diff options
author | Danny Holman <dholman@gymli.org> | 2024-06-21 23:32:18 -0500 |
---|---|---|
committer | Danny Holman <dholman@gymli.org> | 2024-06-21 23:32:18 -0500 |
commit | 0e8081d8e9db8b9482da7e92a72194bfa927223d (patch) | |
tree | a8250c2071b1af527d896b718827ff7081cb5b56 /arch/i386 | |
parent | 2f224cdeadc380037cb74c10fc65d17aac05b730 (diff) |
libk: use a random value for the stack protector
Don't hardcode the __stack_chk_guard value, generate a random value
(using RDRAND on x86) before running any C code.
Signed-off-by: Danny Holman <dholman@gymli.org>
Diffstat (limited to 'arch/i386')
-rw-r--r-- | arch/i386/boot/boot.s | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/arch/i386/boot/boot.s b/arch/i386/boot/boot.s index 29a3575..f861699 100644 --- a/arch/i386/boot/boot.s +++ b/arch/i386/boot/boot.s @@ -78,6 +78,8 @@ _start: 4: movl $stack_top, %esp and $-16, %esp + call setup_stack_guard + pushl %ebx pushl %eax call i386_entry @@ -86,6 +88,33 @@ _start: 1: hlt jmp 1b +.global setup_stack_guard +.type setup_stack_guard, @function +setup_stack_guard: + pushl %eax + pushl %ebx + pushl %ecx + + movl $1, %eax + movl $0, %ecx + cpuid + shrl $30, %ecx + andl $1, %ecx + jnz start_loop + jmp fail +start_loop: + rdrand %eax + jc done + loop start_loop +fail: + movl $-1, %eax +done: + movl %eax, __stack_chk_guard + popl %ecx + popl %ebx + popl %eax + ret + .global enable_paging .type enable_paging, @function enable_paging: |