Home » Mailing list archives » linux-kernel » 2007 » June » 25

Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, kernel 2.6.21.5

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Alexander Gabert
Subject: Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, kernel 2.6.21.5
Date: Monday, June 25, 2007 - 8:02 am

Hi Matt,
sorry for not answering your questions in the first place, i hope this 
did not mean to make a bad impression
Matt Mackall schrieb:
I don't think so but you may be right nonetheless if my opinion.
Adding the new field
Found while adding the new field and testing it.
It is needed for properly initializing a SSP guard which is (afaik) a 
long value.
Probably ... but bear in mind that the goal is still the same: allowing 
glibc to use SSP with /proc/self/auxv instead of fopen(/dev/urandom) as 
it is now.
Effectively saving three syscalls (open,read,close) and making life 
easier for glibc because randomization "generated" in the kernel does 
not deplete /dev/urandom too much for high coverage SSP userlands (i.e. 
Gentoo Hardened).

I can imagine that Redhat would do the same with the SSP implementation 
in glibc, i think if this patch moves into kernel, they will bring out a 
glibc patch that is checking for AT_ENTROPY and using the opening of 
/dev/urandom for retrieving randomized data as a fallback for machines 
where such a kernel is not available.  This is a win-win situation for 
both sides- the kernel wins because the pressure on /dev/urandom is 
released a bit (applicable to SSP environments) and the glibc wins 
because it has a reliable, fast, cheap and easy to use source for 
randomization.


Thank you,

Alex

-
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
AT_ENTROPY1 and AT_ENTROPY2 values for include/linux/auxvec.h, Alexander Gabert, (Sun Jun 17, 4:40 pm)
Re: AT_ENTROPY1 and AT_ENTROPY2 values for include/linux/a ..., Arjan van de Ven, (Sun Jun 17, 6:06 pm)
Re: AT_ENTROPY1 and AT_ENTROPY2 values for include/linux/a ..., Alexander Gabert, (Sun Jun 17, 6:28 pm)
Re: AT_ENTROPY1 and AT_ENTROPY2 values for include/linux/a ..., Arjan van de Ven, (Sun Jun 17, 6:38 pm)
Re: AT_ENTROPY1 and AT_ENTROPY2 values for include/linux/a ..., Alexander Gabert, (Mon Jun 18, 3:36 am)
[PATCH] get_random_long() and AT_ENTROPY for auxv, kernel ..., Alexander Gabert, (Wed Jun 20, 8:34 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Arjan van de Ven, (Wed Jun 20, 8:38 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Linus Torvalds, (Wed Jun 20, 9:39 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Eric Dumazet, (Wed Jun 20, 10:04 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Matt Mackall, (Wed Jun 20, 1:30 pm)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Alexander Gabert, (Sun Jun 24, 10:45 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Matt Mackall, (Sun Jun 24, 8:45 pm)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Arjan van de Ven, (Sun Jun 24, 9:43 pm)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Matt Mackall, (Sun Jun 24, 10:12 pm)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Jakub Jelinek, (Mon Jun 25, 12:09 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Alexander Gabert, (Mon Jun 25, 8:02 am)
Re: [PATCH] get_random_long() and AT_ENTROPY for auxv, ker ..., Matt Mackall, (Mon Jun 25, 8:20 am)