2832158233
This patch uses the existing boot_init_stack_canary arch function to initialize the ptrauth keys for the booting task in the primary core. The requirement here is that it should be always inline and the caller must never return. As pointer authentication too detects a subset of stack corruption so it makes sense to place this code here. Both pointer authentication and stack canary codes are protected by their respective config option. Suggested-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com> Reviewed-by: Vincenzo Frascino <Vincenzo.Frascino@arm.com> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
47 lines
1.3 KiB
C
47 lines
1.3 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* GCC stack protector support.
|
|
*
|
|
* Stack protector works by putting predefined pattern at the start of
|
|
* the stack frame and verifying that it hasn't been overwritten when
|
|
* returning from the function. The pattern is called stack canary
|
|
* and gcc expects it to be defined by a global variable called
|
|
* "__stack_chk_guard" on ARM. This unfortunately means that on SMP
|
|
* we cannot have a different canary value per task.
|
|
*/
|
|
|
|
#ifndef __ASM_STACKPROTECTOR_H
|
|
#define __ASM_STACKPROTECTOR_H
|
|
|
|
#include <linux/random.h>
|
|
#include <linux/version.h>
|
|
#include <asm/pointer_auth.h>
|
|
|
|
extern unsigned long __stack_chk_guard;
|
|
|
|
/*
|
|
* Initialize the stackprotector canary value.
|
|
*
|
|
* NOTE: this must only be called from functions that never return,
|
|
* and it must always be inlined.
|
|
*/
|
|
static __always_inline void boot_init_stack_canary(void)
|
|
{
|
|
#if defined(CONFIG_STACKPROTECTOR)
|
|
unsigned long canary;
|
|
|
|
/* Try to get a semi random initial value. */
|
|
get_random_bytes(&canary, sizeof(canary));
|
|
canary ^= LINUX_VERSION_CODE;
|
|
canary &= CANARY_MASK;
|
|
|
|
current->stack_canary = canary;
|
|
if (!IS_ENABLED(CONFIG_STACKPROTECTOR_PER_TASK))
|
|
__stack_chk_guard = current->stack_canary;
|
|
#endif
|
|
ptrauth_thread_init_kernel(current);
|
|
ptrauth_thread_switch_kernel(current);
|
|
}
|
|
|
|
#endif /* _ASM_STACKPROTECTOR_H */
|