Add support for GCC stack protection

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code Add support for GCC stack protection Introduce new build option ENABLE_STACK_PROTECTOR. It enables compilation of all BL images with one of the GCC -fstack-protector-* options. A new platform function plat_get_stack_protector_canary() is introduced. It returns a value that is used to initialize the canary for stack corruption detection. Returning a random value will prevent an attacker from predicting the value and greatly increase the effectiveness of the protection. A message is printed at the ERROR level when a stack corruption is detected. To be effective, the global data must be stored at an address lower than the base of the stacks. Failure to do so would allow an attacker to overwrite the canary as part of an attack which would void the protection. FVP implementation of plat_get_stack_protector_canary is weak as there is no real source of entropy on the FVP. It therefore relies on a timer's value, which could be predictable. Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com> WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5 v1.4-rc0 v1.4
1 parent e422f99 commit 51faada71a219a8b94cd8d8e423f0f22e9da4d8f Douglas Raillard authored on 24 Feb 2017 dp-arm committed on 31 Mar 2017

Browse code

Introduce new build option ENABLE_STACK_PROTECTOR. It enables
compilation of all BL images with one of the GCC -fstack-protector-*
options.

A new platform function plat_get_stack_protector_canary() is introduced.
It returns a value that is used to initialize the canary for stack
corruption detection. Returning a random value will prevent an attacker
from predicting the value and greatly increase the effectiveness of the
protection.

A message is printed at the ERROR level when a stack corruption is
detected.

To be effective, the global data must be stored at an address
lower than the base of the stacks. Failure to do so would allow an
attacker to overwrite the canary as part of an attack which would void
the protection.

FVP implementation of plat_get_stack_protector_canary is weak as
there is no real source of entropy on the FVP. It therefore relies on a
timer's value, which could be predictable.

Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>

WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5 v1.4-rc0 v1.4

1 parent e422f99 commit 51faada71a219a8b94cd8d8e423f0f22e9da4d8f

Douglas Raillard authored on 24 Feb 2017

dp-arm committed on 31 Mar 2017

Patch

Unified Split

Showing 23 changed files

Ignore Space Show notes View Makefile

Ignore Space Show notes View bl1/bl1.ld.S

Ignore Space Show notes View bl2/aarch32/bl2_entrypoint.S

Ignore Space Show notes View bl2/aarch64/bl2_entrypoint.S

Ignore Space Show notes View bl2/bl2.ld.S

Ignore Space Show notes View bl2u/aarch64/bl2u_entrypoint.S

Ignore Space Show notes View bl2u/bl2u.ld.S

Ignore Space Show notes View bl31/bl31.ld.S

Ignore Space Show notes View bl32/tsp/aarch64/tsp_entrypoint.S

Ignore Space Show notes View docs/porting-guide.md

Ignore Space Show notes View docs/user-guide.md

Ignore Space Show notes View include/common/aarch32/el3_common_macros.S

Ignore Space Show notes View include/common/aarch64/el3_common_macros.S

Ignore Space Show notes View include/common/debug.h

Ignore Space Show notes View include/plat/common/platform.h

Ignore Space Show notes View lib/stack_protector/aarch32/asm_stack_protector.S 0 → 100644

Ignore Space Show notes View lib/stack_protector/aarch64/asm_stack_protector.S 0 → 100644

Ignore Space Show notes View lib/stack_protector/stack_protector.c 0 → 100644

Ignore Space Show notes View lib/stack_protector/stack_protector.mk 0 → 100644

Ignore Space Show notes View make_helpers/defaults.mk

Ignore Space Show notes View plat/arm/board/fvp/fvp_stack_protector.c 0 → 100644

Ignore Space Show notes View plat/arm/board/fvp/platform.mk

Ignore Space Show notes View plat/mediatek/mt6795/bl31.ld.S

Show line notes below