From patchwork Sun Oct 23 20:32:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 8093 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp126156wru; Sun, 23 Oct 2022 13:39:54 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6MtACz9yrvZEu3GKWYOKRdvUEkn3gAoWVjy+weEaF8KqOdY/Qv0NGnWBQM7tQPmSW4Jbob X-Received: by 2002:a17:907:2dab:b0:78d:fc4b:7e31 with SMTP id gt43-20020a1709072dab00b0078dfc4b7e31mr23416746ejc.531.1666557594020; Sun, 23 Oct 2022 13:39:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666557594; cv=none; d=google.com; s=arc-20160816; b=irhdRDJwmEc56p2giQlRevmRjRaVvLw+c+eHJb9WJduu3ZVibwMxrBPADsi7cpw8QS tAYfJX3YbgRlhKrGua+lsNH09qWpWVCUPjhF/w/qNsPqzLMmkNoZQju7KzUtIgVwiEgC zwonEpuAywbKuTw2WvqleG5n54CgZ9FbcIVtPebwX/ewFYAXUWQdt9vq9jfI0FH5Q9Xk FwRD7eeawvp98rfjv3S/w/9Lq0hyjQKCmSFMlGNEUVRyeGD57rhnY4q4U+uryxvAcFcG SSCIjA/vXJIFipfovXOI5YOvJRu+qc9wRhjioiPIP3ElQ82gv5TKw307et+/7ySj54T/ zqTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Pz1YbnhHHES22JbBuvoJmFfteKoXfI875tJTfozeVoM=; b=GqiRfpxK5mm7FD6lpRrigkwjsgKw3ZKREsTymMR7BAUhu0l1cwb8WRJEtOpM0P6ltx BIXBlsNB9RvCmRIas2YkMlHkjF5iufgeJ1NO7RtVpiSRYO8tLpWNI7dUyszQCL3pZXYs jAhDBk+H1+vh2GylCo1CPFrfbwOasXspseO3j2mSHQBQ6eUhjkLS/y7EF6bcWR90fcoY OvUOmlPfRAGv96xDsLm2qrY1Kc9s9yQuPcmy4DtUlAUzoBqnuQwio1SDn32ORaOSGNUx nde8HXGhjmoK6PPl4ulNKbNo/lYFMTFhj/fnM0DWpTSf8rXNEqCzPJJev8+15Yj5DZZX MAoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=RhG6F6Ot; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id he6-20020a1709073d8600b0078d9c781853si27015786ejc.607.2022.10.23.13.39.29; Sun, 23 Oct 2022 13:39:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=RhG6F6Ot; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229877AbiJWUc6 (ORCPT + 99 others); Sun, 23 Oct 2022 16:32:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39610 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229912AbiJWUcz (ORCPT ); Sun, 23 Oct 2022 16:32:55 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BA5BE6716B; Sun, 23 Oct 2022 13:32:51 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id EB456B80DD0; Sun, 23 Oct 2022 20:32:49 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id AF58EC433D6; Sun, 23 Oct 2022 20:32:45 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="RhG6F6Ot" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1666557164; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Pz1YbnhHHES22JbBuvoJmFfteKoXfI875tJTfozeVoM=; b=RhG6F6OtF0oXd925+MkqnzLfGYM6DZvyYuE4hWTHemEIu4bZUXkdfVK/z8lbpn5DFNIwlC lZJQGL8AsSQxW2vGubxpFBHajkz/qjvTS73fOGtflywhINBph+mpTZ8v6H/lLwbVokvZsA bhL3nqDGdFWm75dB4CALhgPA/u1bgws= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 01fa1245 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Sun, 23 Oct 2022 20:32:44 +0000 (UTC) From: "Jason A. Donenfeld" To: linux-kernel@vger.kernel.org Cc: "Jason A. Donenfeld" , Albert Ou , Boris Ostrovsky , Borislav Petkov , Catalin Marinas , Chris Zankel , Christophe Leroy , Dave Hansen , Greg Kroah-Hartman , Guo Ren , "H . Peter Anvin" , Ingo Molnar , Juergen Gross , Max Filippov , Michael Ellerman , Nicholas Piggin , Palmer Dabbelt , Paul Walmsley , Rich Felker , Russell King , Thomas Bogendoerfer , Thomas Gleixner , Will Deacon , Yoshinori Sato , linux-arm-kernel@lists.infradead.org, linux-csky@vger.kernel.org, linux-mips@vger.kernel.org, linux-riscv@lists.infradead.org, linux-sh@vger.kernel.org, linux-xtensa@linux-xtensa.org, linuxppc-dev@lists.ozlabs.org, x86@kernel.org Subject: [PATCH v1 1/2] stackprotector: move CANARY_MASK and get_random_canary() into stackprotector.h Date: Sun, 23 Oct 2022 22:32:07 +0200 Message-Id: <20221023203208.118919-2-Jason@zx2c4.com> In-Reply-To: <20221023203208.118919-1-Jason@zx2c4.com> References: <20221023203208.118919-1-Jason@zx2c4.com> MIME-Version: 1.0 X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747512295753795880?= X-GMAIL-MSGID: =?utf-8?q?1747512295753795880?= This has nothing to do with random.c and everything to do with stack protectors. Yes, it uses randomness. But many things use randomness. random.h and random.c are concerned with the generation of randomness, not with each and every use. So move this function into the more specific stackprotector.h file where it belongs. Signed-off-by: Jason A. Donenfeld Reviewed-by: Philippe Mathieu-Daudé --- arch/x86/kernel/cpu/common.c | 2 +- arch/x86/kernel/setup_percpu.c | 2 +- arch/x86/kernel/smpboot.c | 2 +- arch/x86/xen/enlighten_pv.c | 2 +- include/linux/random.h | 19 ------------------- include/linux/stackprotector.h | 19 +++++++++++++++++++ kernel/fork.c | 2 +- 7 files changed, 24 insertions(+), 24 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 3e508f239098..3f66dd03c091 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -22,9 +22,9 @@ #include #include #include +#include #include -#include #include #include #include diff --git a/arch/x86/kernel/setup_percpu.c b/arch/x86/kernel/setup_percpu.c index 49325caa7307..b26123c90b4f 100644 --- a/arch/x86/kernel/setup_percpu.c +++ b/arch/x86/kernel/setup_percpu.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -21,7 +22,6 @@ #include #include #include -#include DEFINE_PER_CPU_READ_MOSTLY(int, cpu_number); EXPORT_PER_CPU_SYMBOL(cpu_number); diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c index 3f3ea0287f69..dbe09fcc6604 100644 --- a/arch/x86/kernel/smpboot.c +++ b/arch/x86/kernel/smpboot.c @@ -56,6 +56,7 @@ #include #include #include +#include #include #include @@ -80,7 +81,6 @@ #include #include #include -#include #include /* representing HT siblings of each logical CPU */ diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index f82857e48815..745420853a7c 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include @@ -64,7 +65,6 @@ #include #include #include -#include #include #include #include diff --git a/include/linux/random.h b/include/linux/random.h index bf8ed3df3af0..182780cafd45 100644 --- a/include/linux/random.h +++ b/include/linux/random.h @@ -115,25 +115,6 @@ static inline u32 get_random_u32_between(u32 floor, u32 ceil) return floor + get_random_u32_below(ceil - floor); } -/* - * On 64-bit architectures, protect against non-terminated C string overflows - * by zeroing out the first byte of the canary; this leaves 56 bits of entropy. - */ -#ifdef CONFIG_64BIT -# ifdef __LITTLE_ENDIAN -# define CANARY_MASK 0xffffffffffffff00UL -# else /* big endian, 64 bits: */ -# define CANARY_MASK 0x00ffffffffffffffUL -# endif -#else /* 32 bits: */ -# define CANARY_MASK 0xffffffffUL -#endif - -static inline unsigned long get_random_canary(void) -{ - return get_random_long() & CANARY_MASK; -} - void __init random_init_early(const char *command_line); void __init random_init(void); bool rng_is_initialized(void); diff --git a/include/linux/stackprotector.h b/include/linux/stackprotector.h index 4c678c4fec58..9c88707d9a0f 100644 --- a/include/linux/stackprotector.h +++ b/include/linux/stackprotector.h @@ -6,6 +6,25 @@ #include #include +/* + * On 64-bit architectures, protect against non-terminated C string overflows + * by zeroing out the first byte of the canary; this leaves 56 bits of entropy. + */ +#ifdef CONFIG_64BIT +# ifdef __LITTLE_ENDIAN +# define CANARY_MASK 0xffffffffffffff00UL +# else /* big endian, 64 bits: */ +# define CANARY_MASK 0x00ffffffffffffffUL +# endif +#else /* 32 bits: */ +# define CANARY_MASK 0xffffffffUL +#endif + +static inline unsigned long get_random_canary(void) +{ + return get_random_long() & CANARY_MASK; +} + #if defined(CONFIG_STACKPROTECTOR) || defined(CONFIG_ARM64_PTR_AUTH) # include #else diff --git a/kernel/fork.c b/kernel/fork.c index 08969f5aa38d..ec57cae58ff1 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -75,7 +75,6 @@ #include #include #include -#include #include #include #include @@ -97,6 +96,7 @@ #include #include #include +#include #include #include From patchwork Sun Oct 23 20:32:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jason A. Donenfeld" X-Patchwork-Id: 8094 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp126710wru; Sun, 23 Oct 2022 13:42:51 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7JEnMhpdF9WmJ3TgVSlxilYmytvcfaWlKDMaDoct+h8ODWwcX92hj2zjd+1xSGjhzu3cxC X-Received: by 2002:a17:907:a40f:b0:790:540c:b6e3 with SMTP id sg15-20020a170907a40f00b00790540cb6e3mr24825230ejc.41.1666557771066; Sun, 23 Oct 2022 13:42:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666557771; cv=none; d=google.com; s=arc-20160816; b=T+K6FvR+Wl5QNWbVhAS6ZlqWRgsk2tdS87cr/d1kGQPjKraxOcTGBcKFiP8teM2JnG n/XqMJnZLJvfGlp6qQV5FSpc8Dh4O7ofYoQhoOVYVTpAKTG3ew9KPa5vSmLqI9K+VISJ x/NyOf87fX2nT62tuOGcrygYfF+ZXNGUI922PmRRf5jBACvNTH0obfoh6zwpZsYZPXiE Megr9ufZTOMlBypKhlmAG6a9wxfnlrmxuhh8rPlpq6HdGsqNLEgkbBDn8DD804HeAMp0 HnPFo9W63UxgVHTOx/tDvBfSYxwPmjF8Cg3c2J6E4VIoJoFmcFirg6RnRYLnK2uZSYd4 DqMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=IvHYiUD7yNRmt/asO7QumwNoOyWIQxir33jt5CIvM9o=; b=oMN6SxWIRxN3Ko4fZGv//L0127aFZKH5p6T8ud2zSyC4a3tRLv9ggJBem8MLRLr5Kd jSFd7hRbYtZgMoMij3SyZN5GWCZzAHa66oGj5PaHXQSn4LqExlYGFvjdVkFYC/z6/Lgj LNSoBZWXKqi7uDTxx3rAOU1ds13setCVIaGpV9tKS60uvXoRofQX7fjAi12b1iVCE57E n8g88NTi5yKyc3298OgvpL+rtZWne272xRwj1A2SU/U+1kmL5yee8TItfeX4XftvviiY 1tVDZO8I5ZlLBwDRC6RlvNrJL1ZvCvITH0nEq+UN31U1gUx826N+QAPHifiX3NyahJW4 +QSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=GGCHpZzH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l15-20020a170906644f00b00771d781fb88si21728619ejn.411.2022.10.23.13.42.27; Sun, 23 Oct 2022 13:42:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=GGCHpZzH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229929AbiJWUdI (ORCPT + 99 others); Sun, 23 Oct 2022 16:33:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39798 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229915AbiJWUdE (ORCPT ); Sun, 23 Oct 2022 16:33:04 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19D9E6715F; Sun, 23 Oct 2022 13:33:02 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 3F460B80DD0; Sun, 23 Oct 2022 20:33:00 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F20E3C433C1; Sun, 23 Oct 2022 20:32:55 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="GGCHpZzH" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1666557174; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IvHYiUD7yNRmt/asO7QumwNoOyWIQxir33jt5CIvM9o=; b=GGCHpZzHb5lPcZyGswIBHQcNGEIPQaTvQl+HfPJd/ZnqTaqWRNrjWebo//8RZ9Rqsu65Sh UHaBe/0H4JjmNEcvv7wzFRjm+/GTanCFE+z1xJtK0Imgg1gWbl5PTEfnCazGMwFSZi9Up3 5286Zs09ENNAYT6JT+IB3ssrqgGzpl4= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 69c84e2d (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Sun, 23 Oct 2022 20:32:54 +0000 (UTC) From: "Jason A. Donenfeld" To: linux-kernel@vger.kernel.org Cc: "Jason A. Donenfeld" , Albert Ou , Boris Ostrovsky , Borislav Petkov , Catalin Marinas , Chris Zankel , Christophe Leroy , Dave Hansen , Greg Kroah-Hartman , Guo Ren , "H . Peter Anvin" , Ingo Molnar , Juergen Gross , Max Filippov , Michael Ellerman , Nicholas Piggin , Palmer Dabbelt , Paul Walmsley , Rich Felker , Russell King , Thomas Bogendoerfer , Thomas Gleixner , Will Deacon , Yoshinori Sato , linux-arm-kernel@lists.infradead.org, linux-csky@vger.kernel.org, linux-mips@vger.kernel.org, linux-riscv@lists.infradead.org, linux-sh@vger.kernel.org, linux-xtensa@linux-xtensa.org, linuxppc-dev@lists.ozlabs.org, x86@kernel.org Subject: [PATCH v1 2/2] stackprotector: actually use get_random_canary() Date: Sun, 23 Oct 2022 22:32:08 +0200 Message-Id: <20221023203208.118919-3-Jason@zx2c4.com> In-Reply-To: <20221023203208.118919-1-Jason@zx2c4.com> References: <20221023203208.118919-1-Jason@zx2c4.com> MIME-Version: 1.0 X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747512481034152058?= X-GMAIL-MSGID: =?utf-8?q?1747512481034152058?= The RNG always mixes in the Linux version extremely early in boot. It also always includes a cycle counter, not only during early boot, but each and every time it is invoked prior to being fully initialized. Together, this means that the use of additional xors inside of the various stackprotector.h files is superfluous and over-complicated. Instead, we can get exactly the same thing, but better, by just calling `get_random_canary()`. Signed-off-by: Jason A. Donenfeld Acked-by: Guo Ren #csky part Acked-by: Catalin Marinas --- arch/arm/include/asm/stackprotector.h | 9 +-------- arch/arm64/include/asm/stackprotector.h | 9 +-------- arch/csky/include/asm/stackprotector.h | 10 +--------- arch/mips/include/asm/stackprotector.h | 9 +-------- arch/powerpc/include/asm/stackprotector.h | 10 +--------- arch/riscv/include/asm/stackprotector.h | 10 +--------- arch/sh/include/asm/stackprotector.h | 10 +--------- arch/x86/include/asm/stackprotector.h | 14 +------------- arch/xtensa/include/asm/stackprotector.h | 7 +------ 9 files changed, 9 insertions(+), 79 deletions(-) diff --git a/arch/arm/include/asm/stackprotector.h b/arch/arm/include/asm/stackprotector.h index 088d03161be5..0bd4979759f1 100644 --- a/arch/arm/include/asm/stackprotector.h +++ b/arch/arm/include/asm/stackprotector.h @@ -15,9 +15,6 @@ #ifndef _ASM_STACKPROTECTOR_H #define _ASM_STACKPROTECTOR_H 1 -#include -#include - #include extern unsigned long __stack_chk_guard; @@ -30,11 +27,7 @@ extern unsigned long __stack_chk_guard; */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; + unsigned long canary = get_random_canary(); current->stack_canary = canary; #ifndef CONFIG_STACKPROTECTOR_PER_TASK diff --git a/arch/arm64/include/asm/stackprotector.h b/arch/arm64/include/asm/stackprotector.h index 33f1bb453150..ae3ad80f51fe 100644 --- a/arch/arm64/include/asm/stackprotector.h +++ b/arch/arm64/include/asm/stackprotector.h @@ -13,8 +13,6 @@ #ifndef __ASM_STACKPROTECTOR_H #define __ASM_STACKPROTECTOR_H -#include -#include #include extern unsigned long __stack_chk_guard; @@ -28,12 +26,7 @@ extern unsigned long __stack_chk_guard; static __always_inline void boot_init_stack_canary(void) { #if defined(CONFIG_STACKPROTECTOR) - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; - canary &= CANARY_MASK; + unsigned long canary = get_random_canary(); current->stack_canary = canary; if (!IS_ENABLED(CONFIG_STACKPROTECTOR_PER_TASK)) diff --git a/arch/csky/include/asm/stackprotector.h b/arch/csky/include/asm/stackprotector.h index d7cd4e51edd9..d23747447166 100644 --- a/arch/csky/include/asm/stackprotector.h +++ b/arch/csky/include/asm/stackprotector.h @@ -2,9 +2,6 @@ #ifndef _ASM_STACKPROTECTOR_H #define _ASM_STACKPROTECTOR_H 1 -#include -#include - extern unsigned long __stack_chk_guard; /* @@ -15,12 +12,7 @@ extern unsigned long __stack_chk_guard; */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; - canary &= CANARY_MASK; + unsigned long canary = get_random_canary(); current->stack_canary = canary; __stack_chk_guard = current->stack_canary; diff --git a/arch/mips/include/asm/stackprotector.h b/arch/mips/include/asm/stackprotector.h index 68d4be9e1254..518c192ad982 100644 --- a/arch/mips/include/asm/stackprotector.h +++ b/arch/mips/include/asm/stackprotector.h @@ -15,9 +15,6 @@ #ifndef _ASM_STACKPROTECTOR_H #define _ASM_STACKPROTECTOR_H 1 -#include -#include - extern unsigned long __stack_chk_guard; /* @@ -28,11 +25,7 @@ extern unsigned long __stack_chk_guard; */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; + unsigned long canary = get_random_canary(); current->stack_canary = canary; __stack_chk_guard = current->stack_canary; diff --git a/arch/powerpc/include/asm/stackprotector.h b/arch/powerpc/include/asm/stackprotector.h index 1c8460e23583..283c34647856 100644 --- a/arch/powerpc/include/asm/stackprotector.h +++ b/arch/powerpc/include/asm/stackprotector.h @@ -7,8 +7,6 @@ #ifndef _ASM_STACKPROTECTOR_H #define _ASM_STACKPROTECTOR_H -#include -#include #include #include #include @@ -21,13 +19,7 @@ */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - canary = get_random_canary(); - canary ^= mftb(); - canary ^= LINUX_VERSION_CODE; - canary &= CANARY_MASK; + unsigned long canary = get_random_canary(); current->stack_canary = canary; #ifdef CONFIG_PPC64 diff --git a/arch/riscv/include/asm/stackprotector.h b/arch/riscv/include/asm/stackprotector.h index 09093af46565..43895b90fe3f 100644 --- a/arch/riscv/include/asm/stackprotector.h +++ b/arch/riscv/include/asm/stackprotector.h @@ -3,9 +3,6 @@ #ifndef _ASM_RISCV_STACKPROTECTOR_H #define _ASM_RISCV_STACKPROTECTOR_H -#include -#include - extern unsigned long __stack_chk_guard; /* @@ -16,12 +13,7 @@ extern unsigned long __stack_chk_guard; */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; - canary &= CANARY_MASK; + unsigned long canary = get_random_canary(); current->stack_canary = canary; if (!IS_ENABLED(CONFIG_STACKPROTECTOR_PER_TASK)) diff --git a/arch/sh/include/asm/stackprotector.h b/arch/sh/include/asm/stackprotector.h index 35616841d0a1..665dafac376f 100644 --- a/arch/sh/include/asm/stackprotector.h +++ b/arch/sh/include/asm/stackprotector.h @@ -2,9 +2,6 @@ #ifndef __ASM_SH_STACKPROTECTOR_H #define __ASM_SH_STACKPROTECTOR_H -#include -#include - extern unsigned long __stack_chk_guard; /* @@ -15,12 +12,7 @@ extern unsigned long __stack_chk_guard; */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; - canary &= CANARY_MASK; + unsigned long canary = get_random_canary(); current->stack_canary = canary; __stack_chk_guard = current->stack_canary; diff --git a/arch/x86/include/asm/stackprotector.h b/arch/x86/include/asm/stackprotector.h index 24a8d6c4fb18..00473a650f51 100644 --- a/arch/x86/include/asm/stackprotector.h +++ b/arch/x86/include/asm/stackprotector.h @@ -34,7 +34,6 @@ #include #include -#include #include /* @@ -50,22 +49,11 @@ */ static __always_inline void boot_init_stack_canary(void) { - u64 canary; - u64 tsc; + unsigned long canary = get_random_canary(); #ifdef CONFIG_X86_64 BUILD_BUG_ON(offsetof(struct fixed_percpu_data, stack_canary) != 40); #endif - /* - * We both use the random pool and the current TSC as a source - * of randomness. The TSC only matters for very early init, - * there it already has some randomness on most systems. Later - * on during the bootup the random pool has true entropy too. - */ - get_random_bytes(&canary, sizeof(canary)); - tsc = rdtsc(); - canary += tsc + (tsc << 32UL); - canary &= CANARY_MASK; current->stack_canary = canary; #ifdef CONFIG_X86_64 diff --git a/arch/xtensa/include/asm/stackprotector.h b/arch/xtensa/include/asm/stackprotector.h index e368f94fd2af..e1e318a0c98a 100644 --- a/arch/xtensa/include/asm/stackprotector.h +++ b/arch/xtensa/include/asm/stackprotector.h @@ -14,7 +14,6 @@ #ifndef _ASM_STACKPROTECTOR_H #define _ASM_STACKPROTECTOR_H 1 -#include #include extern unsigned long __stack_chk_guard; @@ -27,11 +26,7 @@ extern unsigned long __stack_chk_guard; */ static __always_inline void boot_init_stack_canary(void) { - unsigned long canary; - - /* Try to get a semi random initial value. */ - get_random_bytes(&canary, sizeof(canary)); - canary ^= LINUX_VERSION_CODE; + unsigned long canary = get_random_canary(); current->stack_canary = canary; __stack_chk_guard = current->stack_canary;