Overwrittting AT_RANDOM after use (was Re: arc4random - are you sure we want these?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Le 25/07/2022 à 14:39, Florian Weimer a écrit :

* Jason A. Donenfeld via Libc-alpha:

  (After all, I didn't see any wild-n-crazy fallback
to AT_RANDOM like what systemd does with random-util.c:
https://github.com/systemd/systemd/blob/main/src/basic/random-util.c )
I had some patches with AT_RANDOM fallback, including overwriting
AT_RANDOM with output from the seeded PRNG.  It's certainly messy.  I
probably didn't bother to post these patches given how bizarre the whole
thing was.


It's not that bizarre as I have some patches too: I tried to harden the way stack_chk_guard and pointer_chk_guard were computed.
Those values are currently generated from slices of AT_RANDOM by the loader.


But I've seen in the wild program reusing AT_RANDOM, thus possibily leaking stack_chk_guard and pointer_chk_guard values.


Having a proper (CS)PRNG in the loader, initialized from AT_RANDOM, that overwrites AT_RANDOM (with fresh entropy if possible) after initialization, would improve programs abusing AT_RANDOM purpose.


Regards.


--

Yann Droneaud

OPTEYA





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux