On Wed, Jun 19, 2024 at 02:47:15PM -0700, Kees Cook wrote:
> An unintended consequence of commit 9c573cd31343 ("randomize_kstack:
> Improve entropy diffusion") was that the per-architecture entropy size
> filtering reduced how many bits were being added to the mix, rather than
> how many bits were being used during the offsetting. All architectures
> fell back to the existing default of 0x3FF (10 bits), which will consume
> at most 1KiB of stack space. It seems that this is working just fine,
> so let's avoid the confusion and update everything to use the default.
>
> The prior intent of the per-architecture limits were:
>
> arm64: capped at 0x1FF (9 bits), 5 bits effective
> powerpc: uncapped (10 bits), 6 or 7 bits effective
> riscv: uncapped (10 bits), 6 bits effective
> x86: capped at 0xFF (8 bits), 5 (x86_64) or 6 (ia32) bits effective
> s390: capped at 0xFF (8 bits), undocumented effective entropy
>
> Current discussion has led to just dropping the original per-architecture
> filters. The additional entropy appears to be safe for arm64, x86,
> and s390. Quoting Arnd, "There is no point pretending that 15.75KB is
> somehow safe to use while 15.00KB is not."
>
> Co-developed-by: Yuntao Liu <liuyuntao12@xxxxxxxxxx>
> Signed-off-by: Yuntao Liu <liuyuntao12@xxxxxxxxxx>
> Fixes: 9c573cd31343 ("randomize_kstack: Improve entropy diffusion")
> Link: https://lore.kernel.org/r/20240617133721.377540-1-liuyuntao12@xxxxxxxxxx
> Signed-off-by: Kees Cook <kees@xxxxxxxxxx>
> ---
> Cc: Arnd Bergmann <arnd@xxxxxxxx>
> Cc: Mark Rutland <mark.rutland@xxxxxxx>
> ---
> arch/arm64/kernel/syscall.c | 16 +++++++---------
> arch/s390/include/asm/entry-common.h | 2 +-
> arch/x86/include/asm/entry-common.h | 15 ++++++---------
> 3 files changed, 14 insertions(+), 19 deletions(-)
Acked-by: Heiko Carstens <hca@xxxxxxxxxxxxx> # s390
