[PATCH] tools/nolibc: stackprotector: Avoid stalling program startup if crng is not init yet

[Daniel Palmer]

We are using the getrandom syscall to get a random seed for the
stack protector canary but we are calling it with no flags which means
it'll block until there is some real randomness to return.

This means that if the crng is not ready yet program startup will
block and if you are unlucky that could be for a long time and
look like the program has crashed.

There is a comment in the code about mixing in the pid to make
sure the canary isn't 0 even if getrandom fails so it seems ok
to pass the non-blocking and insecure flags so it doesn't block
and potentially return something even if the crng is not init
yet.

Fixes: 7188d4637e95 ("tools/nolibc: add support for stack protector")
Signed-off-by: Daniel Palmer <daniel@xxxxxxxxx>
---

The insecure flag is apparently from 5.6, I think Willy said before
we are trying to keep nolibc working on the oldest LTS kernel.
That seems to be 5.10 so I think its ok?

Anyhow, I switched compilers for my nommu target and everything
stopped working, tracked it down to this. my other compiler must
have not supported the stack protector.

 tools/include/nolibc/stackprotector.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/include/nolibc/stackprotector.h b/tools/include/nolibc/stackprotector.h
index e11c20c75465..916a92062ba0 100644
--- a/tools/include/nolibc/stackprotector.h
+++ b/tools/include/nolibc/stackprotector.h
@@ -42,7 +42,8 @@ uintptr_t __stack_chk_guard;
 
 static __nolibc_no_stack_protector void __stack_chk_init(void)
 {
-	__nolibc_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard), 0);
+	__nolibc_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard),
+			  GRND_INSECURE | GRND_NONBLOCK);
 	/* a bit more randomness in case getrandom() fails, ensure the guard is never 0 */
 	if (__stack_chk_guard != (uintptr_t) &__stack_chk_guard)
 		__stack_chk_guard ^= (uintptr_t) &__stack_chk_guard;
-- 
2.53.0