Question: Putting get_random_bytes in sys_open path

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

Consider this scenario where a session key is created
from the random number using get_random_bytes():

sys_open() {
	.
	.
	get_unused_fd();
	.
	.
	file_open();
	.
	.
	get_random_bytes();  <----
	.
	.
	fd_install();
}


What I'm trying to do here is to get anywhere from
8-16 bytes of random data to be used as file keys for
new file. The problem I have is when I run a test like
"creat05" from LTP, the system crashes. Usually it
crashes at either at get_unused_fd() or during
fd_install(). 

"creat05" tries to create up to the maximum number of
files allowed for a process, 1024. This test was
repeated over and over again.

I can see that running a test like this will deplete
the entropy available in the linux random device. And
to crash the system even faster, i can run "nmap",
which I've observed to cause the entropy available to
go to zero more quickly. It could be possible that the

"creat05" process was put into wait queue, or blocked,
when there is not enough entropy available.

I have some question about this scenario and see if
you can help in this case...

1. The get_unused_fd() and fd_install() seems to be
very "tightly coupled", as in fd_install() must put
the file object at the index "fd". If the
get_random_bytes() gets blocked how will that affect
it? 

2. It is a requirement for what I'm doing that I have
to generate a key for each file being opened. I could
choose to fail the open() path if this requirement is
not met. If so... Is there in the kernel to find out
whether my call to get_random_bytes will be blocked or
if my process is blocked because of this?

3. If i choose to let the open() path fail but allow
the entropy to be refilled, what needs to be done to
ensure that it does not disrupt get_random_bytes() and
fd_install()? 


Thank You in Advance,
Louis Lam


________________________________________________________________________
Want to chat instantly with your online friends?  Get the FREE Yahoo!
Messenger http://uk.messenger.yahoo.com/
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/
[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux