[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Minios-devel] [UNIKRAFT PATCH v2 0/3] lib/uksecurity: Introduce uksecurity library
- To: "minios-devel@xxxxxxxxxxxxx" <minios-devel@xxxxxxxxxxxxx>
- From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
- Date: Wed, 20 Nov 2019 14:02:29 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=stud.acs.upb.ro; dmarc=pass action=none header.from=stud.acs.upb.ro; dkim=pass header.d=stud.acs.upb.ro; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+dnwWOUPojZ1mZgAOwXn+zft40IJijYjEHoqgEgyvEs=; b=hPVpf2WmuVzR9h4FGZdYQvowh4vMQt3wTE2mzIz9UIxwPhHuD5buZY1VJn1dZmNySgX/ByGtQ7NUgj0f+hHCYFAS4n8pezi4Sb5T22lqBVd8W4qnmpU3q6FnF/2eypzWGNPG2viC9i/pRrcY5dwvLBKYWwXB32gqoNAT05d9d3cpBkt1j+fec1eVOjw1NZFuEkMog4hR4JKozJlINNCb1qHr8i3dwXYqGISKbxxqqe81+rLAVPIRGDImTO0L7bTqWwIVELQT09pWKJT3ByVYT+KhLM8NialR7PQ0fUThjaH/jTKBO5SduVjDT7ViERO6reNDhc2qs06I5cOvx3kG9g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A5xIy1XeMTMejnTqkfVevznCy1mxEzOS+Vi64IMObmtg45yiVYrVhi9vAnh86KCgRZQ7VAF9nWYo3PGClfaqnXNthP5131Wdh5+/pETkMO0WPSWYFKxlUvthYpa2e8vIkBKDPmpGeBh0bRu1n+/yQ12vFTYw+d7V2FlsgStVsGu5s9PRn0dyKt6tQ3AhVP+vy+gl0P4C3WhGPSdcrIG9pMZouavnojGL/qdANQDKTK35MLshRl67xE92l4mqHpr+4tHAAWBfGPOeweITkntRzZI2nyIc3vuNHBdz062r6YnsrFCznz/UjaCP5xmzzuA8sF3Fq/zOhaiB7v++qKNsTA==
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=vlad_andrei.badoiu@xxxxxxxxxxxxxxx;
- Cc: "felipe.huici@xxxxxxxxx" <felipe.huici@xxxxxxxxx>, "simon.kuenzer@xxxxxxxxx" <simon.kuenzer@xxxxxxxxx>, Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>, "sharan.santhanam@xxxxxxxxx" <sharan.santhanam@xxxxxxxxx>
- Delivery-date: Wed, 20 Nov 2019 14:02:40 +0000
- List-id: Mini-os development list <minios-devel.lists.xenproject.org>
- Thread-index: AQHVn6sl+hUHuQMIOUC5luu45cFRKw==
- Thread-topic: [UNIKRAFT PATCH v2 0/3] lib/uksecurity: Introduce uksecurity library
This patch introduces an internal library for security related functionalities.
Currently, we provide a basic implementation of stack smashing protection that
has a global value for all threads. The value is randomly initialized during the
boot. We use the '-fstack-protector-all' due to security concerns. Finally, this
option might help us detect bugs caused by stack overflows.
Changes since v1:
* We now use a choice based config option for the stack protector level. Since
the last version we added the regulat and strong stack protector options.
Vlad-Andrei Badoiu (3):
lib/uksecurity: Introduce uksecurity library
build: Add option to toggle the stack protection
lib/ukboot: Initialize the canary value at boot
Config.uk | 33 +++++++++++
Makefile.uk | 13 ++++-
lib/Makefile.uk | 1 +
lib/ukboot/boot.c | 7 +++
lib/uksecurity/Config.uk | 11 ++++
lib/uksecurity/Makefile.uk | 5 ++
lib/uksecurity/exportsyms.uk | 2 +
.../include/uksecurity/stackprotector.h | 58 +++++++++++++++++++
lib/uksecurity/ssp.c | 43 ++++++++++++++
9 files changed, 171 insertions(+), 2 deletions(-)
create mode 100644 lib/uksecurity/Config.uk
create mode 100644 lib/uksecurity/Makefile.uk
create mode 100644 lib/uksecurity/exportsyms.uk
create mode 100644 lib/uksecurity/include/uksecurity/stackprotector.h
create mode 100644 lib/uksecurity/ssp.c
--
2.20.1
_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel
|