[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 0/3] efi: Initialize canary to non-zero value
|
From: |
Glenn Washburn |
|
Subject: |
[PATCH v2 0/3] efi: Initialize canary to non-zero value |
|
Date: |
Mon, 11 Dec 2023 13:27:47 -0600 |
This series extends and improves the previous patch initializing the
stack guard canary. The first patch improves the previous patch by
setting the most significant byte to NULL, which will filter out
string buffer overflow attacks. The second patch allows creation of
the canary at build time from urandom if it exists. This change breaks
reproducible builds, so the third patch allows the canary to be set
from the environment variable SOURCE_DATE_EPOCH if its value is not
empty.
Glenn
Glenn Washburn (3):
efi: Initialize canary to non-zero value
efi: Generate stack protector canary at build time if urandom is
available
efi: Add support for reproducible builds
config.h.in | 2 ++
configure.ac | 22 ++++++++++++++++++++++
grub-core/kern/efi/init.c | 3 ++-
3 files changed, 26 insertions(+), 1 deletion(-)
--
2.34.1
- [PATCH v2 0/3] efi: Initialize canary to non-zero value,
Glenn Washburn <=