bpf: rather use get_random_int for randomizations
Start address randomization and blinding in BPF currently use prandom_u32(). prandom_u32() values are not exposed to unpriviledged user space to my knowledge, but given other kernel facilities such as ASLR, stack canaries, etc make use of stronger get_random_int(), we better make use of it here as well given blinding requests successively new random values. get_random_int() has minimal entropy pool depletion, is not cryptographically secure, but doesn't need to be for our use cases here. Suggested-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
09ec8e7fb6
commit
b7552e1bcc
@ -231,7 +231,7 @@ bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr,
|
||||
hdr->pages = size / PAGE_SIZE;
|
||||
hole = min_t(unsigned int, size - (proglen + sizeof(*hdr)),
|
||||
PAGE_SIZE - sizeof(*hdr));
|
||||
start = (prandom_u32() % hole) & ~(alignment - 1);
|
||||
start = (get_random_int() % hole) & ~(alignment - 1);
|
||||
|
||||
/* Leave a random number of instructions before BPF code. */
|
||||
*image_ptr = &hdr->image[start];
|
||||
@ -251,7 +251,7 @@ static int bpf_jit_blind_insn(const struct bpf_insn *from,
|
||||
struct bpf_insn *to_buff)
|
||||
{
|
||||
struct bpf_insn *to = to_buff;
|
||||
u32 imm_rnd = prandom_u32();
|
||||
u32 imm_rnd = get_random_int();
|
||||
s16 off;
|
||||
|
||||
BUILD_BUG_ON(BPF_REG_AX + 1 != MAX_BPF_JIT_REG);
|
||||
|
Loading…
Reference in New Issue
Block a user