From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Daniel Micay <danielmicay@gmail.com>,
Arjan van de Ven <arjan@linux.intel.com>,
Rik van Riel <riel@redhat.com>, Kees Cook <keescook@chromium.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
kernel-hardening@lists.openwall.com,
Ingo Molnar <mingo@kernel.org>
Subject: [kernel-hardening] [PATCH 3.18 26/45] stackprotector: Increase the per-task stack canarys random range from 32 bits to 64 bits on 64-bit platforms
Date: Mon, 12 Jun 2017 17:26:36 +0200 [thread overview]
Message-ID: <20170612152554.780977170@linuxfoundation.org> (raw)
In-Reply-To: <20170612152553.118037974@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Daniel Micay <danielmicay@gmail.com>
commit 5ea30e4e58040cfd6434c2f33dc3ea76e2c15b05 upstream.
The stack canary is an 'unsigned long' and should be fully initialized to
random data rather than only 32 bits of random data.
Signed-off-by: Daniel Micay <danielmicay@gmail.com>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: Rik van Riel <riel@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Arjan van Ven <arjan@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: kernel-hardening@lists.openwall.com
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/20170504133209.3053-1-danielmicay@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/fork.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -338,7 +338,7 @@ static struct task_struct *dup_task_stru
set_task_stack_end_magic(tsk);
#ifdef CONFIG_CC_STACKPROTECTOR
- tsk->stack_canary = get_random_int();
+ tsk->stack_canary = get_random_long();
#endif
/*
WARNING: multiple messages have this Message-ID (diff)
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Daniel Micay <danielmicay@gmail.com>,
Arjan van de Ven <arjan@linux.intel.com>,
Rik van Riel <riel@redhat.com>, Kees Cook <keescook@chromium.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
kernel-hardening@lists.openwall.com,
Ingo Molnar <mingo@kernel.org>
Subject: [PATCH 3.18 26/45] stackprotector: Increase the per-task stack canarys random range from 32 bits to 64 bits on 64-bit platforms
Date: Mon, 12 Jun 2017 17:26:36 +0200 [thread overview]
Message-ID: <20170612152554.780977170@linuxfoundation.org> (raw)
In-Reply-To: <20170612152553.118037974@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Daniel Micay <danielmicay@gmail.com>
commit 5ea30e4e58040cfd6434c2f33dc3ea76e2c15b05 upstream.
The stack canary is an 'unsigned long' and should be fully initialized to
random data rather than only 32 bits of random data.
Signed-off-by: Daniel Micay <danielmicay@gmail.com>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: Rik van Riel <riel@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Arjan van Ven <arjan@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: kernel-hardening@lists.openwall.com
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/20170504133209.3053-1-danielmicay@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/fork.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -338,7 +338,7 @@ static struct task_struct *dup_task_stru
set_task_stack_end_magic(tsk);
#ifdef CONFIG_CC_STACKPROTECTOR
- tsk->stack_canary = get_random_int();
+ tsk->stack_canary = get_random_long();
#endif
/*
next prev parent reply other threads:[~2017-06-12 15:26 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-12 15:26 [PATCH 3.18 00/45] 3.18.57-stable review Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 01/45] bnx2x: Fix Multi-Cos Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 02/45] ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 03/45] cxgb4: avoid enabling napi twice to the same queue Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 04/45] tcp: disallow cwnd undo when switching congestion control Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 05/45] ipv6: Fix leak in ipv6_gso_segment() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 06/45] net: ping: do not abuse udp_poll() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 07/45] net: ethoc: enable NAPI before poll may be scheduled Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 08/45] serial: ifx6x60: fix use-after-free on module unload Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 09/45] KEYS: fix dereferencing NULL payload with nonzero length Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 10/45] KEYS: fix freeing uninitialized memory in key_update() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 11/45] crypto: gcm - wait for crypto op not signal safe Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 12/45] nfsd4: fix null dereference on replay Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 15/45] arm: KVM: Allow unaligned accesses at HYP Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 16/45] dmaengine: ep93xx: Always start from BASE0 Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 17/45] ext4: fix SEEK_HOLE Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 18/45] ext4: keep existing extra fields when inode expands Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 19/45] usb: gadget: f_mass_storage: Serialize wake and sleep execution Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 20/45] usb: chipidea: udc: fix NULL pointer dereference if udc_start failed Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 21/45] usb: chipidea: debug: check before accessing ci_role Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 22/45] staging/lustre/lov: remove set_fs() call from lov_getstripe() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 23/45] iio: proximity: as3935: fix AS3935_INT mask Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 24/45] drivers: char: random: add get_random_long() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 25/45] random: properly align get_random_int_hash Greg Kroah-Hartman
2017-06-12 15:26 ` Greg Kroah-Hartman [this message]
2017-06-12 15:26 ` [PATCH 3.18 26/45] stackprotector: Increase the per-task stack canarys random range from 32 bits to 64 bits on 64-bit platforms Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 27/45] btrfs: use correct types for page indices in btrfs_page_exists_in_range Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 28/45] btrfs: fix memory leak in update_space_info failure path Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 29/45] scsi: qla2xxx: dont disable a not previously enabled PCI device Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 30/45] powerpc/eeh: Avoid use after free in eeh_handle_special_event() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 31/45] powerpc/numa: Fix percpu allocations to be NUMA aware Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 32/45] perf/core: Drop kernel samples even though :u is specified Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 33/45] drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 34/45] drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 35/45] ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 36/45] ASoC: Fix use-after-free at card unregistration Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 37/45] drivers: char: mem: Fix wraparound check to allow mappings up to the end Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 38/45] serial: sh-sci: Fix panic when serial console and DMA are enabled Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 39/45] arm64: hw_breakpoint: fix watchpoint matching for tagged pointers Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 40/45] arm64: entry: improve data abort handling of " Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 41/45] RDMA/qib,hfi1: Fix MR reference count leak on write with immediate Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 42/45] tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline() Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 43/45] usercopy: Adjust tests to deal with SMAP/PAN Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 44/45] arm64: ensure extension of smp_store_release value Greg Kroah-Hartman
2017-06-12 15:26 ` [PATCH 3.18 45/45] mlx5: stop including <asm-generic/kmap_types.h> Greg Kroah-Hartman
2017-06-12 21:52 ` [PATCH 3.18 00/45] 3.18.57-stable review Guenter Roeck
2017-06-13 0:49 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170612152554.780977170@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=arjan@linux.intel.com \
--cc=danielmicay@gmail.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.