From 0e92a80434d08e0f030e6ded418360ad785bf57d Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Sun, 14 Feb 2021 12:27:07 +0100
Subject: [PATCH] Kernel: Add some bits of randomness to kernel stack pointers

Since kernel stacks are much smaller (64 KiB) than userspace stacks,
we only add a small bit of randomness here (0-256 bytes, 16b aligned.)

This makes the location of the task context switch buffer not be
100% predictable. Note that we still also add extra randomness upon
syscall entry, so this patch primarily affects context switching.
---
 Kernel/Arch/i386/CPU.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Kernel/Arch/i386/CPU.cpp b/Kernel/Arch/i386/CPU.cpp
index a224504064..0ec87694a8 100644
--- a/Kernel/Arch/i386/CPU.cpp
+++ b/Kernel/Arch/i386/CPU.cpp
@@ -1405,6 +1405,10 @@ u32 Processor::init_context(Thread& thread, bool leave_crit)
     }
 
     u32 kernel_stack_top = thread.kernel_stack_top();
+
+    // Add a random offset between 0-256 (16-byte aligned)
+    kernel_stack_top -= round_up_to_power_of_two(get_fast_random<u8>(), 16);
+
     u32 stack_top = kernel_stack_top;
 
     // TODO: handle NT?