From: Laura Abbott <laura@labbott.name>
To: kernel-hardening@lists.openwall.com,
Emese Revfy <re.emese@gmail.com>,
Kees Cook <keescook@chromium.org>,
PaX Team <pageexec@freemail.hu>
Cc: Brad Spengler <spender@grsecurity.net>,
Greg KH <gregkh@linuxfoundation.org>,
Theodore Tso <tytso@google.com>,
Josh Triplett <josh@joshtriplett.org>
Subject: Re: [kernel-hardening] Re: Proposal for kernel self protection features
Date: Mon, 9 Nov 2015 10:07:25 -0800 [thread overview]
Message-ID: <5640E0DD.6040107@labbott.name> (raw)
In-Reply-To: <563F4A78.21151.23C6852D@pageexec.freemail.hu>
On 11/8/15 5:13 AM, PaX Team wrote:
> On 6 Nov 2015 at 15:30, Kees Cook wrote:
>>> * latent_entropy: This plugin generates some entropy from program state
>>> throughout the uptime of the kernel. It has small performance loss.
>>> The plugin uses an attribute which can be
>>> on a function (to extract entropy beyond init functions) or on a
>>> variable (to initialize it with a random number generated at compile time)
>>
>> How large is the entropy extracted during early init? I bet a lot of
>> architectures would rejoice to have this available. (CCing Ted for
>> thoughts.)
>
> that's a good question nobody can answer unfortunately. thing is, this
> kind of instrumentation essentially builds a PRNG whose internal structure
> reflects the control flow of instrumented kernel functions, i.e., it's not
> something anyone can describe and analyze because of its size and dynamic
> nature (think loops with variable number of rounds, interrupts, etc).
>
> what one can do is measure the number of states the PRNG can end up in say
> right after boot and see how wide and uniform the distribution of states
> is. at the time i developed this plugin i ran a few tests on an allnoconfig
> amd64 kernel under qemu/kvm and even that environment produced a few bits
> of entropy (i.e., more than one state). however this kind of testing can
> scale only so far, e.g., to establish that say 30 bits of entropy can be
> generated this way by the time init is called, one would have to boot the
> kernel billions of times already...
>
I took a look at something closely related sometime ago[1] for
ARM DT based targets. The stack canary was always the same because
it was early enough no entropy was being added and there's no standard
RNG. This series proposed allowing entropy to be read out of the DT.
This still relied on reliable entropy being added to the DT somehow.
Ultimately, I never followed up and this still seems to be an issue.
The out of tree solution which was never submitted was to make a call
to the hwrng very early to seed the pool. This was very SoC specific
though. At the time I wrote the patches, I didn't look to see what
Pax/GrSec might have had to address the issue.
Thanks,
Laura
[1]http://thread.gmane.org/gmane.linux.kernel/1646202/focus=61628
next prev parent reply other threads:[~2015-11-09 18:07 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-06 22:55 [kernel-hardening] Proposal for kernel self protection features Emese Revfy
2015-11-06 23:30 ` [kernel-hardening] " Kees Cook
2015-11-07 0:25 ` Josh Triplett
2015-11-07 2:46 ` Greg KH
2015-11-07 4:16 ` Kees Cook
2015-11-07 5:42 ` Josh Triplett
2015-11-07 22:07 ` Emese Revfy
2015-11-08 8:21 ` Josh Triplett
2015-11-08 11:28 ` Emese Revfy
2015-11-08 9:27 ` Alyssa Milburn
2015-11-08 14:09 ` PaX Team
2015-11-07 21:58 ` Emese Revfy
2015-11-08 9:58 ` David Sterba
2015-11-08 17:15 ` Greg KH
2015-11-07 12:41 ` Ard Biesheuvel
2015-11-08 10:09 ` Mathias Krause
2015-11-07 21:42 ` Emese Revfy
2015-11-08 8:37 ` Josh Triplett
2015-11-07 21:34 ` Emese Revfy
2015-11-08 6:40 ` Kees Cook
2015-11-11 13:32 ` Paolo Bonzini
2015-11-12 12:22 ` PaX Team
2015-11-12 12:36 ` Paolo Bonzini
2015-11-13 2:08 ` Emese Revfy
2015-11-08 13:13 ` PaX Team
2015-11-09 18:07 ` Laura Abbott [this message]
2015-11-09 18:28 ` Jason Cooper
2015-11-09 18:33 ` Jason Cooper
2015-11-09 18:57 ` Valdis.Kletnieks
2015-11-09 19:02 ` Jason Cooper
2015-11-09 19:11 ` Theodore Tso
2015-11-09 20:06 ` Josh Triplett
2015-11-09 21:07 ` Jason Cooper
2015-11-09 21:09 ` Jason Cooper
2015-11-09 21:13 ` Matthew Garrett
2015-11-10 10:42 ` Yves-Alexis Perez
2015-11-10 10:47 ` Marcus Meissner
2015-11-10 11:24 ` Yves-Alexis Perez
2015-11-09 18:32 ` Theodore Tso
2015-11-11 3:41 ` PaX Team
2015-11-09 21:52 ` Kees Cook
2015-11-09 23:09 ` PaX Team
2016-01-19 18:11 ` Kees Cook
2016-01-19 21:20 ` Emese Revfy
2016-01-19 23:08 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5640E0DD.6040107@labbott.name \
--to=laura@labbott.name \
--cc=gregkh@linuxfoundation.org \
--cc=josh@joshtriplett.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=pageexec@freemail.hu \
--cc=re.emese@gmail.com \
--cc=spender@grsecurity.net \
--cc=tytso@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.