lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <1EB25EC8-28A4-46C6-84E9-14858B68C815@amacapital.net> Date: Sat, 27 Apr 2019 06:59:36 -0700 From: Andy Lutomirski <luto@...capital.net> To: Theodore Ts'o <tytso@....edu> Cc: Eric Biggers <ebiggers@...nel.org>, "Reshetova, Elena" <elena.reshetova@...el.com>, "herbert@...dor.apana.org.au" <herbert@...dor.apana.org.au>, David Laight <David.Laight@...lab.com>, Ingo Molnar <mingo@...nel.org>, Peter Zijlstra <peterz@...radead.org>, "keescook@...omium.org" <keescook@...omium.org>, Daniel Borkmann <daniel@...earbox.net>, "luto@...nel.org" <luto@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "jpoimboe@...hat.com" <jpoimboe@...hat.com>, "jannh@...gle.com" <jannh@...gle.com>, "Perla, Enrico" <enrico.perla@...el.com>, "mingo@...hat.com" <mingo@...hat.com>, "bp@...en8.de" <bp@...en8.de>, "tglx@...utronix.de" <tglx@...utronix.de>, "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>, "Edgecombe, Rick P" <rick.p.edgecombe@...el.com> Subject: Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall > On Apr 26, 2019, at 11:02 AM, Theodore Ts'o <tytso@....edu> wrote: > >> On Fri, Apr 26, 2019 at 10:44:20AM -0700, Eric Biggers wrote: >> Would it be possibly to call ChaCha20 through the actual crypto API so that SIMD >> instructions (e.g. AVX-2) could be used? That would make it *much* faster. >> Also consider AES-CTR with AES-NI instructions. > > It's not obvious SIMD instructions will be faster in practice, since > it requires saving and restoring the vector/FPU registers. If you're > going to be doing a *lot* of vector processing (for example when doing > block-level RAID-5 / RAID-6 computations), it might be worth it. But > if you're only going to be turning the crank for 12 or 20 rounds, the > overhead of calling kernel_fpu_begin() and kernel_fpu_end() is > probably going to make this worth it. > So generate a whole page or more of random bytes at a time and save them up for when they’re needed.
Powered by blists - more mailing lists