[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [UNIKRAFT PATCH v5 1/3] lib/uksp: Introduce uksp library
From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
This library provides the necessary functionalities for the stack
protector.
A make clean is required when toggling the stack smashing protection
option.
Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxx>
---
lib/Makefile.uk | 1 +
lib/uksp/Config.uk | 46 +++++++++++++++++++++++++++++++++
lib/uksp/Makefile.uk | 9 +++++++
lib/uksp/exportsyms.uk | 2 ++
lib/uksp/include/uk/sp.h | 56 ++++++++++++++++++++++++++++++++++++++++
lib/uksp/ssp.c | 52 +++++++++++++++++++++++++++++++++++++
6 files changed, 166 insertions(+)
create mode 100644 lib/uksp/Config.uk
create mode 100644 lib/uksp/Makefile.uk
create mode 100644 lib/uksp/exportsyms.uk
create mode 100644 lib/uksp/include/uk/sp.h
create mode 100644 lib/uksp/ssp.c
diff --git a/lib/Makefile.uk b/lib/Makefile.uk
index aa7e7302..c02a3c50 100644
--- a/lib/Makefile.uk
+++ b/lib/Makefile.uk
@@ -34,3 +34,4 @@ $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/uktime))
$(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/ukmmap))
$(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/ukblkdev))
$(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/posix-process))
+$(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/uksp))
diff --git a/lib/uksp/Config.uk b/lib/uksp/Config.uk
new file mode 100644
index 00000000..0881ddec
--- /dev/null
+++ b/lib/uksp/Config.uk
@@ -0,0 +1,46 @@
+config LIBUKSP
+ bool "uksp: Stack protector"
+ select HAVE_STACKPROTECTOR
+ default n
+
+if LIBUKSP
+choice
+ prompt "Stack protector level"
+ default STACKPROTECTOR_REGULAR
+ help
+ Set the stack protector level
+
+config STACKPROTECTOR_REGULAR
+ bool "Regular"
+ help
+ Regular stack protector, use -fstack-protector.
+
+config STACKPROTECTOR_STRONG
+ bool "Strong"
+ help
+ Strong stack protector, use -fstack-protector-strong.
+
+config STACKPROTECTOR_ALL
+ bool "All"
+ help
+ Protect all functions, use -fstack-protector-all.
+endchoice
+
+choice
+ prompt "Canary Value"
+ default LIBUKSP_VALUE_USECONSTANT
+
+config LIBUKSP_VALUE_USECONSTANT
+ bool "Compiled-in constant"
+
+config LIBUKSP_VALUE_RANDOM
+ bool "Random variable"
+ select LIBUKSWRAND
+endchoice
+
+config LIBUKSP_VALUE_CONSTANT
+ int "Canary value"
+ depends on LIBUKSP_VALUE_USECONSTANT
+ default 42
+
+endif
diff --git a/lib/uksp/Makefile.uk b/lib/uksp/Makefile.uk
new file mode 100644
index 00000000..4e591231
--- /dev/null
+++ b/lib/uksp/Makefile.uk
@@ -0,0 +1,9 @@
+$(eval $(call addlib_s,libuksp,$(CONFIG_LIBUKSP)))
+
+CINCLUDES-y += -I$(LIBUKSP_BASE)/include
+
+LIBUKSP_SRCS-y += $(LIBUKSP_BASE)/ssp.c
+
+COMPFLAGS-$(CONFIG_STACKPROTECTOR_REGULAR) += -fstack-protector -mstack-protector-guard=global
+COMPFLAGS-$(CONFIG_STACKPROTECTOR_STRONG) += -fstack-protector-strong -mstack-protector-guard=global
+COMPFLAGS-$(CONFIG_STACKPROTECTOR_ALL) += -fstack-protector-all -mstack-protector-guard=global
diff --git a/lib/uksp/exportsyms.uk b/lib/uksp/exportsyms.uk
new file mode 100644
index 00000000..fbc319e7
--- /dev/null
+++ b/lib/uksp/exportsyms.uk
@@ -0,0 +1,2 @@
+__stack_chk_fail
+__stack_chk_guard
diff --git a/lib/uksp/include/uk/sp.h b/lib/uksp/include/uk/sp.h
new file mode 100644
index 00000000..f1da724d
--- /dev/null
+++ b/lib/uksp/include/uk/sp.h
@@ -0,0 +1,56 @@
+/* SPDX-License-Identifier: BSD-3-Clause */
+/*
+ * Authors: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
+ *
+ * Copyright (c) 2019, University Politehnica of Bucharest. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the copyright holder nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __UK_STACKPROTECTOR_H__
+#define __UK_STACKPROTECTOR_H__
+
+#include <uk/swrand.h>
+#include <uk/config.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern const unsigned long __stack_chk_guard;
+
+#ifdef CONFIG_LIBUKSP_VALUE_RANDOM
+#define UKSP_INIT_CANARY() (*(DECONST(unsigned long *, &__stack_chk_guard)) \
+ = uk_swrand_randr())
+#else
+#define UKSP_INIT_CANARY()
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __UK_STACKPROTECTOR_H__ */
diff --git a/lib/uksp/ssp.c b/lib/uksp/ssp.c
new file mode 100644
index 00000000..d0d10114
--- /dev/null
+++ b/lib/uksp/ssp.c
@@ -0,0 +1,52 @@
+/* SPDX-License-Identifier: BSD-3-Clause */
+/*
+ * Authors: Badoiu Vlad-Andrei <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
+ *
+ * Copyright (c) 2019, University Politehnica of Bucharest. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the copyright holder nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <uk/assert.h>
+#include <uk/swrand.h>
+#include <uk/config.h>
+#include <uk/ctors.h>
+#include <uk/thread.h>
+
+#ifdef CONFIG_LIBUKSP_VALUE_USECONSTANT
+const unsigned long __stack_chk_guard = CONFIG_LIBUKSP_VALUE_CONSTANT;
+#else
+const unsigned long __stack_chk_guard = 0xDEADBEEF;
+#endif
+
+__attribute__((noreturn))
+void __stack_chk_fail(void)
+{
+ unsigned long sp;
+
+ sp = ukarch_read_sp() & STACK_MASK_TOP;
+ UK_CRASH("Stack smashing detected. SP %p\n", (void *) sp);
+}
--
2.20.1
|
