kernel: canaries: Allow using TLS to store it Add new option to use thread local storage for stack canaries. This makes harder to find the canaries location and value. This is made optional because there is a performance and size penalty when using it. Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>

commit: d16c5b904854c2bce0652b63bc2f63fbc455a905 [log] [tgz]
author: Flavio Ceolin <flavio.ceolin@intel.com> Tue Aug 01 15:07:57 2023 -0700
committer: Chris Friedt <chrisfriedt@gmail.com> Tue Aug 08 19:08:04 2023 -0400
tree: 462593313e918730296f8434789e2dc2cd129383
parent: 20c9bb856fa0b5f244cbf74766cced76b944b9a0 [diff] [blame]
diff --git a/kernel/compiler_stack_protect.c b/kernel/compiler_stack_protect.c
index 790840c..2ee2d81 100644
--- a/kernel/compiler_stack_protect.c
+++ b/kernel/compiler_stack_protect.c

@@ -46,7 +46,9 @@
  * Symbol referenced by GCC compiler generated code for canary value.
  * The canary value gets initialized in z_cstart().
  */
-#ifdef CONFIG_USERSPACE
+#ifdef CONFIG_STACK_CANARIES_TLS
+__thread uintptr_t __stack_chk_guard;
+#elif CONFIG_USERSPACE
 K_APP_DMEM(z_libc_partition) uintptr_t __stack_chk_guard;
 #else
 __noinit uintptr_t __stack_chk_guard;
commit	d16c5b904854c2bce0652b63bc2f63fbc455a905	[log] [tgz]
author	Flavio Ceolin <flavio.ceolin@intel.com>	Tue Aug 01 15:07:57 2023 -0700
committer	Chris Friedt <chrisfriedt@gmail.com>	Tue Aug 08 19:08:04 2023 -0400
tree	462593313e918730296f8434789e2dc2cd129383
parent	20c9bb856fa0b5f244cbf74766cced76b944b9a0 [diff] [blame]