diff options
| author | dcashman <dcashman@google.com> | 2016-02-24 13:27:06 -0800 |
|---|---|---|
| committer | Kees Cook <keescook@google.com> | 2016-03-24 15:38:13 -0700 |
| commit | ff10a24b72083a30837cdfcc6944e3f0c865eba1 (patch) | |
| tree | b8dc5c24245f2ee56c5de99458853db7e36aa4e1 | |
| parent | 2bddf05e8abe7ae2d1fc639fe8ff2bd402508a88 (diff) | |
| download | qcom-msm-v3.10-ff10a24b72083a30837cdfcc6944e3f0c865eba1.tar.gz | |
FROMLIST: drivers: char: random: add get_random_long()
(cherry picked from commit https://lkml.org/lkml/2016/2/4/831)
d07e22597d1d355 ("mm: mmap: add new /proc tunable for mmap_base ASLR")
added the ability to choose from a range of values to use for entropy
count in generating the random offset to the mmap_base address. The
maximum value on this range was set to 32 bits for 64-bit x86 systems, but
this value could be increased further, requiring more than the 32 bits of
randomness provided by get_random_int(), as is already possible for arm64.
Add a new function: get_random_long() which more naturally fits with the
mmap usage of get_random_int() but operates exactly the same as
get_random_int().
Also, fix the shifting constant in mmap_rnd() to be an unsigned long so
that values greater than 31 bits generate an appropriate mask without
overflow. This is especially important on x86, as its shift instruction
uses a 5-bit mask for the shift operand, which meant that any value for
mmap_rnd_bits over 31 acts as a no-op and effectively disables mmap_base
randomization.
Finally, replace calls to get_random_int() with get_random_long() where
appropriate.
Signed-off-by: Daniel Cashman <dcashman@android.com>
Signed-off-by: Daniel Cashman <dcashman@google.com>
Bug: 27796957
Patchset: ASLR sysctl
Change-Id: I23a02e4e7f5418ed3bdb71cdb71d98a9b919b96a
Signed-off-by: Kees Cook <keescook@google.com>
| -rw-r--r-- | drivers/char/random.c | 22 | ||||
| -rw-r--r-- | include/linux/random.h | 1 |
2 files changed, 23 insertions, 0 deletions
diff --git a/drivers/char/random.c b/drivers/char/random.c index d9e24b59fcb..1c24ed59207 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1503,6 +1503,28 @@ unsigned int get_random_int(void) EXPORT_SYMBOL(get_random_int); /* + * Same as get_random_int(), but returns unsigned long. + */ +unsigned long get_random_long(void) +{ + __u32 *hash; + unsigned long ret; + + if (arch_get_random_long(&ret)) + return ret; + + hash = get_cpu_var(get_random_int_hash); + + hash[0] += current->pid + jiffies + get_cycles(); + md5_transform(hash, random_int_secret); + ret = *(unsigned long *)hash; + put_cpu_var(get_random_int_hash); + + return ret; +} +EXPORT_SYMBOL(get_random_long); + +/* * randomize_range() returns a start address such that * * [...... <range> .....] diff --git a/include/linux/random.h b/include/linux/random.h index bf9085e89fb..1b91d7d186e 100644 --- a/include/linux/random.h +++ b/include/linux/random.h @@ -24,6 +24,7 @@ extern const struct file_operations random_fops, urandom_fops; #endif unsigned int get_random_int(void); +unsigned long get_random_long(void); unsigned long randomize_range(unsigned long start, unsigned long end, unsigned long len); u32 prandom_u32(void); |