Google Git
Sign in
pigweed/third_party/github/zephyrproject-rtos/zephyr/82ace41da43a54436a2690996c3a4bcf838f4f0e^!/./kernel/init.c
commit
82ace41da43a54436a2690996c3a4bcf838f4f0e
[log]
author
Flavio Ceolin <flavio.ceolin@gmail.com>
Mon Nov 25 13:58:40 2024 -0800
committer
Benjamin Cabé <kartben@gmail.com>
Fri Dec 20 12:37:20 2024 +0100
tree
df6fc29815be26404a4b22f18ff7a256c7b372b4
parent
5929677d7a74aefa341b61a87d81b788763224b2 [diff] [blame]
security: Additional option for stack canaries

Previously, when stack canaries were enabled, Zephyr applied this
protection to all functions. This commit introduces a new option that
allows stack canary protection to be applied selectively to specific
functions based on certain criteria.

Signed-off-by: Flavio Ceolin <flavio.ceolin@gmail.com>

diff --git a/kernel/init.c b/kernel/init.c
index a43f040..d6c4fb3 100644
--- a/kernel/init.c
+++ b/kernel/init.c

@@ -289,13 +289,13 @@
 }
 #endif /* CONFIG_LINKER_USE_PINNED_SECTION */
 
-#ifdef CONFIG_STACK_CANARIES
+#ifdef CONFIG_REQUIRES_STACK_CANARIES
 #ifdef CONFIG_STACK_CANARIES_TLS
 extern Z_THREAD_LOCAL volatile uintptr_t __stack_chk_guard;
 #else
 extern volatile uintptr_t __stack_chk_guard;
 #endif /* CONFIG_STACK_CANARIES_TLS */
-#endif /* CONFIG_STACK_CANARIES */
+#endif /* CONFIG_REQUIRES_STACK_CANARIES */
 
 /* LCOV_EXCL_STOP */
 
@@ -778,13 +778,13 @@
 #endif
 	z_sys_init_run_level(INIT_LEVEL_PRE_KERNEL_2);
 
-#ifdef CONFIG_STACK_CANARIES
+#ifdef CONFIG_REQUIRES_STACK_CANARIES
 	uintptr_t stack_guard;
 
 	z_early_rand_get((uint8_t *)&stack_guard, sizeof(stack_guard));
 	__stack_chk_guard = stack_guard;
 	__stack_chk_guard <<= 8;
-#endif	/* CONFIG_STACK_CANARIES */
+#endif	/* CONFIG_REQUIRES_STACK_CANARIES */
 
 #ifdef CONFIG_TIMING_FUNCTIONS_NEED_AT_BOOT
 	timing_init();