On Mon, Apr 18, 2022 at 11:42:41AM +0200, Jason A. Donenfeld wrote: > commit c40160f2998c897231f8454bf797558d30a20375 upstream. > > While the latent entropy plugin mostly doesn't derive entropy from > get_random_const() for measuring the call graph, when __latent_entropy is > applied to a constant, then it's initialized statically to output from > get_random_const(). In that case, this data is derived from a 64-bit > seed, which means a buffer of 512 bits doesn't really have that amount > of compile-time entropy. > > This patch fixes that shortcoming by just buffering chunks of > /dev/urandom output and doling it out as requested. > > At the same time, it's important that we don't break the use of > -frandom-seed, for people who want the runtime benefits of the latent > entropy plugin, while still having compile-time determinism. In that > case, we detect whether gcc's set_random_seed() has been called by > making a call to get_random_seed(noinit=true) in the plugin init > function, which is called after set_random_seed() is called but before > anything that calls get_random_seed(noinit=false), and seeing if it's > zero or not. If it's not zero, we're in deterministic mode, and so we > just generate numbers with a basic xorshift prng. > > Note that we don't detect if -frandom-seed is being used using the > documented local_tick variable, because it's assigned via: > local_tick = (unsigned) tv.tv_sec * 1000 + tv.tv_usec / 1000; > which may well overflow and become -1 on its own, and so isn't > reliable: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105171 > > [kees: The 256 byte rnd_buf size was chosen based on average (250), > median (64), and std deviation (575) bytes of used entropy for a > defconfig x86_64 build] > > Fixes: 38addce8b600 ("gcc-plugins: Add latent_entropy plugin") > Cc: stable@xxxxxxxxxxxxxxx > Cc: PaX Team <pageexec@xxxxxxxxxxx> > Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx> > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> > Link: https://lore.kernel.org/r/20220405222815.21155-1-Jason@xxxxxxxxx > Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx> > --- > scripts/gcc-plugins/latent_entropy_plugin.c | 44 +++++++++++++-------- > 1 file changed, 27 insertions(+), 17 deletions(-) Queued this one up now instead, thanks for the backport! greg k-h
