From: david.keisarschm@mail.huji.ac.il
To: linux-kernel@vger.kernel.org, Christoph Lameter <cl@linux.com>,
Pekka Enberg <penberg@kernel.org>,
David Rientjes <rientjes@google.com>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Andrew Morton <akpm@linux-foundation.org>,
Vlastimil Babka <vbabka@suse.cz>,
Roman Gushchin <roman.gushchin@linux.dev>,
Hyeonggon Yoo <42.hyeyoo@gmail.com>
Cc: Jason@zx2c4.com, linux-mm@kvack.org,
David Keisar Schmidt <david.keisarschm@mail.huji.ac.il>,
aksecurity@gmail.com, ilay.bahat1@gmail.com
Subject: [PATCH v4 2/3] slab_allocator: mm/slab_common.c: Replace invocation of weak PRNG
Date: Fri, 13 Jan 2023 23:37:45 +0200 [thread overview]
Message-ID: <fa85216179a1e3ce104a1b3526a01626f0af0024.1673470326.git.david.keisarschm@mail.huji.ac.il> (raw)
In-Reply-To: <cover.1673470326.git.david.keisarschm@mail.huji.ac.il>
From: David Keisar Schmidt <david.keisarschm@mail.huji.ac.il>
The Slab allocator randomization inside slab_common.c uses the prandom_u32 PRNG.
That was added to prevent attackers to obtain information on the heap state.
However, this PRNG turned out to be weak, as noted in commit c51f8f88d705
To fix it, we have changed the invocation of prandom_u32_state to get_random_u32
to ensure the PRNG is strong.
Since a modulo operation is applied right after that,
in the Fisher-Yates shuffle, we used get_random_u32_below, to achieve uniformity.
Signed-off-by: David Keisar Schmidt <david.keisarschm@mail.huji.ac.il>
---
Changes since v3:
* edited commit message.
Changes since v2:
* replaced instances of get_random_u32 with get_random_u32_below
in mm/slab_common.c.
mm/slab_common.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/mm/slab_common.c b/mm/slab_common.c
index 0042fb273..e254b2f55 100644
--- a/mm/slab_common.c
+++ b/mm/slab_common.c
@@ -1130,7 +1130,7 @@ EXPORT_SYMBOL(kmalloc_large_node);
#ifdef CONFIG_SLAB_FREELIST_RANDOM
/* Randomize a generic freelist */
-static void freelist_randomize(struct rnd_state *state, unsigned int *list,
+static void freelist_randomize(unsigned int *list,
unsigned int count)
{
unsigned int rand;
@@ -1141,8 +1141,7 @@ static void freelist_randomize(struct rnd_state *state, unsigned int *list,
/* Fisher-Yates shuffle */
for (i = count - 1; i > 0; i--) {
- rand = prandom_u32_state(state);
- rand %= (i + 1);
+ rand = get_random_u32_below(i+1);
swap(list[i], list[rand]);
}
}
@@ -1151,7 +1150,6 @@ static void freelist_randomize(struct rnd_state *state, unsigned int *list,
int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count,
gfp_t gfp)
{
- struct rnd_state state;
if (count < 2 || cachep->random_seq)
return 0;
@@ -1160,10 +1158,7 @@ int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count,
if (!cachep->random_seq)
return -ENOMEM;
- /* Get best entropy at this stage of boot */
- prandom_seed_state(&state, get_random_long());
-
- freelist_randomize(&state, cachep->random_seq, count);
+ freelist_randomize(cachep->random_seq, count);
return 0;
}
--
2.38.0
next prev parent reply other threads:[~2023-01-13 21:37 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-13 21:33 [PATCH v4 0/3] Secure prandom_u32 invocations david.keisarschm
2023-01-13 21:35 ` [PATCH v4 1/3] slab_allocator: mm/slab.c: Replace invocation of weak PRNG david.keisarschm
2023-01-13 21:37 ` david.keisarschm [this message]
2023-01-13 21:39 ` [PATCH v4 3/3] x86 mm, x86 architecture (32-bit and 64-bit): arch/x86/mm/kaslr.c: Adds 64bits version of prandom_seed_state david.keisarschm
2023-01-14 2:10 ` H. Peter Anvin
[not found] ` <CAD0z2U1Y1CR_erAj+akPbVF2jxicdQKQfqWPc69fwL-rvSu_fQ@mail.gmail.com>
2023-01-17 23:50 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fa85216179a1e3ce104a1b3526a01626f0af0024.1673470326.git.david.keisarschm@mail.huji.ac.il \
--to=david.keisarschm@mail.huji.ac.il \
--cc=42.hyeyoo@gmail.com \
--cc=Jason@zx2c4.com \
--cc=akpm@linux-foundation.org \
--cc=aksecurity@gmail.com \
--cc=cl@linux.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=ilay.bahat1@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=penberg@kernel.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.