RNG in kernel
Created by: fst3a
Hello,
I wanted to implement PID randomization and other kernel hardenings but found out that there's no RNG in kernel to take random data from. I just slapped RDRAND instruction into new_context with certain modifications for now. The /sbin/randd works in usermode but it is child of /bin/init. This is a problem if one would try to take randomness from the usermode into kernel as new_context will randomize all PIDs except for kernel(0) and init(1) (like in OpenBSD) as randomness is required right after kernel and init are spawned.
As of now, PID randomization works (it is limited to 2**16 ids) but relies on RDRAND exclusively:
user:file:/home/user# ps
PID PPID RUID RGID RNS EUID EGID ENS STAT CPU MEM NAME
0 0 0 0 0 0 0 0 KR 0 0 B
1 0 0 0 0 0 0 0 UB 0 1 MB initfs:/bin/init
3899 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/ethernetd
6220 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/udpd
7542 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/e1000d
9469 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/ipd
17273 1 0 0 0 0 0 0 UB 0 1 MB initfs:/bin/ahcid
33921 49418 1000 1000 0 1000 1000 0 UR+ 0 1 MB file:/bin/ps
35864 52243 0 0 0 0 0 0 UB 0 1 MB file:/bin/login
43016 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/ptyd
43628 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/tcpd
44579 1 0 0 0 0 0 0 UB 0 10 MB initfs:/bin/redoxfs
49418 35864 1000 1000 0 1000 1000 0 UR 0 2 MB file:/bin/ion
52243 1 0 0 0 0 0 0 UB 0 1 MB file:/bin/getty
58038 1 0 0 0 0 0 0 UB 0 1 MB file:/sbin/randd