Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Arm Trusted Firmware
Commits
ed756252
Commit
ed756252
authored
Apr 06, 2017
by
davidcunado-arm
Committed by
GitHub
Apr 06, 2017
Browse files
Merge pull request #886 from dp-arm/dp/stack-protector
Add support for GCC stack protection
parents
90e0ffd3
e6d2aea1
Changes
29
Show whitespace changes
Inline
Side-by-side
make_helpers/defaults.mk
View file @
ed756252
...
...
@@ -90,6 +90,9 @@ ENABLE_PSCI_STAT := 0
# Flag to enable runtime instrumentation using PMF
ENABLE_RUNTIME_INSTRUMENTATION
:=
0
# Flag to enable stack corruption protection
ENABLE_STACK_PROTECTOR
:=
0
# Build flag to treat usage of deprecated platform and framework APIs as error.
ERROR_DEPRECATED
:=
0
...
...
plat/arm/board/fvp/fvp_stack_protector.c
0 → 100644
View file @
ed756252
/*
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of ARM nor the names of its contributors may be used
* to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <arch_helpers.h>
#include <platform.h>
#include <stdint.h>
#define RANDOM_CANARY_VALUE ((u_register_t) 3288484550995823360ULL)
u_register_t
plat_get_stack_protector_canary
(
void
)
{
/*
* Ideally, a random number should be returned instead of the
* combination of a timer's value and a compile-time constant. As the
* FVP does not have any random number generator, this is better than
* nothing but not necessarily really secure.
*/
return
RANDOM_CANARY_VALUE
^
read_cntpct_el0
();
}
plat/arm/board/fvp/platform.mk
View file @
ed756252
#
# Copyright (c) 2013-201
6
, ARM Limited and Contributors. All rights reserved.
# Copyright (c) 2013-201
7
, ARM Limited and Contributors. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
...
...
@@ -157,5 +157,9 @@ BL31_SOURCES += plat/arm/board/fvp/fvp_bl31_setup.c \
# Disable the PSCI platform compatibility layer
ENABLE_PLAT_COMPAT
:=
0
ifneq
(${ENABLE_STACK_PROTECTOR},0)
PLAT_BL_COMMON_SOURCES
+=
plat/arm/board/fvp/fvp_stack_protector.c
endif
include
plat/arm/board/common/board_common.mk
include
plat/arm/common/arm_common.mk
plat/arm/board/juno/juno_decl.h
0 → 100644
View file @
ed756252
/*
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of ARM nor the names of its contributors may be used
* to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __JUNO_DECL_H__
#define __JUNO_DECL_H__
int
juno_getentropy
(
void
*
buf
,
size_t
len
);
#endif
/* __JUNO_DECL_H__ */
plat/arm/board/juno/juno_def.h
View file @
ed756252
/*
* Copyright (c) 2014-201
6
, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2014-201
7
, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
...
...
@@ -74,6 +74,17 @@
#define TZC400_NSAID_SCP 11
#define TZC400_NSAID_CORESIGHT 12
/*******************************************************************************
* TRNG related constants
******************************************************************************/
#define TRNG_BASE 0x7FE60000ULL
#define TRNG_NOUTPUTS 4
#define TRNG_STATUS 0x10
#define TRNG_INTMASK 0x14
#define TRNG_CONFIG 0x18
#define TRNG_CONTROL 0x1C
#define TRNG_NBYTES 16
/* Number of bytes generated per round. */
/*******************************************************************************
* MMU-401 related constants
******************************************************************************/
...
...
plat/arm/board/juno/juno_stack_protector.c
0 → 100644
View file @
ed756252
/*
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of ARM nor the names of its contributors may be used
* to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <arch_helpers.h>
#include <debug.h>
#include <utils.h>
#include "juno_decl.h"
#include "juno_def.h"
u_register_t
plat_get_stack_protector_canary
(
void
)
{
u_register_t
c
[
TRNG_NBYTES
/
sizeof
(
u_register_t
)];
u_register_t
ret
=
0
;
size_t
i
;
if
(
juno_getentropy
(
c
,
sizeof
(
c
))
!=
0
)
{
ERROR
(
"Not enough entropy to initialize canary value
\n
"
);
panic
();
}
/*
* On Juno we get 128-bits of entropy in one round.
* Fuse the values together to form the canary.
*/
for
(
i
=
0
;
i
<
ARRAY_SIZE
(
c
);
i
++
)
ret
^=
c
[
i
];
return
ret
;
}
plat/arm/board/juno/juno_trng.c
0 → 100644
View file @
ed756252
/*
* Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* Neither the name of ARM nor the names of its contributors may be used
* to endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <assert.h>
#include <mmio.h>
#include <string.h>
#include <utils.h>
#include "juno_def.h"
#define NSAMPLE_CLOCKS 1
/* min 1 cycle, max 231 cycles */
#define NRETRIES 5
static
inline
int
output_valid
(
void
)
{
int
i
;
for
(
i
=
0
;
i
<
NRETRIES
;
i
++
)
{
uint32_t
val
;
val
=
mmio_read_32
(
TRNG_BASE
+
TRNG_STATUS
);
if
(
val
&
1U
)
break
;
}
if
(
i
>=
NRETRIES
)
return
0
;
/* No output data available. */
return
1
;
}
/*
* This function fills `buf` with `len` bytes of entropy.
* It uses the Trusted Entropy Source peripheral on Juno.
* Returns 0 when the buffer has been filled with entropy
* successfully and -1 otherwise.
*/
int
juno_getentropy
(
void
*
buf
,
size_t
len
)
{
uint8_t
*
bp
=
buf
;
assert
(
buf
);
assert
(
len
);
assert
(
!
check_uptr_overflow
((
uintptr_t
)
bp
,
len
));
/* Disable interrupt mode. */
mmio_write_32
(
TRNG_BASE
+
TRNG_INTMASK
,
0
);
/* Program TRNG to sample for `NSAMPLE_CLOCKS`. */
mmio_write_32
(
TRNG_BASE
+
TRNG_CONFIG
,
NSAMPLE_CLOCKS
);
while
(
len
>
0
)
{
int
i
;
/* Start TRNG. */
mmio_write_32
(
TRNG_BASE
+
TRNG_CONTROL
,
1
);
/* Check if output is valid. */
if
(
!
output_valid
())
return
-
1
;
/* Fill entropy buffer. */
for
(
i
=
0
;
i
<
TRNG_NOUTPUTS
;
i
++
)
{
size_t
n
;
uint32_t
val
;
val
=
mmio_read_32
(
TRNG_BASE
+
i
*
sizeof
(
uint32_t
));
n
=
MIN
(
len
,
sizeof
(
uint32_t
));
memcpy
(
bp
,
&
val
,
n
);
bp
+=
n
;
len
-=
n
;
if
(
len
==
0
)
break
;
}
/* Reset TRNG outputs. */
mmio_write_32
(
TRNG_BASE
+
TRNG_STATUS
,
1
);
}
return
0
;
}
plat/arm/board/juno/platform.mk
View file @
ed756252
#
# Copyright (c) 2013-201
6
, ARM Limited and Contributors. All rights reserved.
# Copyright (c) 2013-201
7
, ARM Limited and Contributors. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
...
...
@@ -39,8 +39,12 @@ JUNO_INTERCONNECT_SOURCES := drivers/arm/cci/cci.c \
JUNO_SECURITY_SOURCES
:=
drivers/arm/tzc/tzc400.c
\
plat/arm/board/juno/juno_security.c
\
plat/arm/board/juno/juno_trng.c
\
plat/arm/common/arm_tzc400.c
ifneq
(${ENABLE_STACK_PROTECTOR}, 0)
JUNO_SECURITY_SOURCES
+=
plat/arm/board/juno/juno_stack_protector.c
endif
PLAT_INCLUDES
:=
-Iplat
/arm/board/juno/include
...
...
@@ -51,7 +55,8 @@ BL1_SOURCES += lib/cpus/aarch64/cortex_a53.S \
lib/cpus/aarch64/cortex_a72.S
\
plat/arm/board/juno/juno_bl1_setup.c
\
plat/arm/board/juno/juno_err.c
\
${JUNO_INTERCONNECT_SOURCES}
${JUNO_INTERCONNECT_SOURCES}
\
${JUNO_SECURITY_SOURCES}
BL2_SOURCES
+=
plat/arm/board/juno/juno_err.c
\
${JUNO_SECURITY_SOURCES}
...
...
plat/mediatek/mt6795/bl31.ld.S
View file @
ed756252
...
...
@@ -95,6 +95,11 @@ SECTIONS
*/
__RW_START__
=
.
;
/
*
*
.
data
must
be
placed
at
a
lower
address
than
the
stacks
if
the
stack
*
protector
is
enabled
.
Alternatively
,
the
.
data
.
stack_protector_canary
*
section
can
be
placed
independently
of
the
main
.
data
section
.
*/
.
data
.
:
{
__DATA_START__
=
.
;
*(.
data
*)
...
...
Prev
1
2
Next
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment