Skip to content
  • Ard Biesheuvel's avatar
    ARM: smp: add support for per-task stack canaries · 189af465
    Ard Biesheuvel authored
    
    
    On ARM, we currently only change the value of the stack canary when
    switching tasks if the kernel was built for UP. On SMP kernels, this
    is impossible since the stack canary value is obtained via a global
    symbol reference, which means
    a) all running tasks on all CPUs must use the same value
    b) we can only modify the value when no kernel stack frames are live
       on any CPU, which is effectively never.
    
    So instead, use a GCC plugin to add a RTL pass that replaces each
    reference to the address of the __stack_chk_guard symbol with an
    expression that produces the address of the 'stack_canary' field
    that is added to struct thread_info. This way, each task will use
    its own randomized value.
    
    Cc: Russell King <linux@armlinux.org.uk>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Emese Revfy <re.emese@gmail.com>
    Cc: Arnd Bergmann <arnd@arndb.de>
    Cc: Laura Abbott <labbott@redhat.com>
    Cc: kernel-hardening@lists.openwall.com
    Acked-by: default avatarNicolas Pitre <nico@linaro.org>
    Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    189af465