From f298e76ee8f614e00a67873bf4b8b2029f7a721b Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Wed, 16 Aug 2017 18:34:11 +0000 Subject: Randomly bias downwards from the top of each kernel stack, thereby introducing more entropy into stack locations. TODO: consider if we should fill that space with something specific? discussed with mlarkin, mortimer, guenther, kettenis, etc etc etc --- sys/arch/amd64/amd64/vm_machdep.c | 5 +++-- sys/arch/i386/i386/vm_machdep.c | 5 +++-- sys/arch/i386/include/param.h | 4 ++-- 3 files changed, 8 insertions(+), 6 deletions(-) (limited to 'sys') diff --git a/sys/arch/amd64/amd64/vm_machdep.c b/sys/arch/amd64/amd64/vm_machdep.c index 42dc47f92ea..220c7a02031 100644 --- a/sys/arch/amd64/amd64/vm_machdep.c +++ b/sys/arch/amd64/amd64/vm_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vm_machdep.c,v 1.36 2017/02/12 04:55:08 guenther Exp $ */ +/* $OpenBSD: vm_machdep.c,v 1.37 2017/08/16 18:34:08 deraadt Exp $ */ /* $NetBSD: vm_machdep.c,v 1.1 2003/04/26 18:39:33 fvdl Exp $ */ /*- @@ -101,7 +101,8 @@ cpu_fork(struct proc *p1, struct proc *p2, void *stack, void *tcb, pmap_activate(p2); /* Record where this process's kernel stack is */ - pcb->pcb_kstack = (u_int64_t)p2->p_addr + USPACE - 16; + pcb->pcb_kstack = (u_int64_t)p2->p_addr + USPACE - 16 - + (arc4random_uniform(PAGE_SIZE) & ~_STACKALIGNBYTES); /* * Copy the trapframe. diff --git a/sys/arch/i386/i386/vm_machdep.c b/sys/arch/i386/i386/vm_machdep.c index 182795c274f..8cbb3e2fb67 100644 --- a/sys/arch/i386/i386/vm_machdep.c +++ b/sys/arch/i386/i386/vm_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vm_machdep.c,v 1.65 2017/02/12 04:55:08 guenther Exp $ */ +/* $OpenBSD: vm_machdep.c,v 1.66 2017/08/16 18:34:10 deraadt Exp $ */ /* $NetBSD: vm_machdep.c,v 1.61 1996/05/03 19:42:35 christos Exp $ */ /*- @@ -90,7 +90,8 @@ cpu_fork(struct proc *p1, struct proc *p2, void *stack, void *tcb, /* Fix up the TSS. */ pcb->pcb_tss.tss_ss0 = GSEL(GDATA_SEL, SEL_KPL); - pcb->pcb_tss.tss_esp0 = (int)p2->p_addr + USPACE - 16; + pcb->pcb_tss.tss_esp0 = (int)p2->p_addr + USPACE - 16 - + (arc4random_uniform(PAGE_SIZE) & ~_STACKALIGNBYTES); p2->p_md.md_tss_sel = tss_alloc(pcb); diff --git a/sys/arch/i386/include/param.h b/sys/arch/i386/include/param.h index af33da94a4c..fd7088d4a31 100644 --- a/sys/arch/i386/include/param.h +++ b/sys/arch/i386/include/param.h @@ -1,4 +1,4 @@ -/* $OpenBSD: param.h,v 1.48 2016/09/03 14:25:27 bluhm Exp $ */ +/* $OpenBSD: param.h,v 1.49 2017/08/16 18:34:10 deraadt Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. @@ -63,7 +63,7 @@ #define PGSHIFT PAGE_SHIFT /* LOG2(PAGE_SIZE) */ #define PGOFSET PAGE_MASK /* byte offset into page */ -#define UPAGES 2 /* pages of u-area */ +#define UPAGES 3 /* pages of u-area */ #define USPACE (UPAGES * PAGE_SIZE) /* total size of u-area */ #define USPACE_ALIGN 0 /* u-area alignment 0-none */ -- cgit v1.2.3