diff options
Diffstat (limited to 'arch/arm64/include/asm/stackprotector.h')
| -rw-r--r-- | arch/arm64/include/asm/stackprotector.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/arm64/include/asm/stackprotector.h b/arch/arm64/include/asm/stackprotector.h index de003327b..330412e1f 100644 --- a/arch/arm64/include/asm/stackprotector.h +++ b/arch/arm64/include/asm/stackprotector.h @@ -31,6 +31,9 @@ static __always_inline void boot_init_stack_canary(void) get_random_bytes(&canary, sizeof(canary)); canary ^= LINUX_VERSION_CODE; + /* Sacrifice 8 bits of entropy to mitigate non-terminated C string overflows */ + canary &= ~(unsigned long)0xff; + current->stack_canary = canary; __stack_chk_guard = current->stack_canary; } |