Merge tag 'hardening-v7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

	def_bool n

	help

	  An arch should select this symbol if it can support kernel stack

	  offset randomization with calls to add_random_kstack_offset()

	  during syscall entry and choose_random_kstack_offset() during

	  syscall exit. Careful removal of -fstack-protector-strong and

	  offset randomization with a call to add_random_kstack_offset()

	  during syscall entry. Careful removal of -fstack-protector-strong and

	  -fstack-protector should also be applied to the entry code and

	  closely examined, as the artificial stack bump looks like an array

	  to the compiler, so it will attempt to add canary checks regardless

	}

	syscall_set_return_value(current, regs, 0, ret);

	/*

	 * This value will get limited by KSTACK_OFFSET_MAX(), which is 10

	 * bits. The actual entropy will be further reduced by the compiler

	 * when applying stack alignment constraints: the AAPCS mandates a

	 * 16-byte aligned SP at function boundaries, which will remove the

	 * 4 low bits from any entropy chosen here.

	 *

	 * The resulting 6 bits of entropy is seen in SP[9:4].

	 */

	choose_random_kstack_offset(get_random_u16());

}

static inline bool has_syscall_work(unsigned long flags)

					   regs->regs[7], regs->regs[8], regs->regs[9]);

	}

	/*

	 * This value will get limited by KSTACK_OFFSET_MAX(), which is 10

	 * bits. The actual entropy will be further reduced by the compiler

	 * when applying stack alignment constraints: 16-bytes (i.e. 4-bits)

	 * aligned, which will remove the 4 low bits from any entropy chosen

	 * here.

	 *

	 * The resulting 6 bits of entropy is seen in SP[9:4].

	 */

	choose_random_kstack_offset(get_cycles());

	syscall_exit_to_user_mode(regs);

}

	kuap_lock();

	add_random_kstack_offset();

	if (IS_ENABLED(CONFIG_PPC_IRQ_SOFT_MASK_DEBUG))

		BUG_ON(irq_soft_mask_return() != IRQS_ALL_DISABLED);

	CT_WARN_ON(ct_state() == CT_STATE_KERNEL);

	user_exit_irqoff();

	add_random_kstack_offset();

	BUG_ON(regs_is_unrecoverable(regs));

	BUG_ON(!user_mode(regs));

	BUG_ON(arch_irq_disabled_regs(regs));

	}

#endif

	/*

	 * Ultimately, this value will get limited by KSTACK_OFFSET_MAX(),

	 * so the maximum stack offset is 1k bytes (10 bits).

	 *

	 * The actual entropy will be further reduced by the compiler when

	 * applying stack alignment constraints: the powerpc architecture

	 * may have two kinds of stack alignment (16-bytes and 8-bytes).

	 *

	 * So the resulting 6 or 7 bits of entropy is seen in SP[9:4] or SP[9:3].

	 */

	choose_random_kstack_offset(mftb());

	return ret;

}

			syscall_handler(regs, syscall);

		}

		/*

		 * Ultimately, this value will get limited by KSTACK_OFFSET_MAX(),

		 * so the maximum stack offset is 1k bytes (10 bits).

		 *

		 * The actual entropy will be further reduced by the compiler when

		 * applying stack alignment constraints: 16-byte (i.e. 4-bit) aligned

		 * for RV32I or RV64I.

		 *

		 * The resulting 6 bits of entropy is seen in SP[9:4].

		 */

		choose_random_kstack_offset(get_random_u16());

		syscall_exit_to_user_mode(regs);

	} else {

		irqentry_state_t state = irqentry_nmi_enter(regs);