Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170830095735.GB31503@amd>
Date: Wed, 30 Aug 2017 11:57:35 +0200
From: Pavel Machek <pavel@....cz>
To: Theodore Ts'o <tytso@....edu>, Laura Abbott <labbott@...hat.com>,
	Kees Cook <keescook@...omium.org>,
	Daniel Micay <danielmicay@...il.com>,
	kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org,
	linux-mm@...ck.org, Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCHv3 2/2] extract early boot entropy from the passed cmdline

On Wed 2017-08-16 23:31:48, Theodore Ts'o wrote:
> On Wed, Aug 16, 2017 at 04:14:58PM -0700, Laura Abbott wrote:
> > From: Daniel Micay <danielmicay@...il.com>
> > 
> > Existing Android bootloaders usually pass data useful as early entropy
> > on the kernel command-line. It may also be the case on other embedded
> > systems.....
> 
> May I suggest a slight adjustment to the beginning commit description?
> 
>    Feed the boot command-line as to the /dev/random entropy pool
> 
>    Existing Android bootloaders usually pass data which may not be
>    known by an external attacker on the kernel command-line.  It may
>    also be the case on other embedded systems.  Sample command-line
>    from a Google Pixel running CopperheadOS....
> 
> The idea here is to if anything, err on the side of under-promising
> the amount of security we can guarantee that this technique will
> provide.  For example, how hard is it really for an attacker who has
> an APK installed locally to get the device serial number?  Or the OS
> version?  And how much variability is there in the bootloader stages
> in milliseconds?
> 
> I think we should definitely do this.  So this is more of a request to
> be very careful what we promise in the commit description, not an
> objection to the change itself.

The command line is visible to unpriviledged userspace (/proc/cmdline,
dmesg). Is that a problem?

U-boot already does some crypto stuff, so it may have some
randomness. Should we create parameter random=xxxxxxxxxxx that is
"censored" during kernel boot?

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.