This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding

From: "Ulrich Drepper" <drepper at gmail dot com>
To: "Kees Cook" <kees dot cook at canonical dot com>
Cc: "Ulrich Drepper" <drepper at redhat dot com>, "Jakub Jelinek" <jakub at redhat dot com>, "Arjan van de Ven" <arjan at infradead dot org>, "Roland McGrath" <roland at redhat dot com>, linux-kernel at vger dot kernel dot org, libc-alpha at sourceware dot org, "Ingo Molnar" <mingo at elte dot hu>
Date: Fri, 17 Oct 2008 22:42:01 -0700
Subject: Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding
References: <20081001222706.68E7E1544B4@magilla.localdomain> <20081003004340.GF32682@tyan-ft48-01.lab.bos.redhat.com> <20081003052938.GS10632@outflux.net> <20081002225718.6a0d803a@infradead.org> <48E5BAC6.9070007@redhat.com> <20081003145054.GU10632@outflux.net> <20081003145754.GH32682@tyan-ft48-01.lab.bos.redhat.com> <20081003173313.GW10632@outflux.net> <48E65964.5020809@redhat.com> <20081003175917.GX10632@outflux.net>

On Fri, Oct 3, 2008 at 10:59 AM, Kees Cook <kees.cook@canonical.com> wrote:
> While discussing[1] the need for glibc to have access to random bytes
> during program load, it seems that an earlier attempt to implement
> AT_RANDOM got stalled.  This implements a random 16 byte string, available
> to every ELF program via a new auxv AT_RANDOM vector.
>
> [1] http://sourceware.org/ml/libc-alpha/2008-10/msg00006.html
>
> Signed-off-by: Kees Cook <kees.cook@canonical.com>
> ---
>  fs/binfmt_elf.c        |   12 ++++++++++++
>  include/linux/auxvec.h |    6 +++---
>  2 files changed, 15 insertions(+), 3 deletions(-)

This version is OK with me as long as the get_random_bytes call is
producing 16 reasonably random bytes.  If the random data generation
is changed at some point I'd want to have very strong PRNG for
binaries which have AT_SECURE set.

Acked-by: Ulrich Drepper <drepper@redhat.com>

References:
- Re: randomized stack protector value
  - From: Roland McGrath
- Re: [PATCH] ELF: implement AT_RANDOM for future glibc use
  - From: Jakub Jelinek
- [PATCH] ELF: implement AT_RANDOM for future glibc use
  - From: Kees Cook
- Re: [PATCH] ELF: implement AT_RANDOM for future glibc use
  - From: Arjan van de Ven
- Re: [PATCH] ELF: implement AT_RANDOM for future glibc use
  - From: Ulrich Drepper
- [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding
  - From: Kees Cook
- Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding
  - From: Jakub Jelinek
- [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding
  - From: Kees Cook
- Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding
  - From: Ulrich Drepper
- [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding
  - From: Kees Cook

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]