x86: stackprotector: mix TSC to the boot canary

mix the TSC to the boot canary.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

diff --git a/include/asm-x86/stackprotector.h b/include/asm-x86/stackprotector.h
index 0f91f7a..3baf7ad 100644 (file)
--- a/include/asm-x86/stackprotector.h
+++ b/include/asm-x86/stackprotector.h
@@ -1,6 +1,8 @@
 #ifndef _ASM_STACKPROTECTOR_H
 #define _ASM_STACKPROTECTOR_H 1
 
+#include <asm/tsc.h>
+
 /*
  * Initialize the stackprotector canary value.
  *
@@ -9,16 +11,28 @@
  */
 static __always_inline void boot_init_stack_canary(void)
 {
+       u64 canary;
+       u64 tsc;
+
        /*
         * If we're the non-boot CPU, nothing set the PDA stack
         * canary up for us - and if we are the boot CPU we have
         * a 0 stack canary. This is a good place for updating
         * it, as we wont ever return from this function (so the
         * invalid canaries already on the stack wont ever
-        * trigger):
+        * trigger).
+        *
+        * We both use the random pool and the current TSC as a source
+        * of randomness. The TSC only matters for very early init,
+        * there it already has some randomness on most systems. Later
+        * on during the bootup the random pool has true entropy too.
         */
-       current->stack_canary = get_random_int();
-       write_pda(stack_canary, current->stack_canary);
+       get_random_bytes(&canary, sizeof(canary));
+       tsc = __native_read_tsc();
+       canary += tsc + (tsc << 32UL);
+
+       current->stack_canary = canary;
+       write_pda(stack_canary, canary);
 }
 
 #endif