git://ftp.safe.ca / safe / jmp / linux-2.6 / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 60a5317) | patch
x86: fix x86_32 stack protector bugs
authorTejun Heo <tj@kernel.org>
Wed, 11 Feb 2009 07:31:00 +0000 (16:31 +0900)
committerIngo Molnar <mingo@elte.hu>
Wed, 11 Feb 2009 10:33:49 +0000 (11:33 +0100)
commit5c79d2a517a9905599d192db8ce77ab5f1a2faca
tree11f550a59b9b653fbd6c54b37effbf2d4a750fb5tree | snapshot
parent60a5317ff0f42dd313094b88f809f63041568b08commit | diff
x86: fix x86_32 stack protector bugs

Impact: fix x86_32 stack protector

Brian Gerst found out that %gs was being initialized to stack_canary
instead of stack_canary - 20, which basically gave the same canary
value for all threads.  Fixing this also exposed the following bugs.

* cpu_idle() didn't call boot_init_stack_canary()

* stack canary switching in switch_to() was being done too late making
  the initial run of a new thread use the old stack canary value.

Fix all of them and while at it update comment in cpu_idle() about
calling boot_init_stack_canary().

Reported-by: Brian Gerst <brgerst@gmail.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
arch/x86/include/asm/stackprotector.h diff | blob | history
arch/x86/include/asm/system.h diff | blob | history
arch/x86/kernel/head_32.S diff | blob | history
arch/x86/kernel/process_32.c diff | blob | history
arch/x86/kernel/process_64.c diff | blob | history
Full containers within linux kernel