From patchwork Wed Aug 16 23:14:57 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laura Abbott X-Patchwork-Id: 9904719 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 3FCE0600CA for ; Wed, 16 Aug 2017 23:15:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 33CA928984 for ; Wed, 16 Aug 2017 23:15:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2858D28A1B; Wed, 16 Aug 2017 23:15:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 3931428984 for ; Wed, 16 Aug 2017 23:15:24 +0000 (UTC) Received: (qmail 28666 invoked by uid 550); 16 Aug 2017 23:15:17 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 28543 invoked from network); 16 Aug 2017 23:15:16 -0000 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=8gNzCYmb7HIBryVNJVYWfUo1Zo0hQtx7i+2V7Egnm98=; b=GhgYcUPacbbc3FZ+piQ5tE7jiRmZVQFu91MqWMcBN/WyKhtpV8L90NaM4aLghtfngr vwKaYeBaNLY5zUm9Gijq7+wCH2F/LdoYJykAWy9NjorzG3MShV/nLbhEKVo0hVLathyp a1/HNGlOEGkJodRAVQ4RvvxPWxM6dJv8lG250L2p/Q/DzuTIyeGXSnWFUGZXmYCnK018 4WZt0T3UrVx4z5GG16nBuPjkSO0HIL5pfFrpdAvsyFJSY+hSpmUKqUhYT/Fb1hc8/wjQ 1cLlYliwrK0lM+Ar/UnGL+MrKwKsUjEEplq/7XFDMhsEyUqORKqiMVu76OqmdyX5b7c9 yVxg== X-Gm-Message-State: AHYfb5gF+a+1T7nzK3GlgZ5EGzsTQS8aplKPLbSKNjlhA7o9umRvpZik JkRyF1ZX3W9zIc/eS6A0mg== X-Received: by 10.200.49.230 with SMTP id i35mr4567458qte.113.1502925305138; Wed, 16 Aug 2017 16:15:05 -0700 (PDT) From: Laura Abbott To: Kees Cook Cc: Laura Abbott , kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Andrew Morton , Daniel Micay , Laura Abbott Date: Wed, 16 Aug 2017 16:14:57 -0700 Message-Id: <20170816231458.2299-2-labbott@redhat.com> X-Mailer: git-send-email 2.13.0 In-Reply-To: <20170816231458.2299-1-labbott@redhat.com> References: <20170816231458.2299-1-labbott@redhat.com> Subject: [kernel-hardening] [PATCHv3 1/2] init: Move stack canary initialization after setup_arch X-Virus-Scanned: ClamAV using ClamSMTP From: Laura Abbott Stack canary intialization involves getting a random number. Getting this random number may involve accessing caches or other architectural specific features which are not available until after the architecture is setup. Move the stack canary initialization later to accomodate this. Acked-by: Kees Cook Signed-off-by: Laura Abbott Signed-off-by: Laura Abbott --- v3: Ack from Kees --- init/main.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/init/main.c b/init/main.c index 052481fbe363..21d599eaad06 100644 --- a/init/main.c +++ b/init/main.c @@ -515,12 +515,6 @@ asmlinkage __visible void __init start_kernel(void) smp_setup_processor_id(); debug_objects_early_init(); - /* - * Set up the initial canary ASAP: - */ - add_latent_entropy(); - boot_init_stack_canary(); - cgroup_init_early(); local_irq_disable(); @@ -534,6 +528,11 @@ asmlinkage __visible void __init start_kernel(void) page_address_init(); pr_notice("%s", linux_banner); setup_arch(&command_line); + /* + * Set up the the initial canary and entropy after arch + */ + add_latent_entropy(); + boot_init_stack_canary(); mm_init_cpumask(&init_mm); setup_command_line(command_line); setup_nr_cpu_ids();