On Tue, 14 Jun 2016 11:27:00 -0700 Kees Cook <keescook@xxxxxxxxxxxx> wrote: > On Mon, Jun 13, 2016 at 2:49 PM, Emese Revfy <re.emese@xxxxxxxxx> wrote: > > On Thu, 9 Jun 2016 14:51:45 -0700 > > Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > >> > + * gcc plugin to help generate a little bit of entropy from program state, > >> > + * used throughout the uptime of the kernel > >> > >> I think this comment needs a lot of expanding. What are all the ways > >> that this plugin makes changes to code? Things I think I see are: > >> pre-filling data variables with randomness, creating a local_entropy > >> variable (local to what?), mixing stack pointer (into what?), updating > >> latent_entropy global. > > > > I demonstrated the details here: > > https://github.com/ephox-gcc-plugins/latent_entropy/commit/049acd9f478d47ee6526d8e93ab8cfcc3ff91b13 > > That helps, thanks. Can you also mention how __latent_entropy changes > non-functions? (i.e. initializes them with random data.) > > Also, I think this isn't accurate: > > * local_entropy ^= get_random_long(); > > Looking at the disassembly, it seems that static random values (i.e. > randomly chosen at gcc runtime) are added, rather than making calls to > the kernel's get_random_long() function. The plugin doesn't insert calls to the kernel's get_random_long(). That was just an example (the plugin instrumentation would look like this in the kernel). I rewrote these calls to a random constant. -- Emese -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>