[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <99df3a39-ecf1-90a0-2649-fa0bda270ceb@gmail.com>
Date: Fri, 12 Aug 2016 13:52:21 +1000
From: Balbir Singh <bsingharora@...il.com>
To: Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Emese Revfy <re.emese@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Jonathan Corbet <corbet@....net>,
Vlastimil Babka <vbabka@...e.cz>,
Mel Gorman <mgorman@...hsingularity.net>,
Michal Hocko <mhocko@...e.com>,
Johannes Weiner <hannes@...xchg.org>,
Joonsoo Kim <iamjoonsoo.kim@....com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Taku Izumi <izumi.taku@...fujitsu.com>,
linux-doc@...r.kernel.org, linux-mm@...ck.org,
kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH] mm: Add the ram_latent_entropy kernel parameter
On 11/08/16 08:28, Kees Cook wrote:
> From: Emese Revfy <re.emese@...il.com>
>
> When "ram_latent_entropy" is passed on the kernel command line, entropy
> will be extracted from up to the first 4GB of RAM while the runtime memory
> allocator is being initialized. This entropy isn't cryptographically
> secure, but does help provide additional unpredictability on otherwise
> low-entropy systems.
>
> Based on work created by the PaX Team.
>
> Signed-off-by: Emese Revfy <re.emese@...il.com>
> [kees: renamed parameter, dropped relationship with plugin, updated log]
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---
> This patch has been extracted from the latent_entropy gcc plugin, as
> suggested by Linus: https://lkml.org/lkml/2016/8/8/840
> ---
> Documentation/kernel-parameters.txt | 5 +++++
> mm/page_alloc.c | 21 +++++++++++++++++++++
> 2 files changed, 26 insertions(+)
>
> diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
> index 46c030a49186..9d054984370f 100644
> --- a/Documentation/kernel-parameters.txt
> +++ b/Documentation/kernel-parameters.txt
> @@ -3245,6 +3245,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
> raid= [HW,RAID]
> See Documentation/md.txt.
>
> + ram_latent_entropy
> + Enable a very simple form of latent entropy extraction
> + from the first 4GB of memory as the bootmem allocator
> + passes the memory pages to the buddy allocator.
> +
> ramdisk_size= [RAM] Sizes of RAM disks in kilobytes
> See Documentation/blockdev/ramdisk.txt.
>
> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> index fb975cec3518..1de94f0ff29d 100644
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -64,6 +64,7 @@
> #include <linux/page_owner.h>
> #include <linux/kthread.h>
> #include <linux/memcontrol.h>
> +#include <linux/random.h>
>
> #include <asm/sections.h>
> #include <asm/tlbflush.h>
> @@ -1236,6 +1237,15 @@ static void __free_pages_ok(struct page *page, unsigned int order)
> local_irq_restore(flags);
> }
>
> +bool __meminitdata ram_latent_entropy;
> +
> +static int __init setup_ram_latent_entropy(char *str)
> +{
> + ram_latent_entropy = true;
> + return 0;
> +}
> +early_param("ram_latent_entropy", setup_ram_latent_entropy);
> +
> static void __init __free_pages_boot_core(struct page *page, unsigned int order)
> {
> unsigned int nr_pages = 1 << order;
> @@ -1251,6 +1261,17 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
> __ClearPageReserved(p);
> set_page_count(p, 0);
>
> + if (ram_latent_entropy && !PageHighMem(page) &&
> + page_to_pfn(page) < 0x100000) {
> + u64 hash = 0;
> + size_t index, end = PAGE_SIZE * nr_pages / sizeof(hash);
> + const u64 *data = lowmem_page_address(page);
> +
> + for (index = 0; index < end; index++)
> + hash ^= hash + data[index];
Won't the hash be the same across boots? Is this entropy addition for
KASLR, since it is so early in boot?q
> + add_device_randomness((const void *)&hash, sizeof(hash));
> + }
> +
> page_zone(page)->managed_pages += nr_pages;
> set_page_refcounted(page);
> __free_pages(page, order);
>
Balbir Singh
Powered by blists - more mailing lists