diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2024-07-16 13:45:43 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2024-07-16 13:45:43 -0700 |
| commit | ce5a51bfacf7a2953f8fa309a8fc8540c2e288da (patch) | |
| tree | c14afaeac549e50eedff24b1f9dce1d06b390cc7 /include/linux/randomize_kstack.h | |
| parent | 8050258bd1eed0f77dd7e3fa15feb23bbcc38e63 (diff) | |
| parent | 872bb37f6829d4f7f3ed5afe2786add3d4384b4b (diff) | |
| download | linux-ce5a51bfacf7a2953f8fa309a8fc8540c2e288da.tar.gz linux-ce5a51bfacf7a2953f8fa309a8fc8540c2e288da.tar.bz2 linux-ce5a51bfacf7a2953f8fa309a8fc8540c2e288da.zip | |
Merge tag 'hardening-v6.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull hardening updates from Kees Cook:
- lkdtm/bugs: add test for hung smp_call_function_single() (Mark
Rutland)
- gcc-plugins: Remove duplicate included header file stringpool.h
(Thorsten Blum)
- ARM: Remove address checking for MMUless devices (Yanjun Yang)
- randomize_kstack: Clean up per-arch entropy and codegen
- KCFI: Make FineIBT mode Kconfig selectable
- fortify: Do not special-case 0-sized destinations
* tag 'hardening-v6.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
randomize_kstack: Improve stack alignment codegen
ARM: Remove address checking for MMUless devices
gcc-plugins: Remove duplicate included header file stringpool.h
randomize_kstack: Remove non-functional per-arch entropy filtering
fortify: Do not special-case 0-sized destinations
x86/alternatives: Make FineIBT mode Kconfig selectable
lkdtm/bugs: add test for hung smp_call_function_single()
Diffstat (limited to 'include/linux/randomize_kstack.h')
| -rw-r--r-- | include/linux/randomize_kstack.h | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/include/linux/randomize_kstack.h b/include/linux/randomize_kstack.h index 6d92b68efbf6..1d982dbdd0d0 100644 --- a/include/linux/randomize_kstack.h +++ b/include/linux/randomize_kstack.h @@ -32,13 +32,19 @@ DECLARE_PER_CPU(u32, kstack_offset); #endif /* - * Use, at most, 10 bits of entropy. We explicitly cap this to keep the - * "VLA" from being unbounded (see above). 10 bits leaves enough room for - * per-arch offset masks to reduce entropy (by removing higher bits, since - * high entropy may overly constrain usable stack space), and for - * compiler/arch-specific stack alignment to remove the lower bits. + * Use, at most, 6 bits of entropy (on 64-bit; 8 on 32-bit). This cap is + * to keep the "VLA" from being unbounded (see above). Additionally clear + * the bottom 4 bits (on 64-bit systems, 2 for 32-bit), since stack + * alignment will always be at least word size. This makes the compiler + * code gen better when it is applying the actual per-arch alignment to + * the final offset. The resulting randomness is reasonable without overly + * constraining usable stack space. */ -#define KSTACK_OFFSET_MAX(x) ((x) & 0x3FF) +#ifdef CONFIG_64BIT +#define KSTACK_OFFSET_MAX(x) ((x) & 0b1111110000) +#else +#define KSTACK_OFFSET_MAX(x) ((x) & 0b1111111100) +#endif /** * add_random_kstack_offset - Increase stack utilization by previously |