On Wed, Aug 16, 2017 at 3:46 PM, Laura Abbott <labbott@xxxxxxxxxx> wrote:
> From: Laura Abbott <lauraa@xxxxxxxxxxxxxx>
>
> Stack canary intialization involves getting a random number.
> Getting this random number may involve accessing caches or other
> architectural specific features which are not available until
> after the architecture is setup. Move the stack canary initialization
> later to accomodate this.
>
> Signed-off-by: Laura Abbott <lauraa@xxxxxxxxxxxxxx>
> Signed-off-by: Laura Abbott <labbott@xxxxxxxxxx>
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
-Kees
> ---
> v2: Also moved add_latent_entropy per suggestion of Kees.
> ---
> init/main.c | 11 +++++------
> 1 file changed, 5 insertions(+), 6 deletions(-)
>
> diff --git a/init/main.c b/init/main.c
> index 052481fbe363..21d599eaad06 100644
> --- a/init/main.c
> +++ b/init/main.c
> @@ -515,12 +515,6 @@ asmlinkage __visible void __init start_kernel(void)
> smp_setup_processor_id();
> debug_objects_early_init();
>
> - /*
> - * Set up the initial canary ASAP:
> - */
> - add_latent_entropy();
> - boot_init_stack_canary();
> -
> cgroup_init_early();
>
> local_irq_disable();
> @@ -534,6 +528,11 @@ asmlinkage __visible void __init start_kernel(void)
> page_address_init();
> pr_notice("%s", linux_banner);
> setup_arch(&command_line);
> + /*
> + * Set up the the initial canary and entropy after arch
> + */
> + add_latent_entropy();
> + boot_init_stack_canary();
> mm_init_cpumask(&init_mm);
> setup_command_line(command_line);
> setup_nr_cpu_ids();
> --
> 2.13.0
>
--
Kees Cook
Pixel Security
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
