From 9b5609fd773e6ac0b1d6d6e1bf68f32cca64e06b Mon Sep 17 00:00:00 2001
From: Ingo Molnar <mingo@elte.hu>
Date: Thu, 14 Feb 2008 09:41:09 +0100
Subject: stackprotector: include files

create <linux/stackprotector.h> for core kernel files to include.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 include/linux/stackprotector.h | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 include/linux/stackprotector.h

(limited to 'include/linux/stackprotector.h')

diff --git a/include/linux/stackprotector.h b/include/linux/stackprotector.h
new file mode 100644
index 00000000000..d3e8bbe602f
--- /dev/null
+++ b/include/linux/stackprotector.h
@@ -0,0 +1,8 @@
+#ifndef _LINUX_STACKPROTECTOR_H
+#define _LINUX_STACKPROTECTOR_H 1
+
+#ifdef CONFIG_CC_STACKPROTECTOR
+# include <asm/stackprotector.h>
+#endif
+
+#endif
-- 
cgit v1.2.3-70-g09d2


From 18aa8bb12dcb10adc3d7c9d69714d53667c0ab7f Mon Sep 17 00:00:00 2001
From: Ingo Molnar <mingo@elte.hu>
Date: Thu, 14 Feb 2008 09:42:02 +0100
Subject: stackprotector: add boot_init_stack_canary()

add the boot_init_stack_canary() and make the secondary idle threads
use it.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/kernel/process_64.c     |  6 ++----
 include/asm-x86/stackprotector.h | 20 ++++++++++++++++++++
 include/linux/stackprotector.h   |  4 ++++
 3 files changed, 26 insertions(+), 4 deletions(-)

(limited to 'include/linux/stackprotector.h')

diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index d4c7ac7aa43..5107cb214c7 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -147,7 +147,6 @@ void cpu_idle(void)
 {
 	current_thread_info()->status |= TS_POLLING;
 
-#ifdef CONFIG_CC_STACKPROTECTOR
 	/*
 	 * If we're the non-boot CPU, nothing set the PDA stack
 	 * canary up for us - and if we are the boot CPU we have
@@ -156,9 +155,8 @@ void cpu_idle(void)
 	 * invalid canaries already on the stack wont ever
 	 * trigger):
 	 */
-	current->stack_canary = get_random_int();
-	write_pda(stack_canary, current->stack_canary);
-#endif
+	boot_init_stack_canary();
+
 	/* endless idle loop with no priority at all */
 	while (1) {
 		tick_nohz_stop_sched_tick();
diff --git a/include/asm-x86/stackprotector.h b/include/asm-x86/stackprotector.h
index dcac7a6bdba..0f91f7a2688 100644
--- a/include/asm-x86/stackprotector.h
+++ b/include/asm-x86/stackprotector.h
@@ -1,4 +1,24 @@
 #ifndef _ASM_STACKPROTECTOR_H
 #define _ASM_STACKPROTECTOR_H 1
 
+/*
+ * Initialize the stackprotector canary value.
+ *
+ * NOTE: this must only be called from functions that never return,
+ * and it must always be inlined.
+ */
+static __always_inline void boot_init_stack_canary(void)
+{
+	/*
+	 * If we're the non-boot CPU, nothing set the PDA stack
+	 * canary up for us - and if we are the boot CPU we have
+	 * a 0 stack canary. This is a good place for updating
+	 * it, as we wont ever return from this function (so the
+	 * invalid canaries already on the stack wont ever
+	 * trigger):
+	 */
+	current->stack_canary = get_random_int();
+	write_pda(stack_canary, current->stack_canary);
+}
+
 #endif
diff --git a/include/linux/stackprotector.h b/include/linux/stackprotector.h
index d3e8bbe602f..422e71aafd0 100644
--- a/include/linux/stackprotector.h
+++ b/include/linux/stackprotector.h
@@ -3,6 +3,10 @@
 
 #ifdef CONFIG_CC_STACKPROTECTOR
 # include <asm/stackprotector.h>
+#else
+static inline void boot_init_stack_canary(void)
+{
+}
 #endif
 
 #endif
-- 
cgit v1.2.3-70-g09d2


From 420594296838fdc9a674470d710cda7d1487f9f4 Mon Sep 17 00:00:00 2001
From: Ingo Molnar <mingo@elte.hu>
Date: Thu, 14 Feb 2008 09:44:08 +0100
Subject: x86: fix the stackprotector canary of the boot CPU

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/kernel/process_64.c   | 1 +
 include/linux/stackprotector.h | 4 ++++
 init/main.c                    | 6 ++++++
 3 files changed, 11 insertions(+)

(limited to 'include/linux/stackprotector.h')

diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index 5107cb214c7..cce47f7fbf2 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -16,6 +16,7 @@
 
 #include <stdarg.h>
 
+#include <linux/stackprotector.h>
 #include <linux/cpu.h>
 #include <linux/errno.h>
 #include <linux/sched.h>
diff --git a/include/linux/stackprotector.h b/include/linux/stackprotector.h
index 422e71aafd0..6f3e54c704c 100644
--- a/include/linux/stackprotector.h
+++ b/include/linux/stackprotector.h
@@ -1,6 +1,10 @@
 #ifndef _LINUX_STACKPROTECTOR_H
 #define _LINUX_STACKPROTECTOR_H 1
 
+#include <linux/compiler.h>
+#include <linux/sched.h>
+#include <linux/random.h>
+
 #ifdef CONFIG_CC_STACKPROTECTOR
 # include <asm/stackprotector.h>
 #else
diff --git a/init/main.c b/init/main.c
index a84322ca64a..b44e4eb0f5e 100644
--- a/init/main.c
+++ b/init/main.c
@@ -546,6 +546,12 @@ asmlinkage void __init start_kernel(void)
 	unwind_init();
 	lockdep_init();
 	debug_objects_early_init();
+
+	/*
+	 * Set up the the initial canary ASAP:
+	 */
+	boot_init_stack_canary();
+
 	cgroup_init_early();
 
 	local_irq_disable();
-- 
cgit v1.2.3-70-g09d2