Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall

From: Kees Cook
Date: Wed May 29 2019 - 14:40:50 EST

Next message: Gwendal Grignou: "Re: [PATCH v5] mfd: cros_ec_dev: Register cros_ec_accel_legacy driver as a subdevice"
Previous message: Nathan Chancellor: "Re: [PATCH v3 1/2] dma-contiguous: Abstract dma_{alloc,free}_contiguous()"
In reply to: Kees Cook: "Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 29, 2019 at 10:13:43AM +0000, Reshetova, Elena wrote:
> On related note: the current prng we have in kernel (prandom) is based on a
> *very old* style of prngs, which is basically 4 linear LFSRs xored together.
> Nowadays, we have much more powerful prngs that show much better
> statistical and even security properties (not cryptographically secure, but still
> not so linear like the one above).
> What is the reason why we still use a prng that is couple of decades away from the
> state of art in the area? It is actively used, especially by network stack,
> should we update it to smth that is more appropriate (speed would be comparable)?
>
> I am mostly talking about PCG-based generators:
> http://www.pcg-random.org/
>
> If people are interested, I could put together a PoC and we have an expert here we can
> consult for providing calculations for min-entropy, HILL entropy and whatever
> is requested.

If we get better generators with no speed loss, I can't imagine anyone
objecting. :)

--
Kees Cook

Next message: Gwendal Grignou: "Re: [PATCH v5] mfd: cros_ec_dev: Register cros_ec_accel_legacy driver as a subdevice"
Previous message: Nathan Chancellor: "Re: [PATCH v3 1/2] dma-contiguous: Abstract dma_{alloc,free}_contiguous()"
In reply to: Kees Cook: "Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]