RE: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall

From: David Laight
Date: Wed May 29 2019 - 06:55:13 EST

Next message: Jonas Karlman: "[PATCH] media: dt-bindings: rockchip: Document RK3328 VPU binding"
Previous message: Robin Murphy: "Re: [RFC 4/7] arm64: pmu: Add function implementation to update event index in userpage."
In reply to: Reshetova, Elena: "RE: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Next in thread: Kees Cook: "Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Reshetova, Elena
> Sent: 29 May 2019 11:14
....
> On related note: the current prng we have in kernel (prandom) is based on a
> *very old* style of prngs, which is basically 4 linear LFSRs xored together.

I'm no expert here (apart from some knowledge of LFRS/CRC) but
even adding the results of the 4 LFSR (instead of xor) will make
the generator much more secure (aka computationally expensive to
reverse) without affecting the randomness or repeat cycle.

FWIW if you are going to merge LFRS you probably want to clock
them different numbers of times (+ve or -ve) otherwise the
output 'mostly' shifts one bit per clock and the same bits
tend to get merged.

David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Next message: Jonas Karlman: "[PATCH] media: dt-bindings: rockchip: Document RK3328 VPU binding"
Previous message: Robin Murphy: "Re: [RFC 4/7] arm64: pmu: Add function implementation to update event index in userpage."
In reply to: Reshetova, Elena: "RE: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Next in thread: Kees Cook: "Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]