lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <99df3a39-ecf1-90a0-2649-fa0bda270ceb@gmail.com>
Date:	Fri, 12 Aug 2016 13:52:21 +1000
From:	Balbir Singh <bsingharora@...il.com>
To:	Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Emese Revfy <re.emese@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Jonathan Corbet <corbet@....net>,
	Vlastimil Babka <vbabka@...e.cz>,
	Mel Gorman <mgorman@...hsingularity.net>,
	Michal Hocko <mhocko@...e.com>,
	Johannes Weiner <hannes@...xchg.org>,
	Joonsoo Kim <iamjoonsoo.kim@....com>,
	"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
	Taku Izumi <izumi.taku@...fujitsu.com>,
	linux-doc@...r.kernel.org, linux-mm@...ck.org,
	kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH] mm: Add the ram_latent_entropy kernel parameter



On 11/08/16 08:28, Kees Cook wrote:
> From: Emese Revfy <re.emese@...il.com>
> 
> When "ram_latent_entropy" is passed on the kernel command line, entropy
> will be extracted from up to the first 4GB of RAM while the runtime memory
> allocator is being initialized. This entropy isn't cryptographically
> secure, but does help provide additional unpredictability on otherwise
> low-entropy systems.
> 
> Based on work created by the PaX Team.
> 
> Signed-off-by: Emese Revfy <re.emese@...il.com>
> [kees: renamed parameter, dropped relationship with plugin, updated log]
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---
> This patch has been extracted from the latent_entropy gcc plugin, as
> suggested by Linus: https://lkml.org/lkml/2016/8/8/840
> ---
>  Documentation/kernel-parameters.txt |  5 +++++
>  mm/page_alloc.c                     | 21 +++++++++++++++++++++
>  2 files changed, 26 insertions(+)
> 
> diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
> index 46c030a49186..9d054984370f 100644
> --- a/Documentation/kernel-parameters.txt
> +++ b/Documentation/kernel-parameters.txt
> @@ -3245,6 +3245,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
>  	raid=		[HW,RAID]
>  			See Documentation/md.txt.
>  
> +	ram_latent_entropy
> +			Enable a very simple form of latent entropy extraction
> +			from the first 4GB of memory as the bootmem allocator
> +			passes the memory pages to the buddy allocator.
> +
>  	ramdisk_size=	[RAM] Sizes of RAM disks in kilobytes
>  			See Documentation/blockdev/ramdisk.txt.
>  
> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> index fb975cec3518..1de94f0ff29d 100644
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -64,6 +64,7 @@
>  #include <linux/page_owner.h>
>  #include <linux/kthread.h>
>  #include <linux/memcontrol.h>
> +#include <linux/random.h>
>  
>  #include <asm/sections.h>
>  #include <asm/tlbflush.h>
> @@ -1236,6 +1237,15 @@ static void __free_pages_ok(struct page *page, unsigned int order)
>  	local_irq_restore(flags);
>  }
>  
> +bool __meminitdata ram_latent_entropy;
> +
> +static int __init setup_ram_latent_entropy(char *str)
> +{
> +	ram_latent_entropy = true;
> +	return 0;
> +}
> +early_param("ram_latent_entropy", setup_ram_latent_entropy);
> +
>  static void __init __free_pages_boot_core(struct page *page, unsigned int order)
>  {
>  	unsigned int nr_pages = 1 << order;
> @@ -1251,6 +1261,17 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
>  	__ClearPageReserved(p);
>  	set_page_count(p, 0);
>  
> +	if (ram_latent_entropy && !PageHighMem(page) &&
> +		page_to_pfn(page) < 0x100000) {
> +		u64 hash = 0;
> +		size_t index, end = PAGE_SIZE * nr_pages / sizeof(hash);
> +		const u64 *data = lowmem_page_address(page);
> +
> +		for (index = 0; index < end; index++)
> +			hash ^= hash + data[index];

Won't the hash be the same across boots? Is this entropy addition for
KASLR, since it is so early in boot?q

> +		add_device_randomness((const void *)&hash, sizeof(hash));
> +	}
> +
>  	page_zone(page)->managed_pages += nr_pages;
>  	set_page_refcounted(page);
>  	__free_pages(page, order);
> 


Balbir Singh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ