From 1aad932ce684ec0586bd272f6080b0ef970a2d61 Mon Sep 17 00:00:00 2001 From: Antonio Nino Diaz Date: Fri, 13 Jul 2018 15:26:49 +0100 Subject: [PATCH] rpi3: Add support for the stack protector It uses the hardware RNG in a similar way as Juno (it gets 128 bits of entropy and does xor on them). It is disabled by default. Change-Id: I8b3adb61f5a5623716e0e8b6799404c68dd94c60 Signed-off-by: Antonio Nino Diaz --- docs/plat/rpi3.rst | 3 +++ plat/rpi3/platform.mk | 8 ++++++++ plat/rpi3/rpi3_stack_protector.c | 27 +++++++++++++++++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 plat/rpi3/rpi3_stack_protector.c diff --git a/docs/plat/rpi3.rst b/docs/plat/rpi3.rst index 902da944b..80515ba27 100644 --- a/docs/plat/rpi3.rst +++ b/docs/plat/rpi3.rst @@ -212,6 +212,9 @@ instructions in `Setup SD card`_. The following build options are supported: +- ``ENABLE_STACK_PROTECTOR``: Disabled by default. It uses the hardware RNG of + the board. + - ``PRELOADED_BL33_BASE``: Specially useful because the file ``kernel8.img`` can be loaded anywhere by modifying the file ``config.txt``. It doesn't have to contain a kernel, it could have any arbitrary payload. diff --git a/plat/rpi3/platform.mk b/plat/rpi3/platform.mk index 3ad7114ce..2f18af6a8 100644 --- a/plat/rpi3/platform.mk +++ b/plat/rpi3/platform.mk @@ -90,6 +90,9 @@ WORKAROUND_CVE_2017_5715 := 0 # Disable the PSCI platform compatibility layer by default ENABLE_PLAT_COMPAT := 0 +# Disable stack protector by default +ENABLE_STACK_PROTECTOR := 0 + # Reset to BL31 isn't supported RESET_TO_BL31 := 0 @@ -146,6 +149,11 @@ ifeq (${ARCH},aarch32) $(error Error: AArch32 not supported on rpi3) endif +ifneq ($(ENABLE_STACK_PROTECTOR), 0) +PLAT_BL_COMMON_SOURCES += plat/rpi3/rpi3_rng.c \ + plat/rpi3/rpi3_stack_protector.c +endif + ifeq (${SPD},opteed) BL2_SOURCES += \ lib/optee/optee_utils.c diff --git a/plat/rpi3/rpi3_stack_protector.c b/plat/rpi3/rpi3_stack_protector.c new file mode 100644 index 000000000..d939cd391 --- /dev/null +++ b/plat/rpi3/rpi3_stack_protector.c @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include +#include + +#include "rpi3_private.h" + +/* Get 128 bits of entropy and fuse the values together to form the canary. */ +#define TRNG_NBYTES 16U + +u_register_t plat_get_stack_protector_canary(void) +{ + size_t i; + u_register_t buf[TRNG_NBYTES / sizeof(u_register_t)]; + u_register_t ret = 0U; + + rpi3_rng_read(buf, sizeof(buf)); + + for (i = 0U; i < ARRAY_SIZE(buf); i++) + ret ^= buf[i]; + + return ret; +} -- GitLab