From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42551C77B61 for ; Sun, 16 Apr 2023 11:55:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 958906B0071; Sun, 16 Apr 2023 07:55:53 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9085B6B0074; Sun, 16 Apr 2023 07:55:53 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7CFA46B0075; Sun, 16 Apr 2023 07:55:53 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 6A6656B0071 for ; Sun, 16 Apr 2023 07:55:53 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 2B1A71401E6 for ; Sun, 16 Apr 2023 11:55:53 +0000 (UTC) X-FDA: 80687100186.25.E8E73BA Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by imf18.hostedemail.com (Postfix) with ESMTP id 5BFCF1C0007 for ; Sun, 16 Apr 2023 11:55:51 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=XoMq0EVW; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf18.hostedemail.com: domain of 42.hyeyoo@gmail.com designates 209.85.210.182 as permitted sender) smtp.mailfrom=42.hyeyoo@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681646151; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Y8KZ3r9X7m+frzkUk71abgu3pE7RU14Dc/ipsaHwcko=; b=gwFn2IRk2G6gDLJDyBUgi0w73eXUFch5uuWGVY7FkogqrtoQLvzSNh7Yb7YT3VdIOzdxWb FnFWd1LWBK0uOeebfvnV5F6bYls2Fkqee/eMIgQgtiM9qw29HSZJGSUFX3xqt0AEqSnNXY q1I4/DLPX2Y4DM9XF/pRi0RmANB1zKA= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=XoMq0EVW; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf18.hostedemail.com: domain of 42.hyeyoo@gmail.com designates 209.85.210.182 as permitted sender) smtp.mailfrom=42.hyeyoo@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681646151; a=rsa-sha256; cv=none; b=bxpyIy4JcdQlhHGFkloFursm00oNhc77Z4FHyAHDe84M6drUOkfXztMkoBvBGFqdtPmUI9 aCWYkvuaMR5D55uwAsnXzK1Ftvph0gQXZNPP8SovliturXMfOMqPdaTQGXx6nfLW/1GtB4 uiZbeAuuf8LAZuPCpN4qcJfxxuKaNVQ= Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-63b60365f53so897016b3a.0 for ; Sun, 16 Apr 2023 04:55:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681646150; x=1684238150; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=Y8KZ3r9X7m+frzkUk71abgu3pE7RU14Dc/ipsaHwcko=; b=XoMq0EVWI3nRgXwtqQFUyUpQLhUcLHer4Yo9nSw6D+lKunzd9B3jNIK72QJ5//v3MC AHLPlQr7B2ZErB4zHnCN8YstKDjk17SWcGzlw85VLT2hzPKugGKLPvwcZDj/4zN2lKdx RVIj5GTGwR1YeLaXGSi++0qJEwa0FGPg3JqdT7SXfnKqe6b6/iYHz549hUmsB6NGpGA7 K+0l2TtsYgNhBIuloGc5UyXr6vhrBSw/fpsF5BHjsK0CnpnAP5++BYMfp9SW+B3HcVTz X3N46a5zN4P1zIHLZfD6W13NuoCSAS6kC26fi0/KwwAKMMF3srCAr8Ld3MEv2h0XgJzT HRrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681646150; x=1684238150; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=Y8KZ3r9X7m+frzkUk71abgu3pE7RU14Dc/ipsaHwcko=; b=NkB0FZ4SYiZRovpPPk2HPbmvwEBRhC1oBGUbf6SfHNhgJvuYRbysUh2lHwt24+dgOR 93blaUaVzI60o6Q3/EYt1zLA2ZbHV1MVrdZMqZnKE7qiGTuniiXjEuo5qfG20JipAmId DJ4fqBXhrd3Pi4ttjzmLDUsRF77kqwbmPxSaL9fWIraszalBLBlLeirUgqHhZ3uujC1x q92MlPOULAcVc+SX71COwZozsHUMZBcvnXQVbLDFv+KsNQZrVPU8az6P6T1e46iBK3zZ RhopF1hMieGnl0b/RKJeLMv2iB7K4qQr5UFu9tpMdrQSij93nGEShLwmzJpgF7jbFDac bSkg== X-Gm-Message-State: AAQBX9dl9c6WkPIv83hxIar4uo+giujJmT+NDjE73JL933+WiLvjIIPG 1rhsPbhvuWYLf1f6rVTeF0o= X-Google-Smtp-Source: AKy350ZwTAHDISNb23JdS5FOQLwjDaG3jTcMflOFrRkYG0ua5qimsZYO+gjQ3z/Y30C7TbgNhsjLcw== X-Received: by 2002:a05:6a00:1ac7:b0:63b:5f78:d6e1 with SMTP id f7-20020a056a001ac700b0063b5f78d6e1mr13277000pfv.16.1681646150178; Sun, 16 Apr 2023 04:55:50 -0700 (PDT) Received: from hyeyoo ([211.108.101.96]) by smtp.gmail.com with ESMTPSA id c2-20020aa78802000000b0063b7a0b9cc5sm2555924pfo.186.2023.04.16.04.55.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Apr 2023 04:55:49 -0700 (PDT) Date: Sun, 16 Apr 2023 20:55:39 +0900 From: Hyeonggon Yoo <42.hyeyoo@gmail.com> To: david.keisarschm@mail.huji.ac.il Cc: linux-kernel@vger.kernel.org, Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Jason@zx2c4.com, linux-mm@kvack.org, ilay.bahat1@gmail.com, aksecurity@gmail.com Subject: Re: [PATCH v5 2/3] Replace invocation of weak PRNG Message-ID: References: <20230415173650.5458-1-david.keisarschm@mail.huji.ac.il> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230415173650.5458-1-david.keisarschm@mail.huji.ac.il> X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 5BFCF1C0007 X-Stat-Signature: ijgm5ddhod4kzhiosx75oqbi8n5hrakw X-HE-Tag: 1681646151-489473 X-HE-Meta: U2FsdGVkX1/FNJ0vdCBRpQe+KD++QSg5YEw6Ukuq9XhLl2RL2zIm+mtnvSELg+PUnULQvorfe/hjR4LVi6Pg3N30S7RTg55aVX8qvFXf7umMXA2w61zviuONfQ9YEJ6MWk8ATtsXvrL9AuvQWGbfMd/p+e8H8u1Ty8y/m+ziVkXoX64RMBkcq9Omc7a8qgfROO1pYyYIslGRovyzmOf9V0Lxu/iR0RCELPdvsTAkBZa5zSrLUj4xQfiGDUIVl27fekA3nXMMycOdEYyHkvO4rEMKMW6Cya8u4C4VGbT5Phe/Z3KEOOT8QkAUsKRCgQ7V9gJQ6/qUI33iUVeqsQ6ZwWgNfRabEf4OL/i8T+rCMb2bNsxOxaUVvKUHQx1vxEXrO4BTgDzytsoJyqyxNRU5wvG2QYitT3ORfx2OvqkLorm8fik9KafDsfrexHKrOZyvwpMmyt02PN+cGfB0EgthgDnrGkkojRuysmDNdwIbDC8TijQ8pfa/cgtnWJa7iA5wT4ozWdSSs6RtW66kh6aCgIH9LLKRrGqOq0FG1ulD49okniwqnWPI3AFj3JGRbxpR+O+EOOAAWvTOqVBpdzSAm55jYYv0HXQMz0UxEAvevQ4dbe4ineJ0yQtYBfQVz0+Dj6SvMnoot404tT7pcB0beRid2FeR3JMgxgT4kL3txADlHO3c5z6EJ5XmdRro1n42mr56zEacyKLbtLwIYl12+dCbQJOwDJXKNIwc4q4/LhSO0ILmHkiendMKlBnJbpr4RrLU+plT82aeHwXaVpSNMIHX6a0QdircXa42V0hv87ovUBUzBIyQcrj1ey4ljyerHG3xsMONFujGl/s61yzQzS2YADTyWqvjCKN2kzObFVMlOEEMMiMiJ1NLUmqWEsviSrGVFPaTnjizDKVw03oxAz4DUfktji3iCN9Qd5zMlt370d6I/G81aGvxlfWz2g/8pTf0QIKIPSgBEoazDKT Y/lbjmP3 4YaR0bGJynYuSucM+ac935FgxfEgyg4zX41yq3jCnWTQaPDxC4p4G0TpOzBddcf3fnvMZqTllfVOKOOTckCY9QXI584Xv4NaNKCtk9ijzEVp8nX8E/mkH/vUfokM2Qi97jswk3GoEYK25YCPkKxsHtqNnPrRMB20Zxc/1HCHXIswQAA8OQQPduEf01PdsPjCGAx8iQDWOQfFlItFhjHZpI8fZF8y32Ckx3Bvo2ijPyMf/1cu07hKDrgxiEmXGl7w2ZvBVxdMgWrSnf3b/F9Yk4qXKRWIM9TatBOgVNIsvCAdYLTcQrFf43XWlcwI5bAcIAoITKgVea/g1hkVB1+XR5LNIy7uOYbiuftW8lwJ8kJBfGye/ibiMqIe6HNzgO7B8uvAjrAaaMwpt4XdJML22i8jEVLolH7jk8r/InC3C+xOA4TsUulkgmRN78iEBCRP0reZ7CaClZo1G0W4dHJBQ3y8FiDmwXWxsU8HQZxJASJnuSfLZeiI2GBMRIJLKjoAJQ7fst8QB1uyDRK8LuupZru3JP5rNywozmPEKLduaf4a4h9A= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Sat, Apr 15, 2023 at 08:36:49PM +0300, david.keisarschm@mail.huji.ac.il wrote: > From: David Keisar Schmidt > > The Slab allocator randomization inside slab_common.c > uses the prandom_u32 PRNG. That was added to prevent attackers to obtain > information on the heap state. > > However, this PRNG turned out to be weak, as noted in commit c51f8f88d705 > To fix it, we have changed the invocation of prandom_u32_state to get_random_u32 > to ensure the PRNG is strong. > > Since a modulo operation is applied right after that, > in the Fisher-Yates shuffle, we used get_random_u32_below, to achieve uniformity. > > Signed-off-by: David Keisar Schmidt > --- same comment for the subject line. > > This fifth series changes only the arch/x86/mm/kaslr patch. > > Changes since v3: > * edited commit message. > > Changes since v2: > > * replaced instances of get_random_u32 with get_random_u32_below > in mm/slab_common.c. > > mm/slab_common.c | 11 +++-------- > 1 file changed, 3 insertions(+), 8 deletions(-) > > diff --git a/mm/slab_common.c b/mm/slab_common.c > index bf4e777cf..361da2191 100644 > --- a/mm/slab_common.c > +++ b/mm/slab_common.c > @@ -1146,7 +1146,7 @@ EXPORT_SYMBOL(kmalloc_large_node); > > #ifdef CONFIG_SLAB_FREELIST_RANDOM > /* Randomize a generic freelist */ > -static void freelist_randomize(struct rnd_state *state, unsigned int *list, > +static void freelist_randomize(unsigned int *list, > unsigned int count) > { > unsigned int rand; > @@ -1157,8 +1157,7 @@ static void freelist_randomize(struct rnd_state *state, unsigned int *list, > > /* Fisher-Yates shuffle */ > for (i = count - 1; i > 0; i--) { > - rand = prandom_u32_state(state); > - rand %= (i + 1); > + rand = get_random_u32_below(i+1); same here. otherwise looks good to me. > swap(list[i], list[rand]); > } > } > @@ -1167,7 +1166,6 @@ static void freelist_randomize(struct rnd_state *state, unsigned int *list, > int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count, > gfp_t gfp) > { > - struct rnd_state state; > > if (count < 2 || cachep->random_seq) > return 0; > @@ -1176,10 +1174,7 @@ int cache_random_seq_create(struct kmem_cache *cachep, unsigned int count, > if (!cachep->random_seq) > return -ENOMEM; > > - /* Get best entropy at this stage of boot */ > - prandom_seed_state(&state, get_random_long()); > - > - freelist_randomize(&state, cachep->random_seq, count); > + freelist_randomize(cachep->random_seq, count); > return 0; > } > > -- > 2.37.3 >