Re: kaslr: better rng

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: kaslr: better rng
From: Maxime Villard <max%m00nbsd.net@localhost>
Date: Mon, 6 Nov 2017 18:51:33 +0100

Le 06/11/2017 à 18:28, Thor Lancelot Simon a écrit :

On Mon, Nov 06, 2017 at 07:30:35AM +0100, Maxime Villard wrote:

I'm in a point where I need to have a better rng before continuing - and an
rng that can be used in the bootloader, in the prekern and in the kernel
(early).

I would like to use a system similar to the /var/db/entropy-file implementation.
That is to say, when running the system generates /var/db/random-file, which
would contain at least 256bytes of random data. When booting the bootloader
reads this file, can use some of its bytes to get random values. It then gives
the file to the prekern which will use some other parts of it. The prekern
finally gives the file to the kernel which can use the rest.


What is the reason for using only part of the file, in any application?


I meant to say that the components don't take random values from the same
area in the file, for them not to use the same random numbers twice.

For example, if the bootloader consumes the first four uint64_t of the file,
the prekern will virtually do an "lseek(4*sizeof(uint64_t))" and use the rest
of the file as a random pool. Same for the kernel, which will lseek over the
area consumed by the prekern.

Follow-Ups:
- Re: kaslr: better rng
  - From: Paul.Koning
- Re: kaslr: better rng
  - From: Thor Lancelot Simon

References:
- kaslr: better rng
  - From: Maxime Villard
- Re: kaslr: better rng
  - From: Thor Lancelot Simon

Prev by Date: Re: kaslr: better rng
Next by Date: Re: kaslr: better rng
Previous by Thread: Re: kaslr: better rng
Next by Thread: Re: kaslr: better rng
Indexes:

Home | Main Index | Thread Index | Old Index