stackprotector: add boot_init_stack_canary()
add the boot_init_stack_canary() and make the secondary idle threads
use it.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index d4c7ac7..5107cb2 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -147,7 +147,6 @@
{
current_thread_info()->status |= TS_POLLING;
-#ifdef CONFIG_CC_STACKPROTECTOR
/*
* If we're the non-boot CPU, nothing set the PDA stack
* canary up for us - and if we are the boot CPU we have
@@ -156,9 +155,8 @@
* invalid canaries already on the stack wont ever
* trigger):
*/
- current->stack_canary = get_random_int();
- write_pda(stack_canary, current->stack_canary);
-#endif
+ boot_init_stack_canary();
+
/* endless idle loop with no priority at all */
while (1) {
tick_nohz_stop_sched_tick();
diff --git a/include/asm-x86/stackprotector.h b/include/asm-x86/stackprotector.h
index dcac7a6..0f91f7a 100644
--- a/include/asm-x86/stackprotector.h
+++ b/include/asm-x86/stackprotector.h
@@ -1,4 +1,24 @@
#ifndef _ASM_STACKPROTECTOR_H
#define _ASM_STACKPROTECTOR_H 1
+/*
+ * Initialize the stackprotector canary value.
+ *
+ * NOTE: this must only be called from functions that never return,
+ * and it must always be inlined.
+ */
+static __always_inline void boot_init_stack_canary(void)
+{
+ /*
+ * If we're the non-boot CPU, nothing set the PDA stack
+ * canary up for us - and if we are the boot CPU we have
+ * a 0 stack canary. This is a good place for updating
+ * it, as we wont ever return from this function (so the
+ * invalid canaries already on the stack wont ever
+ * trigger):
+ */
+ current->stack_canary = get_random_int();
+ write_pda(stack_canary, current->stack_canary);
+}
+
#endif
diff --git a/include/linux/stackprotector.h b/include/linux/stackprotector.h
index d3e8bbe..422e71a 100644
--- a/include/linux/stackprotector.h
+++ b/include/linux/stackprotector.h
@@ -3,6 +3,10 @@
#ifdef CONFIG_CC_STACKPROTECTOR
# include <asm/stackprotector.h>
+#else
+static inline void boot_init_stack_canary(void)
+{
+}
#endif
#endif