Commit 1e9283bc authored by Kees Cook's avatar Kees Cook Committed by Gu Bowen
Browse files

randomize_kstack: Improve entropy diffusion 

stable inclusion
from stable-v6.6.27
commit 300a2b9c2b28282974ee300bb5d5025cbbb1f64c
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IB0K55

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=300a2b9c2b28282974ee300bb5d5025cbbb1f64c



--------------------------------

[ Upstream commit 9c573cd313433f6c1f7236fe64b9b743500c1628 ]

The kstack_offset variable was really only ever using the low bits for
kernel stack offset entropy. Add a ror32() to increase bit diffusion.

Suggested-by: default avatarArnd Bergmann <arnd@arndb.de>
Fixes: 39218ff4 ("stack: Optionally randomize kernel stack offset each syscall")
Link: https://lore.kernel.org/r/20240309202445.work.165-kees@kernel.org


Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarGu Bowen <gubowen5@huawei.com>
parent 2d902497

include/linux/randomize_kstack.h

+1 −1
Original line number Diff line number Diff line
@@ -47,7 +47,7 @@ void *__builtin_alloca(size_t size); 
	if (static_branch_maybe(CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT,	\

				&randomize_kstack_offset)) {		\

		u32 offset = raw_cpu_read(kstack_offset);		\

		offset ^= (rand);					\

		offset = ror32(offset, 5) ^ (rand);			\

		raw_cpu_write(kstack_offset, offset);			\

	}								\

} while (0)