This is a note to let you know that I've just added the patch titled
init: move stack canary initialization after setup_arch
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
init-move-stack-canary-initialization-after-setup_arch.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 121388a31362b0d3176dc1190ac8064b98a61b20 Mon Sep 17 00:00:00 2001
From: Laura Abbott <lauraa@xxxxxxxxxxxxxx>
Date: Fri, 8 Sep 2017 16:16:17 -0700
Subject: init: move stack canary initialization after setup_arch
From: Laura Abbott <lauraa@xxxxxxxxxxxxxx>
commit 121388a31362b0d3176dc1190ac8064b98a61b20 upstream.
Patch series "Command line randomness", v3.
A series to add the kernel command line as a source of randomness.
This patch (of 2):
Stack canary intialization involves getting a random number. Getting this
random number may involve accessing caches or other architectural specific
features which are not available until after the architecture is setup.
Move the stack canary initialization later to accommodate this.
Link: http://lkml.kernel.org/r/20170816231458.2299-2-labbott@xxxxxxxxxx
Signed-off-by: Laura Abbott <lauraa@xxxxxxxxxxxxxx>
Signed-off-by: Laura Abbott <labbott@xxxxxxxxxx>
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: "Theodore Ts'o" <tytso@xxxxxxx>
Cc: Daniel Micay <danielmicay@xxxxxxxxx>
Cc: Nick Kralevich <nnk@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Hans-Christian Noren Egtvedt <hegtvedt@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
init/main.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
--- a/init/main.c
+++ b/init/main.c
@@ -487,12 +487,6 @@ asmlinkage __visible void __init start_k
smp_setup_processor_id();
debug_objects_early_init();
- /*
- * Set up the initial canary ASAP:
- */
- add_latent_entropy();
- boot_init_stack_canary();
-
cgroup_init_early();
local_irq_disable();
@@ -506,6 +500,11 @@ asmlinkage __visible void __init start_k
page_address_init();
pr_notice("%s", linux_banner);
setup_arch(&command_line);
+ /*
+ * Set up the the initial canary and entropy after arch
+ */
+ add_latent_entropy();
+ boot_init_stack_canary();
mm_init_cpumask(&init_mm);
setup_command_line(command_line);
setup_nr_cpu_ids();
Patches currently in stable-queue which might be from lauraa@xxxxxxxxxxxxxx are
queue-4.9/init-main.c-extract-early-boot-entropy-from-the-passed-cmdline.patch
queue-4.9/init-move-stack-canary-initialization-after-setup_arch.patch
