Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

[Kees Cook]

On Mon, Oct 06, 2008 at 04:58:27PM -0700, Roland McGrath wrote:
> What mmap randomization and stack randomization actually use is
> get_random_int(), not get_random_bytes().  This is one of those weaker
> flavors seeded occasionally from the real entropy pool.  (As is, it's not a
> good choice for getting 16 bytes of random at once, since it usually
> returns the same 4 bytes each time when called 4 times in quick succession.)
> 
> What glibc wants is some bits with a strength of randomness chosen by the
> kernel, and not to worry about the details.  I think the strength applied
> to mmap and stack randomization is good enough for AT_RANDOM.

Is this email a vote for or against doing:

+       k_rand_bytes[0] = get_random_int();
+       k_rand_bytes[1] = get_random_int();
+       k_rand_bytes[2] = get_random_int();
+       k_rand_bytes[3] = get_random_int();

It sounds like it's not very safe, but on the other hand, glibc doesn't
really care?

-- 
Kees Cook
Ubuntu Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/