[PATCH 1/1] arm64: syscall: Direct PRNG kstack randomization
Kees Cook
keescook at chromium.org
Thu Mar 7 11:10:47 PST 2024
On Thu, Mar 07, 2024 at 12:10:34PM +0100, Arnd Bergmann wrote:
> For the strength, we have at least four options:
>
> - strong rng, most expensive
> - your new prng, less strong but somewhat cheaper and/or more
> predictable overhead
> - cycle counter, cheap but probably even less strong,
> needs architecture code.
Are the low bits of a cycler counter really less safe than a
deterministic pRNG?
> - no rng, no overhead and no protection.
For the pRNG, why not just add a reseed timer or something that'll
happen outside the syscall window, if that's the concern about reseeding
delay? (In which case, why not continue to use the strong rng?)
--
Kees Cook
More information about the linux-arm-kernel
mailing list