From: Daniel Palmer Date: Fri, 22 May 2026 09:07:26 +0000 (+0900) Subject: tools/nolibc: stackprotector: Avoid stalling program startup if crng is not init yet X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=b882d807fa443b529ae8bf917d7b640a8d555437;p=thirdparty%2Fkernel%2Flinux.git tools/nolibc: stackprotector: Avoid stalling program startup if crng is not init yet We are using the getrandom syscall to get a random seed for the stack protector canary but we are calling it with no flags which means it'll block until there is some real randomness to return. This means that if the crng is not ready yet program startup will block and if you are unlucky that could be for a long time and look like the program has crashed. Even if the call to getrandom does not yield any random data, we will still initialize the canary. Fixes: 7188d4637e95 ("tools/nolibc: add support for stack protector") Signed-off-by: Daniel Palmer Acked-by: Willy Tarreau Link: https://patch.msgid.link/20260522090726.726985-1-daniel@thingy.jp Signed-off-by: Thomas Weißschuh --- diff --git a/tools/include/nolibc/stackprotector.h b/tools/include/nolibc/stackprotector.h index e11c20c754654..916a92062ba0d 100644 --- a/tools/include/nolibc/stackprotector.h +++ b/tools/include/nolibc/stackprotector.h @@ -42,7 +42,8 @@ uintptr_t __stack_chk_guard; static __nolibc_no_stack_protector void __stack_chk_init(void) { - __nolibc_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard), 0); + __nolibc_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard), + GRND_INSECURE | GRND_NONBLOCK); /* a bit more randomness in case getrandom() fails, ensure the guard is never 0 */ if (__stack_chk_guard != (uintptr_t) &__stack_chk_guard) __stack_chk_guard ^= (uintptr_t) &__stack_chk_guard;