Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, 25 Apr 2016, Thomas Garnier wrote: > To generate entropy, we use get_random_bytes_arch because 0 bits of > entropy is available in the boot stage. In the worse case this function > will fallback to the get_random_bytes sub API. We also generate a shift > random number to shift

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, 25 Apr 2016, Thomas Garnier wrote: > To generate entropy, we use get_random_bytes_arch because 0 bits of > entropy is available in the boot stage. In the worse case this function > will fallback to the get_random_bytes sub API. We also generate a shift > random number to shift

Re: [PATCH v2] mm: SLAB freelist randomization

Make sense. I think it is still valuable to randomize earlier pages. I will adapt the code, test and send patch v4. Thanks for the quick feedback, Thomas On Mon, Apr 25, 2016 at 5:40 PM, Joonsoo Kim wrote: > On Mon, Apr 25, 2016 at 01:39:23PM -0700, Thomas Garnier wrote:

Re: [PATCH v2] mm: SLAB freelist randomization

Make sense. I think it is still valuable to randomize earlier pages. I will adapt the code, test and send patch v4. Thanks for the quick feedback, Thomas On Mon, Apr 25, 2016 at 5:40 PM, Joonsoo Kim wrote: > On Mon, Apr 25, 2016 at 01:39:23PM -0700, Thomas Garnier wrote: >> Provides an optional

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 01:39:23PM -0700, Thomas Garnier wrote: > Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > SLAB freelist. The list is randomized during initialization of a new set > of pages. The order on different freelist sizes is pre-computed at boot > for

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 01:39:23PM -0700, Thomas Garnier wrote: > Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > SLAB freelist. The list is randomized during initialization of a new set > of pages. The order on different freelist sizes is pre-computed at boot > for

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 2:38 PM, Andrew Morton wrote: > On Mon, 25 Apr 2016 14:14:33 -0700 Thomas Garnier wrote: > >> >>> + /* Get best entropy at this stage */ >> >>> + get_random_bytes_arch(, sizeof(seed)); >> >> >> >> See concerns in

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 2:38 PM, Andrew Morton wrote: > On Mon, 25 Apr 2016 14:14:33 -0700 Thomas Garnier wrote: > >> >>> + /* Get best entropy at this stage */ >> >>> + get_random_bytes_arch(, sizeof(seed)); >> >> >> >> See concerns in other email - isn't this a no-op if

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, 25 Apr 2016 14:14:33 -0700 Thomas Garnier wrote: > >>> + /* Get best entropy at this stage */ > >>> + get_random_bytes_arch(, sizeof(seed)); > >> > >> See concerns in other email - isn't this a no-op if CONFIG_ARCH_RANDOM=n? > >> > > The arch_* functions

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, 25 Apr 2016 14:14:33 -0700 Thomas Garnier wrote: > >>> + /* Get best entropy at this stage */ > >>> + get_random_bytes_arch(, sizeof(seed)); > >> > >> See concerns in other email - isn't this a no-op if CONFIG_ARCH_RANDOM=n? > >> > > The arch_* functions will return 0 which will

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 2:13 PM, Thomas Garnier wrote: > On Mon, Apr 25, 2016 at 2:10 PM, Andrew Morton > wrote: >> On Mon, 25 Apr 2016 13:39:23 -0700 Thomas Garnier >> wrote: >> >>> Provides an optional config

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 2:13 PM, Thomas Garnier wrote: > On Mon, Apr 25, 2016 at 2:10 PM, Andrew Morton > wrote: >> On Mon, 25 Apr 2016 13:39:23 -0700 Thomas Garnier >> wrote: >> >>> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the >>> SLAB freelist. The list is randomized

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 2:10 PM, Andrew Morton wrote: > On Mon, 25 Apr 2016 13:39:23 -0700 Thomas Garnier wrote: > >> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the >> SLAB freelist. The list is randomized during

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 25, 2016 at 2:10 PM, Andrew Morton wrote: > On Mon, 25 Apr 2016 13:39:23 -0700 Thomas Garnier wrote: > >> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the >> SLAB freelist. The list is randomized during initialization of a new set >> of pages. The order on

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, 25 Apr 2016 13:39:23 -0700 Thomas Garnier wrote: > Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > SLAB freelist. The list is randomized during initialization of a new set > of pages. The order on different freelist sizes is pre-computed at

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, 25 Apr 2016 13:39:23 -0700 Thomas Garnier wrote: > Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > SLAB freelist. The list is randomized during initialization of a new set > of pages. The order on different freelist sizes is pre-computed at boot > for performance.

[PATCH v2] mm: SLAB freelist randomization

Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the SLAB freelist. The list is randomized during initialization of a new set of pages. The order on different freelist sizes is pre-computed at boot for performance. Each kmem_cache has its own randomized freelist except early on

[PATCH v2] mm: SLAB freelist randomization

Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the SLAB freelist. The list is randomized during initialization of a new set of pages. The order on different freelist sizes is pre-computed at boot for performance. Each kmem_cache has its own randomized freelist except early on

Re: [PATCH v2] mm: SLAB freelist randomization

On Wed, Apr 20, 2016 at 1:08 AM, Joonsoo Kim wrote: > On Tue, Apr 19, 2016 at 09:44:54AM -0700, Thomas Garnier wrote: >> On Tue, Apr 19, 2016 at 12:15 AM, Joonsoo Kim wrote: >> > On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: >> >>

Re: [PATCH v2] mm: SLAB freelist randomization

On Wed, Apr 20, 2016 at 1:08 AM, Joonsoo Kim wrote: > On Tue, Apr 19, 2016 at 09:44:54AM -0700, Thomas Garnier wrote: >> On Tue, Apr 19, 2016 at 12:15 AM, Joonsoo Kim wrote: >> > On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: >> >> Provides an optional config

Re: [PATCH v2] mm: SLAB freelist randomization

On Tue, Apr 19, 2016 at 09:44:54AM -0700, Thomas Garnier wrote: > On Tue, Apr 19, 2016 at 12:15 AM, Joonsoo Kim wrote: > > On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: > >> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > >> SLAB

Re: [PATCH v2] mm: SLAB freelist randomization

On Tue, Apr 19, 2016 at 09:44:54AM -0700, Thomas Garnier wrote: > On Tue, Apr 19, 2016 at 12:15 AM, Joonsoo Kim wrote: > > On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: > >> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > >> SLAB freelist. The list is

Re: [PATCH v2] mm: SLAB freelist randomization

On Tue, Apr 19, 2016 at 12:15 AM, Joonsoo Kim wrote: > On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: >> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the >> SLAB freelist. The list is randomized during initialization of a new set >> of

Re: [PATCH v2] mm: SLAB freelist randomization

On Tue, Apr 19, 2016 at 12:15 AM, Joonsoo Kim wrote: > On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: >> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the >> SLAB freelist. The list is randomized during initialization of a new set >> of pages. The order on

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: > Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > SLAB freelist. The list is randomized during initialization of a new set > of pages. The order on different freelist sizes is pre-computed at boot > for

Re: [PATCH v2] mm: SLAB freelist randomization

On Mon, Apr 18, 2016 at 10:14:39AM -0700, Thomas Garnier wrote: > Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the > SLAB freelist. The list is randomized during initialization of a new set > of pages. The order on different freelist sizes is pre-computed at boot > for

[PATCH v2] mm: SLAB freelist randomization

Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the SLAB freelist. The list is randomized during initialization of a new set of pages. The order on different freelist sizes is pre-computed at boot for performance. This security feature reduces the predictability of the kernel

[PATCH v2] mm: SLAB freelist randomization

Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the SLAB freelist. The list is randomized during initialization of a new set of pages. The order on different freelist sizes is pre-computed at boot for performance. This security feature reduces the predictability of the kernel

[PATCH v2] mm: SLAB freelist randomization

Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the SLAB freelist. The list is randomized during initialization of a new set of pages. The order on different freelist sizes is pre-computed at boot for performance. This security feature reduces the predictability of the kernel

[PATCH v2] mm: SLAB freelist randomization

Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the SLAB freelist. The list is randomized during initialization of a new set of pages. The order on different freelist sizes is pre-computed at boot for performance. This security feature reduces the predictability of the kernel