From 0e8081d8e9db8b9482da7e92a72194bfa927223d Mon Sep 17 00:00:00 2001 From: Danny Holman Date: Fri, 21 Jun 2024 23:32:18 -0500 Subject: libk: use a random value for the stack protector Don't hardcode the __stack_chk_guard value, generate a random value (using RDRAND on x86) before running any C code. Signed-off-by: Danny Holman --- arch/i386/boot/boot.s | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'arch') diff --git a/arch/i386/boot/boot.s b/arch/i386/boot/boot.s index 29a3575..f861699 100644 --- a/arch/i386/boot/boot.s +++ b/arch/i386/boot/boot.s @@ -78,6 +78,8 @@ _start: 4: movl $stack_top, %esp and $-16, %esp + call setup_stack_guard + pushl %ebx pushl %eax call i386_entry @@ -86,6 +88,33 @@ _start: 1: hlt jmp 1b +.global setup_stack_guard +.type setup_stack_guard, @function +setup_stack_guard: + pushl %eax + pushl %ebx + pushl %ecx + + movl $1, %eax + movl $0, %ecx + cpuid + shrl $30, %ecx + andl $1, %ecx + jnz start_loop + jmp fail +start_loop: + rdrand %eax + jc done + loop start_loop +fail: + movl $-1, %eax +done: + movl %eax, __stack_chk_guard + popl %ecx + popl %ebx + popl %eax + ret + .global enable_paging .type enable_paging, @function enable_paging: -- cgit v1.2.3