess. > In general, taking both runtime and system-dependend data and using > that to see entropy is a good idea. Of course, I wasn't arguing for one or the other. As you said later, in situations where you can't feed in a seed file, MAC addresses and serial numbers are better than nothing. thx, Jason. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists