diff options
author | Marco Elver <elver@google.com> | 2022-01-31 10:05:20 +0100 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2022-02-14 11:07:12 -0800 |
commit | 8cb37a5974a48569aab8a1736d21399fddbdbdb2 (patch) | |
tree | b7c766fc7e31649c8fabc0c53cefc6c278740ea1 /init/main.c | |
parent | ae978009fc013e3166c9f523f8b17e41a3c0286e (diff) | |
download | lwn-8cb37a5974a48569aab8a1736d21399fddbdbdb2.tar.gz lwn-8cb37a5974a48569aab8a1736d21399fddbdbdb2.zip |
stack: Introduce CONFIG_RANDOMIZE_KSTACK_OFFSET
The randomize_kstack_offset feature is unconditionally compiled in when
the architecture supports it.
To add constraints on compiler versions, we require a dedicated Kconfig
variable. Therefore, introduce RANDOMIZE_KSTACK_OFFSET.
Furthermore, this option is now also configurable by EXPERT kernels:
while the feature is supposed to have zero performance overhead when
disabled, due to its use of static branches, there are few cases where
giving a distribution the option to disable the feature entirely makes
sense. For example, in very resource constrained environments, which
would never enable the feature to begin with, in which case the
additional kernel code size increase would be redundant.
Signed-off-by: Marco Elver <elver@google.com>
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220131090521.1947110-1-elver@google.com
Diffstat (limited to 'init/main.c')
-rw-r--r-- | init/main.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/init/main.c b/init/main.c index 65fa2e41a9c0..560f45c27ffe 100644 --- a/init/main.c +++ b/init/main.c @@ -853,7 +853,7 @@ static void __init mm_init(void) pti_init(); } -#ifdef CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET +#ifdef CONFIG_RANDOMIZE_KSTACK_OFFSET DEFINE_STATIC_KEY_MAYBE_RO(CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT, randomize_kstack_offset); DEFINE_PER_CPU(u32, kstack_offset); |