Re: [UNIKRAFT PATCH v6 1/3] lib/uksp: Introduce uksp library

[Vlad-Andrei BĂDOIU <vlad_andrei.badoiu@xxxxxx>]

Sounds good. Thanks!

Vlad

----- Original Message -----
From: "Simon Kuenzer" <simon.kuenzer@xxxxxxxxx>
To: "Alice Suiu" <alicesuiu17@xxxxxxxxx>, "Vlad-Andrei Badoiu" 
<vlad_andrei.badoiu@xxxxxx>
Cc: minios-devel@xxxxxxxxxxxxx, "Vlad-Andrei BĂDOIU (78692)" 
<vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
Sent: Friday, August 7, 2020 8:27:13 PM
Subject: Re: [UNIKRAFT PATCH v6 1/3] lib/uksp: Introduce uksp library

On 04.08.20 10:13, Alice Suiu wrote:
> Reviewed-by: Alice Suiu <alicesuiu17@xxxxxxxxx> <alicesuiu17@xxxxxxxxx>
> 
> În lun., 3 aug. 2020 la 17:06, Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxx>
> a scris:
> 
>> From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>>
>> This library provides the necessary functionalities for the stack
>> protector.
>>
>> A make clean is required when toggling the stack smashing protection
>> option.
>>
>> Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>> Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxx>
>> ---
>>   lib/Makefile.uk          |  1 +
>>   lib/uksp/Config.uk       | 46 +++++++++++++++++++++++++++++++
>>   lib/uksp/Makefile.uk     |  9 +++++++
>>   lib/uksp/exportsyms.uk   |  2 ++
>>   lib/uksp/include/uk/sp.h | 58 ++++++++++++++++++++++++++++++++++++++++
>>   lib/uksp/ssp.c           | 51 +++++++++++++++++++++++++++++++++++
>>   6 files changed, 167 insertions(+)
>>   create mode 100644 lib/uksp/Config.uk
>>   create mode 100644 lib/uksp/Makefile.uk
>>   create mode 100644 lib/uksp/exportsyms.uk
>>   create mode 100644 lib/uksp/include/uk/sp.h
>>   create mode 100644 lib/uksp/ssp.c
>>
>> diff --git a/lib/Makefile.uk b/lib/Makefile.uk
>> index 9261533c..07e8a295 100644
>> --- a/lib/Makefile.uk
>> +++ b/lib/Makefile.uk
>> @@ -36,3 +36,4 @@ $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/uktime))
>>   $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/ukmmap))
>>   $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/ukblkdev))
>>   $(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/posix-process))
>> +$(eval $(call _import_lib,$(CONFIG_UK_BASE)/lib/uksp))
>> diff --git a/lib/uksp/Config.uk b/lib/uksp/Config.uk
>> new file mode 100644
>> index 00000000..0881ddec
>> --- /dev/null
>> +++ b/lib/uksp/Config.uk
>> @@ -0,0 +1,46 @@
>> +config LIBUKSP

Hey Alice, hey Vlad,

I changed `config` to `menuconfig` while upstreaming. This should be 
used to create sub menus.

Thanks,

Simon

>> +       bool "uksp: Stack protector"
>> +       select HAVE_STACKPROTECTOR
>> +       default n
>> +
>> +if LIBUKSP
>> +choice >> +       prompt "Stack protector level"
>> +       default STACKPROTECTOR_REGULAR
>> +       help
>> +         Set the stack protector level
>> +
>> +config STACKPROTECTOR_REGULAR
>> +       bool "Regular"
>> +       help
>> +               Regular stack protector, use -fstack-protector.
>> +
>> +config STACKPROTECTOR_STRONG
>> +       bool "Strong"
>> +       help
>> +               Strong stack protector, use -fstack-protector-strong.
>> +
>> +config STACKPROTECTOR_ALL
>> +       bool "All"
>> +       help
>> +               Protect all functions, use -fstack-protector-all.
>> +endchoice
>> +
>> +choice
>> +       prompt "Canary Value"
>> +       default LIBUKSP_VALUE_USECONSTANT
>> +
>> +config LIBUKSP_VALUE_USECONSTANT
>> +       bool "Compiled-in constant"
>> +
>> +config LIBUKSP_VALUE_RANDOM
>> +       bool "Random variable"
>> +       select LIBUKSWRAND
>> +endchoice
>> +
>> +config LIBUKSP_VALUE_CONSTANT
>> +       int "Canary value"
>> +       depends on LIBUKSP_VALUE_USECONSTANT
>> +       default 42
>> +
>> +endif
>> diff --git a/lib/uksp/Makefile.uk b/lib/uksp/Makefile.uk
>> new file mode 100644
>> index 00000000..4e591231
>> --- /dev/null
>> +++ b/lib/uksp/Makefile.uk
>> @@ -0,0 +1,9 @@
>> +$(eval $(call addlib_s,libuksp,$(CONFIG_LIBUKSP)))
>> +
>> +CINCLUDES-y += -I$(LIBUKSP_BASE)/include
>> +
>> +LIBUKSP_SRCS-y += $(LIBUKSP_BASE)/ssp.c
>> +
>> +COMPFLAGS-$(CONFIG_STACKPROTECTOR_REGULAR)     += -fstack-protector
>> -mstack-protector-guard=global
>> +COMPFLAGS-$(CONFIG_STACKPROTECTOR_STRONG)      +=
>> -fstack-protector-strong -mstack-protector-guard=global
>> +COMPFLAGS-$(CONFIG_STACKPROTECTOR_ALL)         += -fstack-protector-all
>> -mstack-protector-guard=global
>> diff --git a/lib/uksp/exportsyms.uk b/lib/uksp/exportsyms.uk
>> new file mode 100644
>> index 00000000..fbc319e7
>> --- /dev/null
>> +++ b/lib/uksp/exportsyms.uk
>> @@ -0,0 +1,2 @@
>> +__stack_chk_fail
>> +__stack_chk_guard
>> diff --git a/lib/uksp/include/uk/sp.h b/lib/uksp/include/uk/sp.h
>> new file mode 100644
>> index 00000000..ab8b4177
>> --- /dev/null
>> +++ b/lib/uksp/include/uk/sp.h
>> @@ -0,0 +1,58 @@
>> +/* SPDX-License-Identifier: BSD-3-Clause */
>> +/*
>> + * Authors: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>> + *
>> + * Copyright (c) 2019, University Politehnica of Bucharest. All rights
>> reserved.
>> + *
>> + * Redistribution and use in source and binary forms, with or without
>> + * modification, are permitted provided that the following conditions
>> + * are met:
>> + *
>> + * 1. Redistributions of source code must retain the above copyright
>> + *    notice, this list of conditions and the following disclaimer.
>> + * 2. Redistributions in binary form must reproduce the above copyright
>> + *    notice, this list of conditions and the following disclaimer in the
>> + *    documentation and/or other materials provided with the distribution.
>> + * 3. Neither the name of the copyright holder nor the names of its
>> + *    contributors may be used to endorse or promote products derived from
>> + *    this software without specific prior written permission.
>> + *
>> + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
>> "AS IS"
>> + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
>> THE
>> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
>> PURPOSE
>> + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS
>> BE
>> + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
>> BUSINESS
>> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
>> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
>> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
>> THE
>> + * POSSIBILITY OF SUCH DAMAGE.
>> + */
>> +
>> +#ifndef __UK_STACKPROTECTOR_H__
>> +#define __UK_STACKPROTECTOR_H__
>> +
>> +#ifdef CONFIG_LIBUKSP_VALUE_RANDOM
>> +#include <uk/swrand.h>
>> +#endif
>> +#include <uk/config.h>
>> +
>> +#ifdef __cplusplus
>> +extern "C" {
>> +#endif
>> +
>> +extern const unsigned long __stack_chk_guard;
>> +
>> +#ifdef CONFIG_LIBUKSP_VALUE_RANDOM
>> +#define UKSP_INIT_CANARY() (*(DECONST(unsigned long *,
>> &__stack_chk_guard)) \
>> +               = uk_swrand_randr())
>> +#else
>> +#define UKSP_INIT_CANARY()
>> +#endif
>> +
>> +#ifdef __cplusplus
>> +}
>> +#endif
>> +
>> +#endif /* __UK_STACKPROTECTOR_H__ */
>> diff --git a/lib/uksp/ssp.c b/lib/uksp/ssp.c
>> new file mode 100644
>> index 00000000..8a847f5c
>> --- /dev/null
>> +++ b/lib/uksp/ssp.c
>> @@ -0,0 +1,51 @@
>> +/* SPDX-License-Identifier: BSD-3-Clause */
>> +/*
>> + * Authors: Badoiu Vlad-Andrei <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
>> + *
>> + * Copyright (c) 2019, University Politehnica of Bucharest. All rights
>> reserved.
>> + *
>> + * Redistribution and use in source and binary forms, with or without
>> + * modification, are permitted provided that the following conditions
>> + * are met:
>> + *
>> + * 1. Redistributions of source code must retain the above copyright
>> + *    notice, this list of conditions and the following disclaimer.
>> + * 2. Redistributions in binary form must reproduce the above copyright
>> + *    notice, this list of conditions and the following disclaimer in the
>> + *    documentation and/or other materials provided with the distribution.
>> + * 3. Neither the name of the copyright holder nor the names of its
>> + *    contributors may be used to endorse or promote products derived from
>> + *    this software without specific prior written permission.
>> + *
>> + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
>> "AS IS"
>> + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
>> THE
>> + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
>> PURPOSE
>> + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS
>> BE
>> + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>> + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>> + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
>> BUSINESS
>> + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
>> + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
>> + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
>> THE
>> + * POSSIBILITY OF SUCH DAMAGE.
>> + */
>> +
>> +#include <uk/assert.h>
>> +#include <uk/config.h>
>> +#include <uk/ctors.h>
>> +#include <uk/thread.h>
>> +
>> +#ifdef CONFIG_LIBUKSP_VALUE_USECONSTANT
>> +const unsigned long __stack_chk_guard = CONFIG_LIBUKSP_VALUE_CONSTANT;
>> +#else
>> +const unsigned long __stack_chk_guard = 0xDEADBEEF;
>> +#endif
>> +
>> +__attribute__((noreturn))
>> +void __stack_chk_fail(void)
>> +{
>> +       unsigned long sp;
>> +
>> +       sp = ukarch_read_sp() & STACK_MASK_TOP;
>> +       UK_CRASH("Stack smashing detected. SP %p\n", (void *) sp);
>> +}
>> --
>> 2.25.1
>>
>>
>