| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y0BCb7mkLv75BqYK@hirez.programming.kicks-ass.net>
Date: Fri, 7 Oct 2022 17:14:55 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: "Jason A. Donenfeld" <Jason@...c4.com>
Cc: x86@...nel.org, Jann Horn <jannh@...gle.com>,
Natalie Silvanovich <natashenka@...gle.com>,
Seth Jenkins <sethjenkins@...gle.com>,
Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org
Subject: Re: x86/mm: Randomize per-cpu entry area
On Fri, Oct 07, 2022 at 08:44:52AM -0600, Jason A. Donenfeld wrote:
> On Fri, Oct 07, 2022 at 10:42:36AM +0200, Peter Zijlstra wrote:
> > + max_cea = (CPU_ENTRY_AREA_MAP_SIZE - PAGE_SIZE) / CPU_ENTRY_AREA_SIZE;
> > +
> > + /* O(sodding terrible) */
> > + for_each_possible_cpu(i) {
> > + unsigned int cea;
> > +
> > +again:
> > + cea = prandom_u32_max(max_cea);
>
> Just FYI, max_cea is 2274876 (at least in my test rig), which means the
Yeah, that sounds about right, just over 21 bits.
> values returned from prandom_u32_max() won't be uniformly distributed.
> Right now the kernel doesn't have a function that does rejection
> sampling to get uniform distribution, but I could add one if you need.
I figured it was better than '% max_cea'.
> Alternatively, maybe you don't actually *need* this to be perfectly
> distributed -- which seems to be a common perspective -- and so this is
> good enough. Your call, but just wanted to make you aware.
First iteration had a LFSR to 'uniformly' and uniquely distribute the
CEAs around, but someone took offence to that :-). Anyway, I think
anything non-obvious is good enough in this case.
Powered by blists - more mailing lists