On Tue, Nov 6, 2012 at 8:21 PM, Jeff Liu <jeff....@oracle.com> wrote: > Hi Andrew and Kees, > > Great thanks for both your comments! > > On 11/07/2012 09:11 AM, Kees Cook wrote: >> Hrm, I don't like this. get_random_int() specifically says: "Get a >> random word for internal kernel use only." The intent of AT_RANDOM is >> for userspace pRNG seeding (though glibc currently uses it directly >> for stack protector and pointer mangling), which is not "internal >> kernel use only". :) Though I suppose this is already being used for >> the randomize_stack_top(), but I think it'd still be better to use >> higher quality bits. > Btw Kees, does it sounds make sense if we just return the 16 bytes > uninitialized stack array if the user disable the stack randomize via > "/proc/sys/kernel/randomize_va_space = 0" or via the related sysctl, or > even specified norandmaps on boot?
No, I feel that ASLR (randomize_va_space) is distinctly separate from how glibc uses AT_RANDOM (stack protector and pointer mangling). AT_RANDOM should remain active even if randomize_va_space is 0. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
