| .. | .. |
|---|
| 13 | 13 | * On x86_64, %gs is shared by percpu area and stack canary. All |
|---|
| 14 | 14 | * percpu symbols are zero based and %gs points to the base of percpu |
|---|
| 15 | 15 | * area. The first occupant of the percpu area is always |
|---|
| 16 | | - * irq_stack_union which contains stack_canary at offset 40. Userland |
|---|
| 16 | + * fixed_percpu_data which contains stack_canary at offset 40. Userland |
|---|
| 17 | 17 | * %gs is always saved and restored on kernel entry and exit using |
|---|
| 18 | 18 | * swapgs, so stack protector doesn't add any complexity there. |
|---|
| 19 | 19 | * |
|---|
| .. | .. |
|---|
| 65 | 65 | */ |
|---|
| 66 | 66 | static __always_inline void boot_init_stack_canary(void) |
|---|
| 67 | 67 | { |
|---|
| 68 | | - u64 canary; |
|---|
| 68 | + u64 canary = 0; |
|---|
| 69 | 69 | u64 tsc; |
|---|
| 70 | 70 | |
|---|
| 71 | 71 | #ifdef CONFIG_X86_64 |
|---|
| 72 | | - BUILD_BUG_ON(offsetof(union irq_stack_union, stack_canary) != 40); |
|---|
| 72 | + BUILD_BUG_ON(offsetof(struct fixed_percpu_data, stack_canary) != 40); |
|---|
| 73 | 73 | #endif |
|---|
| 74 | 74 | /* |
|---|
| 75 | 75 | * We both use the random pool and the current TSC as a source |
|---|
| 76 | 76 | * of randomness. The TSC only matters for very early init, |
|---|
| 77 | 77 | * there it already has some randomness on most systems. Later |
|---|
| 78 | 78 | * on during the bootup the random pool has true entropy too. |
|---|
| 79 | + * For preempt-rt we need to weaken the randomness a bit, as |
|---|
| 80 | + * we can't call into the random generator from atomic context |
|---|
| 81 | + * due to locking constraints. We just leave canary |
|---|
| 82 | + * uninitialized and use the TSC based randomness on top of it. |
|---|
| 79 | 83 | */ |
|---|
| 84 | +#ifndef CONFIG_PREEMPT_RT |
|---|
| 80 | 85 | get_random_bytes(&canary, sizeof(canary)); |
|---|
| 86 | +#endif |
|---|
| 81 | 87 | tsc = rdtsc(); |
|---|
| 82 | 88 | canary += tsc + (tsc << 32UL); |
|---|
| 83 | 89 | canary &= CANARY_MASK; |
|---|
| 84 | 90 | |
|---|
| 85 | 91 | current->stack_canary = canary; |
|---|
| 86 | 92 | #ifdef CONFIG_X86_64 |
|---|
| 87 | | - this_cpu_write(irq_stack_union.stack_canary, canary); |
|---|
| 93 | + this_cpu_write(fixed_percpu_data.stack_canary, canary); |
|---|
| 88 | 94 | #else |
|---|
| 89 | 95 | this_cpu_write(stack_canary.canary, canary); |
|---|
| 96 | +#endif |
|---|
| 97 | +} |
|---|
| 98 | + |
|---|
| 99 | +static inline void cpu_init_stack_canary(int cpu, struct task_struct *idle) |
|---|
| 100 | +{ |
|---|
| 101 | +#ifdef CONFIG_X86_64 |
|---|
| 102 | + per_cpu(fixed_percpu_data.stack_canary, cpu) = idle->stack_canary; |
|---|
| 103 | +#else |
|---|
| 104 | + per_cpu(stack_canary.canary, cpu) = idle->stack_canary; |
|---|
| 90 | 105 | #endif |
|---|
| 91 | 106 | } |
|---|
| 92 | 107 | |
|---|
| .. | .. |
|---|
| 119 | 134 | static inline void setup_stack_canary_segment(int cpu) |
|---|
| 120 | 135 | { } |
|---|
| 121 | 136 | |
|---|
| 137 | +static inline void cpu_init_stack_canary(int cpu, struct task_struct *idle) |
|---|
| 138 | +{ } |
|---|
| 139 | + |
|---|
| 122 | 140 | static inline void load_stack_canary_segment(void) |
|---|
| 123 | 141 | { |
|---|
| 124 | 142 | #ifdef CONFIG_X86_32 |
|---|
