tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kaslr: better rng
On Tue, Nov 14, 2017 at 02:25:00PM +0100, Maxime Villard wrote:
> Le 11/11/2017 ?? 22:23, Taylor R Campbell a ??crit :
> > Can you just use the SHA1 in libkern (and the SHA3 that will with any
> > luck soon be in libkern), or are there constraints on the size of the
> > prekern that prevent you from doing so?
>
> No, there are no constraints. I just didn't know we could use libkern. So you
> can forget about my prng.c, I'll use libkern's SHA512 until we have SHA3.
>
>
> Le 12/11/2017 ?? 03:13, Thor Lancelot Simon a ??crit :
> > cpu_rng already has the code needed to do this -- best to use it, perhaps?
>
> This would mean moving cpu_rng into libkern?
Maybe so. I guess there is MD stuff in libkern already. Only thing is,
looking at the code to remind myself what I did, it relies on our cpu_features
mechanism. But if you look at the code, it's very, very simple, just a
few lines really to do the work -- in this very particular case perhaps you
would be justified to duplicate it.
Or -- it's tiny -- grab the Intel sample code examples from
https://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide
which include a tiny CPU feature prober and a little bit of glue around
RDRAND and RDSEED. You can discard almost all the glue, or even just use
the Intel code (3-clause BSD licensed) as an example of how to probe the
feature bits.
The right thing to do I would think is to is use RDSEED if you have it;
if you don't have it, or if it fails, use RDRAND. If you don't have either,
I guess use the TSC to key your hash function. If you don't have that,
the RTC clock... just a few inb()/outb() to read it, and it's better than
nothing.
Here is something else you can use with only a fairly small amount of
MD code -- the processor temperature sensor on most Intel CPUs made since
around 2009. As you can see from x86/x86/coretemp.c, it's just a couple
of MSR reads - the probe may be the hard part.
--
Thor Lancelot Simon tls%panix.com@localhost
"The two most common variations translate as follows:
illegitimi non carborundum = the unlawful are not silicon carbide
illegitimis non carborundum = the unlawful don't have silicon carbide."
Home |
Main Index |
Thread Index |
Old Index