On Mon, Jun 17, 2024 at 04:52:15PM +0100, Mark Rutland wrote: > On Mon, Jun 17, 2024 at 01:37:21PM +0000, Yuntao Liu wrote: > > Since the offset would be bitwise ANDed with 0x3FF in > > add_random_kstack_offset(), so just remove AND operation here. > > > > Signed-off-by: Yuntao Liu <liuyuntao12@xxxxxxxxxx> > > The comments in arm64 and x86 say that they're deliberately capping the > offset at fewer bits than the result of KSTACK_OFFSET_MAX() masking the > value with 0x3FF. > > Maybe it's ok to expand that, but if that's the case the commit message > needs to explain why it's safe add extra bits (2 on arm64, 3 on s39 and > x86), and those comments need to be updated accordingly. > > As-is, I do not think this patch is ok. Yeah, I agree: the truncation is intentional and tuned to the architecture. -- Kees Cook
