Re: [PATCH] ELF: implement AT_RANDOM for future glibc use | KernelTrap

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Kees Cook <kees.cook@...>

To: Roland McGrath <roland@...>

Cc: Andi Kleen <andi@...>, <linux-kernel@...>, Jakub Jelinek <jakub@...>, Ulrich Drepper <drepper@...>, <libc-alpha@...>

Subject: Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

Date: Monday, October 6, 2008 - 8:31 pm

On Mon, Oct 06, 2008 at 04:58:27PM -0700, Roland McGrath wrote:
quoted text> What mmap randomization and stack randomization actually use is
> get_random_int(), not get_random_bytes().  This is one of those weaker
> flavors seeded occasionally from the real entropy pool.  (As is, it's not a
> good choice for getting 16 bytes of random at once, since it usually
> returns the same 4 bytes each time when called 4 times in quick succession.)
> 
> What glibc wants is some bits with a strength of randomness chosen by the
> kernel, and not to worry about the details.  I think the strength applied
> to mmap and stack randomization is good enough for AT_RANDOM.

Is this email a vote for or against doing:

+       k_rand_bytes[0] = get_random_int();
+       k_rand_bytes[1] = get_random_int();
+       k_rand_bytes[2] = get_random_int();
+       k_rand_bytes[3] = get_random_int();

It sounds like it's not very safe, but on the other hand, glibc doesn't
really care?

-- 
Kees Cook
Ubuntu Security Team
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Thu Oct 2, 8:16 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 2:00 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 1:50 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 3:26 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 6:07 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Mon Oct 6, 7:58 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 8:31 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 8:57 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 9:44 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 9:51 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 8:08 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:28 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 6:01 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:19 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 7:29 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:44 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Thu Oct 2, 8:52 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:15 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Fri Oct 3, 4:22 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Jakub Jelinek, (Thu Oct 2, 8:43 pm)

[PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:29 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Arjan van de Ven, (Fri Oct 3, 1:57 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Fri Oct 3, 2:25 am)

[PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 10:50 am)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Jakub Jelinek, (Fri Oct 3, 10:57 am)

[PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 1:33 pm)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Fri Oct 3, 1:41 pm)

[PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 1:59 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Andrew Morton, (Tue Oct 21, 4:01 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Tue Oct 21, 4:22 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Andrew Morton, (Mon Oct 27, 1:46 am)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Sat Oct 18, 1:42 am)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Fri Oct 3, 10:56 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:25 am)

Navigation

Popular discussions


linux-kernel:
Greg Kroah-Hartman	[PATCH 001/196] Chinese: Add the known_regression URI to the HOWTO
Tarkan Erimer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
James Bottomley	Re: Integration of SCST in the mainstream Linux kernel
Robin Lee Powell	NFS hang + umount -f: better behaviour requested.
git:

linux-netdev:
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Natalie Protasevich	[BUG] New Kernel Bugs
Gerrit Renker	[PATCH 18/37] dccp: Support for Mandatory options
openbsd-misc:

Colocation donated by:

Who's online

There are currently 3 users and 802 guests online.

Online users

Syndicate