Re: kaslr: better rng

To: Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: kaslr: better rng
From: Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost>
Date: Mon, 6 Nov 2017 17:35:38 +0000

> Date: Mon, 6 Nov 2017 07:30:35 +0100
> From: Maxime Villard <max%m00nbsd.net@localhost>
> 
> I would like to use a system similar to the /var/db/entropy-file
> implementation.  That is to say, when running the system generates
> /var/db/random-file, which would contain at least 256bytes of random
> data. When booting the bootloader reads this file, can use some of
> its bytes to get random values. It then gives the file to the
> prekern which will use some other parts of it. The prekern finally
> gives the file to the kernel which can use the rest.

Seems to me we should just use one file, and the bootloader should use
it as a seed for a PRNG from which it draws

(a) kaslr bits, and
(b) a seed for the entropy pool (which is currently just /var/db/entropy)

The bootloader already reads a file.  Teaching it to have a small
cryptographic PRNG shouldn't be too hard.  I'm still sitting on a
draft Keccak-based entropy pool, whose Keccak implementation
(https://mumble.net/~campbell/hg/sha3/keccak.c) likely fits in the
constraints of a bootloader.

Follow-Ups:
- Re: kaslr: better rng
  - From: Maxime Villard

References:
- kaslr: better rng
  - From: Maxime Villard

Prev by Date: Re: kaslr: better rng
Next by Date: Re: kaslr: better rng
Previous by Thread: Re: kaslr: better rng
Next by Thread: Re: kaslr: better rng
Indexes:

Home | Main Index | Thread Index | Old Index