From: Kees Cook <keescook@chromium.org> To: Linus Torvalds <torvalds@linux-foundation.org>, "Tobin C. Harding" <me@tobin.cc>, "Ted Ts'o" <tytso@mit.edu> Cc: Steven Rostedt <rostedt@goodmis.org>, Anna-Maria Gleixner <anna-maria@linutronix.de>, Linux Kernel Mailing List <linux-kernel@vger.kernel.org>, "Jason A. Donenfeld" <Jason@zx2c4.com> Subject: Re: Hashed pointer issues Date: Mon, 30 Apr 2018 12:16:45 -0700 Message-ID: <CAGXu5jKbagUs7cS5y6zRQkgiA0tnD7K0FajwA1Gt+ZCPrc2jfQ@mail.gmail.com> (raw) In-Reply-To: <CA+55aFyreOY8uzOkkDkU=WttNfbH2_6nStfsm9j2T6F5ZyntHg@mail.gmail.com> On Mon, Apr 30, 2018 at 12:00 PM, Linus Torvalds <torvalds@linux-foundation.org> wrote: > On Mon, Apr 30, 2018 at 11:38 AM Kees Cook <keescook@chromium.org> wrote: > >> Something like this? (Untested.) > > Looks workable. > >> + /* If we have hw RNG, start hashing immediately. */ >> + if (arch_has_random()) { >> + get_random_bytes_arch(&ptr_key, sizeof(ptr_key)); >> + ptr_key_ready(); >> + return 0; >> + } > > Small tweak: you should check the return value of get_random_bytes_arch(), > because in theory it can fail. > > Sadly, that's not actually how get_random_bytes_arch() really works - it > falls back on "get_random_bytes()" on failure instead, which is explicitly > against the whole point here. I just noticed: there are _no_ users of get_random_bytes_arch() ... didn't we once use it to feed entropy to the CRNG? > So I think it would need some tweaking, with a new function entirely > (get_random_bytes_arch() with a failure return for "cannot fill buffer"). > > But that would be just a few more lines, because we could make the existing > get_random_bytes_arch() just use the failure-case thing. > > So add a "get_hw_random_bytes()" that does that same loop in > get_random_bytes_arch(), but returns the number of bytes it filled in. > > Then get_random_bytes_arch() turns into > > got = get_hw_random_bytes(p, nbytes); > if (got < nbytes) > get_random_bytes(p+got, nbytes-got); > > and the initialize_ptr_random() use would be something like > > if (get_hw_random_bytes(&ptr_key, sizeof(ptr_key)) == sizeof(ptr_key)) { > ptr_key_ready(); > return 0; > } > > Hmm? > > Maybe we could call the "get_hw_random_bytes()" something like > "get_early_random_bytes()" and the "use HW for it" is purely an > implementation detail? Yeah, and if we add __must_check, I think this should be fine. Ted, any thoughts on this? Tobin, is this something you've got time to implement and test? -Kees -- Kees Cook Pixel Security
next prev parent reply index Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-04-30 15:50 Anna-Maria Gleixner 2018-04-30 16:11 ` Kees Cook 2018-04-30 16:31 ` Linus Torvalds 2018-04-30 16:41 ` Steven Rostedt 2018-04-30 16:57 ` Linus Torvalds 2018-04-30 17:01 ` Linus Torvalds 2018-04-30 17:06 ` Randy Dunlap 2018-04-30 17:12 ` Linus Torvalds 2018-05-01 7:05 ` tcharding 2018-05-03 8:41 ` Geert Uytterhoeven 2018-04-30 18:38 ` Kees Cook 2018-04-30 19:00 ` Linus Torvalds 2018-04-30 19:16 ` Kees Cook [this message] 2018-04-30 20:01 ` Linus Torvalds 2018-04-30 20:07 ` Linus Torvalds 2018-04-30 21:23 ` Tobin C. Harding
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CAGXu5jKbagUs7cS5y6zRQkgiA0tnD7K0FajwA1Gt+ZCPrc2jfQ@mail.gmail.com \ --to=keescook@chromium.org \ --cc=Jason@zx2c4.com \ --cc=anna-maria@linutronix.de \ --cc=linux-kernel@vger.kernel.org \ --cc=me@tobin.cc \ --cc=rostedt@goodmis.org \ --cc=torvalds@linux-foundation.org \ --cc=tytso@mit.edu \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
LKML Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git git clone --mirror https://lore.kernel.org/lkml/9 lkml/git/9.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \ linux-kernel@vger.kernel.org public-inbox-index lkml Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel AGPL code for this site: git clone https://public-inbox.org/public-inbox.git