From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01B7AC77B76 for ; Mon, 17 Apr 2023 15:26:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 825C68E0002; Mon, 17 Apr 2023 11:26:47 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7D5C28E0001; Mon, 17 Apr 2023 11:26:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 69D248E0002; Mon, 17 Apr 2023 11:26:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 596788E0001 for ; Mon, 17 Apr 2023 11:26:47 -0400 (EDT) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 31EE71C661E for ; Mon, 17 Apr 2023 15:26:47 +0000 (UTC) X-FDA: 80691260454.17.3439AF4 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by imf17.hostedemail.com (Postfix) with ESMTP id DB1C74000E for ; Mon, 17 Apr 2023 15:26:43 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=PNaUDVjp; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=sC8bwZv0; spf=pass (imf17.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.29 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681745204; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=kP1FEdt3fgTtl/pEyrGYUKu6csEc5th69ovw9D0Lbks=; b=OpVg7o146ZGj2jOHkLjwkfRWHPB9AQjFIao7sjujSe7L9Gqk5nEjhNDaHTZiBeri49m0pN 9/P+3BiYLsIkLEwre6RINamDQKqk9XKOAXJEAkhJpU4CKP1UEU6iRY7Wyp9bwZBBxZ5OQ4 bqPraLDLetsiNH6lLsLbTVZ3MuA+3do= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=PNaUDVjp; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=sC8bwZv0; spf=pass (imf17.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.29 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681745204; a=rsa-sha256; cv=none; b=dQ3rBk5n48jq+IcTaEJrvtSGejEoX5vaUasaaP09OI/lPU4CWlwZuL8Eqz4kgELtykIULf MmN+5u21mvSYWxrQ/ULiWrny4prvlHL6sWAAGm2Z9gSy32QBiK+KIvytAmKh7ArDn/TRHR RE1NutZwFcFGvx4KAVTL2YAsYSntz9o= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 1E59A1F86C; Mon, 17 Apr 2023 15:26:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1681745202; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kP1FEdt3fgTtl/pEyrGYUKu6csEc5th69ovw9D0Lbks=; b=PNaUDVjplalz7kjNZ5oPia5ylWVPvIVnD5RHI2g/dROObQCGPVZJfqPBmVBtqWDUCNx+H9 vm0rLbaPVj4o4gSRA4PG6cQEpOO7IIiWS72VKgxzn1NAZ/5LVTqFRbMIAJ/yrleZM4jlus f+PDu2KVzduScztiHjQ8p+FRI4NOb0U= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1681745202; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kP1FEdt3fgTtl/pEyrGYUKu6csEc5th69ovw9D0Lbks=; b=sC8bwZv0H+RTsIAkd8CFhA/cNu1fwTFyn+uIQ4d2KcpLxTExXfo6e2jKYFnBVORh1Eg8kr xIbGOTHX91Man1BQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id EF2951390E; Mon, 17 Apr 2023 15:26:41 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id q1fUOTFlPWSXNAAAMHmgww (envelope-from ); Mon, 17 Apr 2023 15:26:41 +0000 Message-ID: <20e3bfd8-851e-1e2a-76b5-7c705e4d1c3d@suse.cz> Date: Mon, 17 Apr 2023 17:26:41 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH v6 0/3] Replace invocations of prandom_u32() with get_random_u32() and siphash Content-Language: en-US To: david.keisarschm@mail.huji.ac.il, linux-kernel@vger.kernel.org Cc: Jason@zx2c4.com, linux-mm@kvack.org, akpm@linux-foundation.org, 42.hyeyoo@gmail.com, mingo@redhat.com, hpa@zytor.com, keescook@chromium.org, ilay.bahat1@gmail.com, aksecurity@gmail.com References: <20230416172158.13133-1-david.keisarschm@mail.huji.ac.il> From: Vlastimil Babka In-Reply-To: <20230416172158.13133-1-david.keisarschm@mail.huji.ac.il> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: DB1C74000E X-Stat-Signature: eabt9rgimadh49sjsuerufezhjudawk6 X-HE-Tag: 1681745203-813923 X-HE-Meta: U2FsdGVkX19mDwbjZZCjUprblyDTFcKHw7NoX7aIR3br/CxlV02V6+1a4i13gEQSuWYGOP99l1RKrJSO+XtYsR0BXVSuZkCzs3XUwDjl10gw9RCfyU3LvMFdqPjVQ5TfOwP4QdXb5oSxAVQYJQ/BOjSN+ahRLFyWciP6xF3i9IwGcOu5nNrIWHqsvgihFAfZo3qc7w5KupQ6Jb89siNCqjmVRz0R+HwlM0RvTyl8J125IAS35O8PPBI3+G1TSoN0N3ViAMaMVNXjBQQU394mt5+6TorE+QMipKPuO7q6CaFWp1wN75PoF0R/MZdBwYo+A/ZBSYTGY/hGmMC0JqoruoPEGn2rY7QVXAbZw4gt3M8h7NT5jx8UCsLFEX7orrCMPJHzUbgYJVxM8CCe8XVUpvdr+LsyAW4IJ3/+LChxBMHDeym6chj6lTBmlKO9SP3cfzjBb4jZxmK5HKTEV+1zqoOUpnNJnAjI8s9I5TuUzhuHdc57TUZt/UECaIxq4kLhCPD+ljSv3wWaMF8FVHT9GMH9Hh2CIMJrXroeIjJycQy2qeVEH/JZljZiJke+euR30f0k2WnpfZC3EstS5R5pKCrPcB58AdWnphimPkQwfBRMpoTx72a4T1Jlc8afP8l4liiZYAc+gyQLu0Y99iJInjoyxJrNry0CA9q+270QJIKzXhyF6HJwzSfzPi7CFMIDs/7bP5tmHKgb1APKAtQOIGEbwDBdyihiYwcoeVaGX10kowzfYhOnI1WKOE4k+PpO9MvtdJj8Uuf1wEsCRaypKO7855AB3CNwaUBS34Wp0pcF8nWBv5nk5v4pJjHsaTrZS9JC5FglSoh321maglwXZWtjr9/dvERN8b/Ta0kxxwdcPD8pWidgr3Bv2lYHyBYi05evJia3znSBXnpjmRDp8tP4wp0z0imYLL6eLxmTkwYCSbwiTZWuJxBbeqfeS49zkUW34qFahJfUo9SEDsg Xa74yYT5 kwKEWEQf0ox1UnzSYWeIR0AdW8T4yG5yTFBJC6KbgMFAoTCUYCYExbR87q6+y4W1+ViYCAflH+NejNzyIwna4L3GEtpCe1/G2eIgMtDcAhcCK503RnY73bo8nxc4XBT2UVLb2mfDkcQ441CHyCqMINjJp4BZ64M7gSFRF0La/SurzjyRgbM6RmMIY/D8UmTxmjO/veqI4EUS043ZwQ01zD0yee/eo+kluVuVrcv/hycfXupwTmqmLm0rFx46/4KvcAhItNF7VpWB7MhdjanhoZg8nMbICr8gxHCuM+to3e7YWk5g8UKBsB8Jms+27ETVxio6ZA58QMtJ/MUG4EuQagAYQAjSm/be0d4PV22J/gDsRBVYRO1bPOOeuVo2URPYDz/Xy3Wvdj987rVk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 4/16/23 19:21, david.keisarschm@mail.huji.ac.il wrote: > From: David Keisar Schmidt Hi, btw, the threading of v5 and v6 seems broken, v4 was fine. I've added the patches 1+2 to slab tree for 6.5 (too late for 6.4 now): https://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab.git/log/?h=slab/for-6.5/prandom Thanks, Vlastimil > Hi, > > The security improvements for prandom_u32 done in commits c51f8f88d705 > from October 2020 and d4150779e60f from May 2022 didn't handle the cases > when prandom_bytes_state() and prandom_u32_state() are used. > > Specifically, this weak randomization takes place in three cases: > 1. mm/slab.c > 2. mm/slab_common.c > 3. arch/x86/mm/kaslr.c > > The first two invocations (mm/slab.c, mm/slab_common.c) are used to create > randomization in the slab allocator freelists. > This is done to make sure attackers can’t obtain information on the heap state. > > The last invocation, inside arch/x86/mm/kaslr.c, > randomizes the virtual address space of kernel memory regions. > Hence, we have added the necessary changes to make those randomizations stronger, > switching prandom_u32 instance to siphash. > > Changes since v5: > * Fixed coding style issues in mm/slab and mm/slab_common. > * Deleted irrelevant changes which were appended accidentally in > arch/x86/mm/kaslr. > > Changes since v4: > * Changed only the arch/x86/mm/kaslr patch. > In particular, we replaced the use of prandom_bytes_state and > prandom_seed_state with siphash inside arch/x86/mm/kaslr.c. > > Changes since v3: > * edited commit messages > > Changes since v2: > * edited commit message. > * replaced instances of get_random_u32 with get_random_u32_below > in mm/slab.c, mm/slab_common.c > > Regards, > > > David Keisar Schmidt (3): > mm/slab: Replace invocation of weak PRNG > mm/slab_common: Replace invocation of weak PRNG > arch/x86/mm/kaslr: use siphash instead of prandom_bytes_state > > arch/x86/mm/kaslr.c | 21 +++++++++++++++------ > mm/slab.c | 29 +++++++++-------------------- > mm/slab_common.c | 11 +++-------- > 3 files changed, 27 insertions(+), 34 deletions(-) >