Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall

From: Peter Zijlstra
Date: Tue Apr 16 2019 - 12:07:46 EST

Next message: Lubomir Rintel: "Re: [PATCH] etnaviv: allow building on MMP"
Previous message: Daniel Lezcano: "Re: [PATCH v4 01/11] clocksource: davinci-timer: new driver"
In reply to: Theodore Ts'o: "Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Next in thread: Reshetova, Elena: "RE: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 16, 2019 at 11:43:49AM -0400, Theodore Ts'o wrote:
> If it's x86 specific, maybe the simplest thing to do is to use RDRAND
> if it exists, and fall back to something involving a TSC and maybe
> prandom_u32 (assuming on how bad you think the stack leak is going to
> be) if RDRAND isn't available?

>From https://lkml.kernel.org/r/20190320072715.3857-1-elena.reshetova@xxxxxxxxx

Performance:

1) lmbench: ./lat_syscall -N 1000000 null
base: Simple syscall: 0.1774 microseconds
random_offset (rdtsc): Simple syscall: 0.1803 microseconds
random_offset (rdrand): Simple syscall: 0.3702 microseconds

2) Andy's tests, misc-tests: ./timing_test_64 10M sys_enosys
base: 10000000 loops in 1.62224s = 162.22 nsec / loop
random_offset (rdtsc): 10000000 loops in 1.64660s = 164.66 nsec / loop
random_offset (rdrand): 10000000 loops in 3.51315s = 351.32 nsec / loop

Basically, RDRAND is frigging slow...

Next message: Lubomir Rintel: "Re: [PATCH] etnaviv: allow building on MMP"
Previous message: Daniel Lezcano: "Re: [PATCH v4 01/11] clocksource: davinci-timer: new driver"
In reply to: Theodore Ts'o: "Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Next in thread: Reshetova, Elena: "RE: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]