Re: [PATCH v4 3/5] stack: Optionally randomize kernel stack offset each syscall
From: Kees Cook
Date: Mon Jun 22 2020 - 17:26:31 EST
On Mon, Jun 22, 2020 at 12:40:49PM -0700, Randy Dunlap wrote:
> On 6/22/20 12:31 PM, Kees Cook wrote:
> > This provides the ability for architectures to enable kernel stack base
> > address offset randomization. This feature is controlled by the boot
> > param "randomize_kstack_offset=on/off", with its default value set by
> > CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT.
> >
> > Co-developed-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
> > Signed-off-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
> > Link: https://lore.kernel.org/r/20190415060918.3766-1-elena.reshetova@xxxxxxxxx
> > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> > ---
> > Makefile | 4 ++++
> > arch/Kconfig | 23 ++++++++++++++++++
> > include/linux/randomize_kstack.h | 40 ++++++++++++++++++++++++++++++++
> > init/main.c | 23 ++++++++++++++++++
> > 4 files changed, 90 insertions(+)
> > create mode 100644 include/linux/randomize_kstack.h
>
> Please add documentation for the new kernel boot parameter to
> Documentation/admin-guide/kernel-parameters.txt.
Oops, yes. Thanks for the reminder!
(I wonder if checkpatch can notice "+early_param" and suggest the Doc
update hmmm)
--
Kees Cook