[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Minios-devel] [UNIKRAFT PATCH v3 1/3] lib/uksp: Introduce uksp library

  • To: Simon Kuenzer <simon.kuenzer@xxxxxxxxx>, "minios-devel@xxxxxxxxxxxxx" <minios-devel@xxxxxxxxxxxxx>
  • From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
  • Date: Mon, 27 Jan 2020 13:33:56 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=stud.acs.upb.ro; dmarc=pass action=none header.from=stud.acs.upb.ro; dkim=pass header.d=stud.acs.upb.ro; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GCiKywp/OyVb3M4p99xgGNVKdciquQWbYIWjuRiBLRI=; b=dp5evSDAdvIzYw4UQ0wzYjM08rNiymbtwxUI0PwmtqixM0zfOpv21PeMTjV1febs/7j91B+SRn3sor7EyNOAG2Pd2gh3Aznwz5uCmWwmXVFotREr3iWRZhwN/YcGGCvDNQfMOoOu9ytZUgCwFzdgBoAJBh7qqI61navjFgWc1jD+S3nZXfMFxKJnz62WKZCKBAc4HcjeX3dGgjmb37sMBATObgbnGqy04J6cLyZFY//L4bslQweFWzGEaNFfr2cGlKpGxHSMB1iphmlsSf/pB8RlaFmgwVPAjwCcM/VJ2WjWtzHp4SlAc6nx2lOlmEJuERYbE+yhsAtqOafuD14w4w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hFfSdRCMuNRduXptGVI/EQYUz8YxMaFCno9ezrO6svagka+ZZc07ZPzzReReu119lJvedzRq3kRBZjPSF8kFig1jAqL4+AUBXEhYQGOmDqm2rfJKiuzlydk07o/H1IdsdN8WtSSi591N9k8G5jUkwBQM8GtkKf5OrBrgaUNWfco8OFb43knrsF1JXlEyPxdxIp8iL0B6SulC4uPaJJ4/gSVqBz1cq2UafYMbh0YV8OZfY77Dv5euRa/2Ui09Chh2Me2ZisK8bpJIo+lHlSuAz7mhbgt0Ial763aPKVyVdv+vhT/23CsLgFHuE+7zUvFYyxljsZIXK0nS9rFS106x5A==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=vlad_andrei.badoiu@xxxxxxxxxxxxxxx;
  • Cc: "felipe.huici@xxxxxxxxx" <felipe.huici@xxxxxxxxx>, "sharan.santhanam@xxxxxxxxx" <sharan.santhanam@xxxxxxxxx>, "costin.lupu@xxxxxxxxx" <costin.lupu@xxxxxxxxx>
  • Delivery-date: Mon, 27 Jan 2020 13:34:04 +0000
  • List-id: Mini-os development list <minios-devel.lists.xenproject.org>
  • Thread-index: AQHVqrWKDiRT9u0RqEi8sTy4Ac1THqffdQkAgB9iVgA=
  • Thread-topic: [UNIKRAFT PATCH v3 1/3] lib/uksp: Introduce uksp library
Hey Simon,

Thank you for the review, I agree with all the proposed changes. Please 
see my answer inline.

Vlad

On 07.01.2020 16:17, Simon Kuenzer wrote:
> On 04.12.19 16:14, Vlad-Andrei BĂDOIU (78692) wrote:
>> From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>>
>> This library provides the necessary functionalities for the stack
>> protector.
>>
>> A make clean is required when toggling the stack smashing protection
>> option.
>>
>> Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>> ---
>>   lib/Makefile.uk                        |  1 +
>>   lib/uksp/Config.uk                     |  4 ++
>>   lib/uksp/Makefile.uk                   |  5 +++
>>   lib/uksp/exportsyms.uk                 |  2 +
>>   lib/uksp/include/uksp/stackprotector.h | 56 ++++++++++++++++++++++++++
>>   lib/uksp/ssp.c                         | 43 ++++++++++++++++++++
>>   6 files changed, 111 insertions(+)
>>   create mode 100644 lib/uksp/Config.uk
>>   create mode 100644 lib/uksp/Makefile.uk
>>   create mode 100644 lib/uksp/exportsyms.uk
>>   create mode 100644 lib/uksp/include/uksp/stackprotector.h
>>   create mode 100644 lib/uksp/ssp.c
>>
>> diff --git a/lib/Makefile.uk b/lib/Makefile.uk
>> index 4b9568a1..735d0eda 100644
>> --- a/lib/Makefile.uk
>> +++ b/lib/Makefile.uk
>> @@ -34,3 +34,4 @@ $(eval $(call 
>> _import_lib,$(CONFIG_UK_BASE)/lib/uktime))
>>   $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/ukmmap))
>>   $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/ukblkdev))
>>   $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/posix-process))
>> +$(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/uksp))
>> diff --git a/lib/uksp/Config.uk b/lib/uksp/Config.uk
>> new file mode 100644
>> index 00000000..497381a3
>> --- /dev/null
>> +++ b/lib/uksp/Config.uk
>> @@ -0,0 +1,4 @@
>> +config LIBUKSP
>> +    bool "uksp : stack protector"
>
> In order to make the library title inline with the others, please 
> remove the space before the colon and start with a capital letter 
> after the colon. For instance: "uksp: Stack protection"
>
>> +    select LIBUKSWRAND
>> +    default n
>> diff --git a/lib/uksp/Makefile.uk b/lib/uksp/Makefile.uk
>> new file mode 100644
>> index 00000000..6c391c9d
>> --- /dev/null
>> +++ b/lib/uksp/Makefile.uk
>> @@ -0,0 +1,5 @@
>> +$(eval $(call addlib_s,libuksp,$(CONFIG_LIBUKSP)))
>> +
>> +CINCLUDES-y += -I$(LIBUKSP_BASE)/include
>> +
>> +LIBUKSP_SRCS-y += $(LIBUKSP_BASE)/ssp.c
>> diff --git a/lib/uksp/exportsyms.uk b/lib/uksp/exportsyms.uk
>> new file mode 100644
>> index 00000000..fbc319e7
>> --- /dev/null
>> +++ b/lib/uksp/exportsyms.uk
>> @@ -0,0 +1,2 @@
>> +__stack_chk_fail
>> +__stack_chk_guard
>> diff --git a/lib/uksp/include/uksp/stackprotector.h 
>> b/lib/uksp/include/uksp/stackprotector.h
>
> Hum, do you really want to put the headers under 
> <uksp/stackprotector.h>? I would do it inline with our other Unikraft 
> libraries and add it within the `uk` name space: <uk/sp.h>... But 
> overall, I even think that we do not need a header for this library. I 
> would declare the init function as uk_ctor function - no need to call 
> it directly from lib/ukboot.
>
>> new file mode 100644
>> index 00000000..2410b21b
>> --- /dev/null
>> +++ b/lib/uksp/include/uksp/stackprotector.h
>> @@ -0,0 +1,56 @@
>> +/* SPDX-License-Identifier: BSD-3-Clause */
>> +/*
>> + * Authors: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>> + *
>> + * Copyright (c) 2019, University Politehnica of Bucharest. All 
>> rights reserved.
>> + *
>> + * Redistribution and use in source and binary forms, with or without
>> + * modification, are permitted provided that the following conditions
>> + * are met:
>> + *
>> + * 1. Redistributions of source code must retain the above copyright
>> + *    notice, this list of conditions and the following disclaimer.
>> + * 2. Redistributions in binary form must reproduce the above copyright
>> + *    notice, this list of conditions and the following disclaimer 
>> in the
>> + *    documentation and/or other materials provided with the 
>> distribution.
>> + * 3. Neither the name of the copyright holder nor the names of its
>> + *    contributors may be used to endorse or promote products 
>> derived from
>> + *    this software without specific prior written permission.
>> + *
>> + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND 
>> CONTRIBUTORS "AS IS"
>> + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
>> TO, THE
>> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 
>> PARTICULAR PURPOSE
>> + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 
>> CONTRIBUTORS BE
>> + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 
>> BUSINESS
>> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 
>> WHETHER IN
>> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 
>> OTHERWISE)
>> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 
>> ADVISED OF THE
>> + * POSSIBILITY OF SUCH DAMAGE.
>> + *
>> + * THIS HEADER MAY NOT BE EXTRACTED OR MODIFIED IN ANY WAY.
>> + */
>> +
>> +#ifndef __UK_STACKPROTECTOR_H__
>> +#define __UK_STACKPROTECTOR_H__
>> +
>> +#include <uk/swrand.h>
>> +#include <uk/config.h>
>> +
>> +#ifdef __cplusplus
>> +extern "C" {
>> +#endif
>> +
>> +extern unsigned long __stack_chk_guard;
>> +
>> +static __attribute__((always_inline)) void boot_init_stack_canary(void)
>> +{
>> +    __stack_chk_guard = uk_swrand_randr();
>> +}
>
> I would put the init function into ssp.c and declare it as system 
> constructor:
>
>    UK_CTOR_FUNC(UK_SWRAND_CTOR_PRIO + 1, init_stack_canary);

This wouldn't work since we end up with a concatenation: ... ## lvl ## 
... where lvl is UK_SWRAND_CTOR_PRIO + 1.

Since the preprocessor performs integer arithmetic only for conditional 
directives this causes compilation errors. I'll

leave the value to 2 until we find a solution to this.

>
> You would call it directly after libukswrandr was initialized. In 
> order to get the priority value, we maybe want to move 
> `UK_SWRAND_CTOR_PRIO` definition to the <uk/swrand.h> header.
>
>> +
>> +#ifdef __cplusplus
>> +}
>> +#endif
>> +
>> +#endif /* __UK_STACKPROTECTOR_H__ */
>> diff --git a/lib/uksp/ssp.c b/lib/uksp/ssp.c
>> new file mode 100644
>> index 00000000..79fd0e55
>> --- /dev/null
>> +++ b/lib/uksp/ssp.c
>> @@ -0,0 +1,43 @@
>> +/* SPDX-License-Identifier: BSD-3-Clause */
>> +/*
>> + * Authors: Badoiu Vlad-Andrei <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>> + *
>> + * Copyright (c) 2019, University Politehnica of Bucharest. All 
>> rights reserved.
>> + *
>> + * Redistribution and use in source and binary forms, with or without
>> + * modification, are permitted provided that the following conditions
>> + * are met:
>> + *
>> + * 1. Redistributions of source code must retain the above copyright
>> + *    notice, this list of conditions and the following disclaimer.
>> + * 2. Redistributions in binary form must reproduce the above copyright
>> + *    notice, this list of conditions and the following disclaimer 
>> in the
>> + *    documentation and/or other materials provided with the 
>> distribution.
>> + * 3. Neither the name of the copyright holder nor the names of its
>> + *    contributors may be used to endorse or promote products 
>> derived from
>> + *    this software without specific prior written permission.
>> + *
>> + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND 
>> CONTRIBUTORS "AS IS"
>> + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 
>> TO, THE
>> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 
>> PARTICULAR PURPOSE
>> + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 
>> CONTRIBUTORS BE
>> + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 
>> BUSINESS
>> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 
>> WHETHER IN
>> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 
>> OTHERWISE)
>> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 
>> ADVISED OF THE
>> + * POSSIBILITY OF SUCH DAMAGE.
>> + *
>> + * THIS HEADER MAY NOT BE EXTRACTED OR MODIFIED IN ANY WAY.
>> + */
>> +
>> +#include <uk/assert.h>
>> +
>> +unsigned long __stack_chk_guard;
>> +
>> +__attribute__((noreturn))
>> +void __stack_chk_fail(void)
>> +{
>> +    UK_CRASH("Stack smashing detected\n");
>
> Maybe we want to add the current stack pointer to the message in order 
> to simplify debugging. There should be a platform API function that 
> you can use to retrieve the sp.
>
>> +}
>>
_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.