From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 00EABC10F1E for ; Sun, 18 Dec 2022 18:19:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8B5D08E0002; Sun, 18 Dec 2022 13:19:12 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 8655A8E0001; Sun, 18 Dec 2022 13:19:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6311B8E0005; Sun, 18 Dec 2022 13:19:12 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 4381C8E0002 for ; Sun, 18 Dec 2022 13:19:12 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 0EA09120975 for ; Sun, 18 Dec 2022 18:19:12 +0000 (UTC) X-FDA: 80256238944.26.F17ED0E Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) by imf21.hostedemail.com (Postfix) with ESMTP id 625751C000D for ; Sun, 18 Dec 2022 18:19:10 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=mail.huji.ac.il header.s=mailhuji header.b=bIRi4qS0; spf=pass (imf21.hostedemail.com: domain of david.keisarschm@mail.huji.ac.il designates 209.85.221.50 as permitted sender) smtp.mailfrom=david.keisarschm@mail.huji.ac.il; dmarc=pass (policy=none) header.from=huji.ac.il ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1671387550; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pxOVYuVq/X+wMyFtAUZVP/vn8iM2+0/FONR0L0o4f6Y=; b=LGbjxW8mniB8E9U5Std35PsDjAuL2yBicWJ1C5m3Cn6WSNuxKWpdUxpJ0tWh9SzE8AiKma IdEpfV2DUwrjqNGTAqX2lQDO1qlv/DGdOz5IoZXG8KGzj2Vxdkjqz4soUzLDtuVW19vsO/ 7TujJ2bI/TyMOTzdmPSZx7vNC+f4aa8= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=mail.huji.ac.il header.s=mailhuji header.b=bIRi4qS0; spf=pass (imf21.hostedemail.com: domain of david.keisarschm@mail.huji.ac.il designates 209.85.221.50 as permitted sender) smtp.mailfrom=david.keisarschm@mail.huji.ac.il; dmarc=pass (policy=none) header.from=huji.ac.il ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1671387550; a=rsa-sha256; cv=none; b=G+QwAx8DBrwnFpiPLZwrB1ZaN44WlyuM0zS8E3flq1CtRD/rRQyCJYcP2n1YF6SWuhuO8x bKuCxqMjwIsEN3J4vBbavXbw06xTJ45+yXn5sLo4gfCIV+gmHF0tME8rt5GSYXwlmtHlxO l+Fy2PRkqn1r2M+NKwmg3Nr8VXJtrXo= Received: by mail-wr1-f50.google.com with SMTP id m14so6792853wrh.7 for ; Sun, 18 Dec 2022 10:19:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.huji.ac.il; s=mailhuji; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pxOVYuVq/X+wMyFtAUZVP/vn8iM2+0/FONR0L0o4f6Y=; b=bIRi4qS0xObNxq2NJbimJJbiscll/li4ZIHTuaFwaogZVUmw8PMIMTCT/P/wSMIFk7 1Slz2Mj8BFmP3NDbsxicq/Xi7En7reJxQkzZm7O6VbNhmctu5jbYAypz6DV+y/Be61/x r2mqKihv0VElhclr06/+OZ+jHAUwsSP3hHAbs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pxOVYuVq/X+wMyFtAUZVP/vn8iM2+0/FONR0L0o4f6Y=; b=A4ncJKv9j/cM0NRSslXPz0c4OcoQOz2RC/6a9sm5C2uYOBE53+vPOQ8HQErCrlWQY0 pxpnDAbw1JQDz2NdMLVG6r/pdDwHW8CiecmEnThPPNklpjZwK/T6PDN2XVGPtXXvAPNP nLaF7J6yFg7zsohYF39qhCUkuBYKdndjGsXKlcOGuffqEoNRXrFEloUVqzh7jWzEyeKT OEdioT7KknfXKNLhCPg/RI4TW+bShbcOMghf3qgQ4am/2Wx4EUglZvN3/32xAr1CF3Ug y8lorjHKwHTFglWS5gnqfNKo8MnVHEROyZVRtXV5KygLI3TEQQ8M7kK0kuMKkrQ9gPgG jZcA== X-Gm-Message-State: ANoB5pmlmEASIbK4NnsExNOenBTEHri/JDxBe7zSp9tTk9JYZNUHtvCr WEjs2uPmzhKMR+1aSRx3YM/j2g== X-Google-Smtp-Source: AA0mqf69tXac6Ox1a1XH9//n3JRRS4LTfzZGXQAYlk5AfLKnbgNU1WSL10hQ4YUWlbCjwir8hfgz1Q== X-Received: by 2002:adf:a459:0:b0:242:798:53d9 with SMTP id e25-20020adfa459000000b00242079853d9mr34143700wra.40.1671387548998; Sun, 18 Dec 2022 10:19:08 -0800 (PST) Received: from MacBook-Pro-6.lan ([2a0d:6fc2:218c:1a00:c45e:1c4b:fab4:ee34]) by smtp.gmail.com with ESMTPSA id b13-20020a05600003cd00b0024cb961b6aesm7956489wrg.104.2022.12.18.10.19.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 18 Dec 2022 10:19:08 -0800 (PST) From: david.keisarschm@mail.huji.ac.il To: linux-kernel@vger.kernel.org, Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Jason@zx2c4.com, David Keisar Schmidt , aksecurity@gmail.com, ilay.bahat1@gmail.com, linux-mm@kvack.org Subject: [PATCH v3 2/3] Replace invocation of weak PRNG inside mm/slab_common.c Date: Sun, 18 Dec 2022 20:18:59 +0200 Message-Id: <7f67fa53597058abd8aeb586df91551b118c3527.1671277662.git.david.keisarschm@mail.huji.ac.il> X-Mailer: git-send-email 2.38.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 625751C000D X-Stat-Signature: eewjxyt3z4m5iy4emxmn3xkuz3xpzdbe X-Rspam-User: X-HE-Tag: 1671387550-599210 X-HE-Meta: U2FsdGVkX182l9anZtuK4MX91O1uvqt6PmlfXqmBY70ySpJ3aiC7il6+5CoTOPDAJ/7iBdzCRr0dEX/1Cq9qwufnjUirjjcxspTJHjKDrRfxhVUMtMW371zyX11I0o7nF0pWq30qnkB7ZPYKkKscP4EYT+euS77Q4ou92pw5Xy6QTOAfZ+L4znfPfq/Q3FcqreYIyv0bJwjMTcoY/9DK/L4BXFmtekNoE+VJSe2yzq/dU5WFTIXWzPeuo/GE2JXRVonJRpFgdhin6Q2s1I85rGblTxYmvfoDRsm2KzxomanrwflRHMLWYGe+O4Y4+UrYKal2vCPnxTPmyF0HOf41HK0yf99BY3pxcWD6QR15cImZAzHCqtC/ylFCX28TZJqkmJcECS9dyZizm51lBg9vvfkF4o4W/PoHv2Dixb0wiXyxnWzRg/r7bVThA6ZAyXvtlPLIFVCI5t0vW7NFVcZmNc8sEReAoiYDn3+pTzNhA7ALETdp7g36Gg3SBPXDzMD82BLuhjM0y9fCiyW67qaee3DDz2wR6B4X7PCXIwAO4FFZ10pMfDD6GF7tVFVHmbSKtEgOmi77K84Jf+A5TUYBCTAy3Wky2mHGNXrcY6UiO3vAhkzBaxe2K56uvNmw5JUfRCni/8zCnX89VSfS6R5lqLIBBe1yRlxgDmlUzTBLEf2hJDwmz4opD3p1IDeavJvvKxm2shWhda9svlfrJZP6jxRJuShPO6WnIVKtb5eUtmjJUpVp4S8NxpKy3lI3OL/CyC2mxoJPMq1G3prx4p5IhR0BbFvdEFr4WazftBoXW1LvuoWK7DzcO0JVPzh4kMZFugIgrda2d+g6enK1wnSgwM6mlps56F59+n0EVBzmO/C/i8t6514BWUuQn3byibOJoBM5pxgb9MyluT2K8EF8JaVj0u+XLd+lRYztUpdc4sfluGqH6MHcd/CArqn+oYU2ym0GAa6YnC80qfVetV6 prprNVgX Xh4TgsbCpUTML27AoNlK62tdnhAMIWX3MiWZmAeMaqh0iT3dCqPQV4rMaq3B4Sv5IrGAK1RgMWFW22gezlTGx9cDvChY+6zxrf+AbRU8pIRSpL3Oe0LSO3Kvja+PQnTzVto3ghI1L3em3b928PUXBM7fMj/O8Ig0w9jn3xX1N2gDQ/6gKS/yqqHfZEhJEWDSOT+UOf0lRLuRAyAbSNfJlp5IAMKjrJHq/b+f1YmaTr+cTNq9ouXoLMDCiqW1q/bnw2wNdDawvVPST09s= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: David Keisar Schmidt This third series add some changes to the commit messages, and also replaces get_random_u32 with get_random_u32_below, in a case a modulo operation is done on the result. The Slab allocator randomization inside slab_common.c uses the prandom_u32 PRNG. That was added to prevent attackers to obtain information on the heap state. However, this PRNG turned out to be weak, as noted in commit c51f8f88d705 To fix it, we have changed the invocation of prandom_u32_state to get_random_u32 to ensure the PRNG is strong. Since a modulo operation is applied right after that, in the Fisher-Yates shuffle, we used get_random_u32_below, to achieve uniformity. # Changes since v2 * edited commit message. * replaced instances of get_random_u32 with get_random_u32_below in mm/slab_common.c. Signed-off-by: David Keisar Schmidt --- mm/slab_common.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/mm/slab_common.c b/mm/slab_common.c index 0042fb273..e254b2f55 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1130,7 +1130,7 @@ EXPORT_SYMBOL(kmalloc_large_node); #ifdef CONFIG_SLAB_FREELIST_RANDOM /* Randomize a generic freelist */ -static void freelist_randomize(struct rnd_state *state, unsigned int *list, +static void freelist_randomize(unsigned int *list, unsigned int count) { unsigned int rand; @@ -1141,8 +1141,7 @@ static void freelist_randomize(struct rnd_state *state, unsigned int *list, /* Fisher-Yates shuffle */ for (i = count - 1; i > 0; i--) { - rand = prandom_u32_state(state); - rand %= (i + 1); + rand = get_random_u32_below(i+1); swap(list[i], list[rand]); } } @@ -1151,7 +1150,6 @@ static void freelist_randomize(struct rnd_state *state, unsigned int *list, int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count, gfp_t gfp) { - struct rnd_state state; if (count < 2 || cachep->random_seq) return 0; @@ -1160,10 +1158,7 @@ int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count, if (!cachep->random_seq) return -ENOMEM; - /* Get best entropy at this stage of boot */ - prandom_seed_state(&state, get_random_long()); - - freelist_randomize(&state, cachep->random_seq, count); + freelist_randomize(cachep->random_seq, count); return 0; } -- 2.38.0