Re: [PATCH] mm: Add the ram_latent_entropy kernel parameter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 11/08/16 08:28, Kees Cook wrote:
> From: Emese Revfy <re.emese@xxxxxxxxx>
> 
> When "ram_latent_entropy" is passed on the kernel command line, entropy
> will be extracted from up to the first 4GB of RAM while the runtime memory
> allocator is being initialized. This entropy isn't cryptographically
> secure, but does help provide additional unpredictability on otherwise
> low-entropy systems.
> 
> Based on work created by the PaX Team.
> 
> Signed-off-by: Emese Revfy <re.emese@xxxxxxxxx>
> [kees: renamed parameter, dropped relationship with plugin, updated log]
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> ---
> This patch has been extracted from the latent_entropy gcc plugin, as
> suggested by Linus: https://lkml.org/lkml/2016/8/8/840
> ---
>  Documentation/kernel-parameters.txt |  5 +++++
>  mm/page_alloc.c                     | 21 +++++++++++++++++++++
>  2 files changed, 26 insertions(+)
> 
> diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
> index 46c030a49186..9d054984370f 100644
> --- a/Documentation/kernel-parameters.txt
> +++ b/Documentation/kernel-parameters.txt
> @@ -3245,6 +3245,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
>  	raid=		[HW,RAID]
>  			See Documentation/md.txt.
>  
> +	ram_latent_entropy
> +			Enable a very simple form of latent entropy extraction
> +			from the first 4GB of memory as the bootmem allocator
> +			passes the memory pages to the buddy allocator.
> +
>  	ramdisk_size=	[RAM] Sizes of RAM disks in kilobytes
>  			See Documentation/blockdev/ramdisk.txt.
>  
> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> index fb975cec3518..1de94f0ff29d 100644
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -64,6 +64,7 @@
>  #include <linux/page_owner.h>
>  #include <linux/kthread.h>
>  #include <linux/memcontrol.h>
> +#include <linux/random.h>
>  
>  #include <asm/sections.h>
>  #include <asm/tlbflush.h>
> @@ -1236,6 +1237,15 @@ static void __free_pages_ok(struct page *page, unsigned int order)
>  	local_irq_restore(flags);
>  }
>  
> +bool __meminitdata ram_latent_entropy;
> +
> +static int __init setup_ram_latent_entropy(char *str)
> +{
> +	ram_latent_entropy = true;
> +	return 0;
> +}
> +early_param("ram_latent_entropy", setup_ram_latent_entropy);
> +
>  static void __init __free_pages_boot_core(struct page *page, unsigned int order)
>  {
>  	unsigned int nr_pages = 1 << order;
> @@ -1251,6 +1261,17 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
>  	__ClearPageReserved(p);
>  	set_page_count(p, 0);
>  
> +	if (ram_latent_entropy && !PageHighMem(page) &&
> +		page_to_pfn(page) < 0x100000) {
> +		u64 hash = 0;
> +		size_t index, end = PAGE_SIZE * nr_pages / sizeof(hash);
> +		const u64 *data = lowmem_page_address(page);
> +
> +		for (index = 0; index < end; index++)
> +			hash ^= hash + data[index];

Won't the hash be the same across boots? Is this entropy addition for
KASLR, since it is so early in boot?q

> +		add_device_randomness((const void *)&hash, sizeof(hash));
> +	}
> +
>  	page_zone(page)->managed_pages += nr_pages;
>  	set_page_refcounted(page);
>  	__free_pages(page, order);
> 


Balbir Singh

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]