From 1d88eff4a106397b5f22a8ab338583a7a54233b3 Mon Sep 17 00:00:00 2001
From: Mathias Krause <minipli@grsecurity.net>
Date: Fri, 15 Oct 2021 00:56:34 +0200
Subject: [PATCH] setup: change init code sanitize pattern to 0xcc

Don't sanitize the init code region with zeros as these decode to valid
instructions if %rax points to mapped memory. Instead use 0xcc which
would trap if we ever would return to an address in that range.

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
---
 common/setup.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/setup.c b/common/setup.c
index e4f90b9d..094f6064 100644
--- a/common/setup.c
+++ b/common/setup.c
@@ -178,7 +178,7 @@ void zap_boot_mappings(void) {
     for_each_memory_range (r) {
         if (r->base == VIRT_IDENT_BASE && IS_INIT_SECTION(r->name)) {
             if (strcmp(r->name, ".text.init"))
-                memset(r->start, 0, r->end - r->start);
+                memset(r->start, 0xcc, r->end - r->start);
 
             for (mfn_t mfn = virt_to_mfn(r->start); mfn < virt_to_mfn(r->end); mfn++) {
                 vunmap(mfn_to_virt(mfn), PAGE_ORDER_4K);