From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ydroneaud@ouvaton.org>
Received: from ouvsmtp1.octopuce.fr (ouvsmtp1.octopuce.fr [194.36.166.50])
 by sourceware.org (Postfix) with ESMTPS id 70B723858D32
 for <libc-alpha@sourceware.org>; Tue, 26 Jul 2022 14:27:28 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 70B723858D32
Received: from panel.vitry.ouvaton.coop (unknown [194.36.166.20])
 by ouvsmtp1.octopuce.fr (Postfix) with ESMTPS id 69556AC4;
 Tue, 26 Jul 2022 16:27:26 +0200 (CEST)
Received: from [192.168.0.20] (unknown [83.159.33.34])
 by panel.vitry.ouvaton.coop (Postfix) with ESMTPSA id B1A7B5E26E6;
 Tue, 26 Jul 2022 16:27:25 +0200 (CEST)
Message-ID: <f586ebee-df86-4bed-9dca-34471737029d@ouvaton.org>
Date: Tue, 26 Jul 2022 16:27:25 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.11.0
Subject: Overwrittting AT_RANDOM after use (was Re: arc4random - are you sure
 we want these?)
Content-Language: fr-FR
To: Florian Weimer <fweimer@redhat.com>,
 "Jason A. Donenfeld via Libc-alpha" <libc-alpha@sourceware.org>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
 Yann Droneaud <ydroneaud@opteya.com>, Michael@phoronix.com,
 linux-crypto@vger.kernel.org, jann@thejh.net, dalias@libc.org
References: <YtwgTySJyky0OcgG@zx2c4.com> <Ytwg8YEJn+76h5g9@zx2c4.com>
 <87bktdsdrk.fsf@oldenburg.str.redhat.com> <Yt54x7uWnsL3eZSx@zx2c4.com>
 <87v8rlqscj.fsf@oldenburg.str.redhat.com>
From: Yann Droneaud <ydroneaud@ouvaton.org>
In-Reply-To: <87v8rlqscj.fsf@oldenburg.str.redhat.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, SPF_HELO_PASS, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2022 14:27:31 -0000

Hi,

Le 25/07/2022 à 14:39, Florian Weimer a écrit :

> * Jason A. Donenfeld via Libc-alpha:

>>   (After all, I didn't see any wild-n-crazy fallback
>> to AT_RANDOM like what systemd does with random-util.c:
>> https://github.com/systemd/systemd/blob/main/src/basic/random-util.c )
> I had some patches with AT_RANDOM fallback, including overwriting
> AT_RANDOM with output from the seeded PRNG.  It's certainly messy.  I
> probably didn't bother to post these patches given how bizarre the whole
> thing was.


It's not that bizarre as I have some patches too: I tried to harden the 
way stack_chk_guard and pointer_chk_guard were computed.
Those values are currently generated from slices of AT_RANDOM by the loader.


But I've seen in the wild program reusing AT_RANDOM, thus possibily 
leaking stack_chk_guard and pointer_chk_guard values.


Having a proper (CS)PRNG in the loader, initialized from AT_RANDOM, that 
overwrites AT_RANDOM (with fresh entropy if possible) after 
initialization, would improve programs abusing AT_RANDOM purpose.


Regards.


-- 

Yann Droneaud

OPTEYA