From 1b8897c63e4c4eedd55f69f9728cd49f2a1cddba Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sun, 11 Apr 2021 11:21:56 +0200 Subject: test: fix test/dm/regmap.c regmap_read() only fills the first two bytes of val. The last two bytes are random data from the stack. This means the test will fail randomly. For low endian systems we could simply initialize val to 0 and get correct results. But tests should not depend on endianness. So let's use a pointer conversion instead. Signed-off-by: Heinrich Schuchardt Reviewed-by: Simon Glass --- test/dm/regmap.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'test') diff --git a/test/dm/regmap.c b/test/dm/regmap.c index 22a293096c9..372a73ca0c3 100644 --- a/test/dm/regmap.c +++ b/test/dm/regmap.c @@ -286,7 +286,8 @@ U_BOOT_DRIVER(regmap_test) = { static int dm_test_devm_regmap(struct unit_test_state *uts) { int i = 0; - u32 val; + u16 val; + void *valp = &val; u16 pattern[REGMAP_TEST_BUF_SZ]; u16 *buffer; struct udevice *dev; @@ -311,7 +312,7 @@ static int dm_test_devm_regmap(struct unit_test_state *uts) ut_assertok(regmap_write(priv->cfg_regmap, i, pattern[i])); } for (i = 0; i < REGMAP_TEST_BUF_SZ; i++) { - ut_assertok(regmap_read(priv->cfg_regmap, i, &val)); + ut_assertok(regmap_read(priv->cfg_regmap, i, valp)); ut_asserteq(val, buffer[i]); ut_asserteq(val, pattern[i]); } @@ -319,9 +320,9 @@ static int dm_test_devm_regmap(struct unit_test_state *uts) ut_asserteq(-ERANGE, regmap_write(priv->cfg_regmap, REGMAP_TEST_BUF_SZ, val)); ut_asserteq(-ERANGE, regmap_read(priv->cfg_regmap, REGMAP_TEST_BUF_SZ, - &val)); + valp)); ut_asserteq(-ERANGE, regmap_write(priv->cfg_regmap, -1, val)); - ut_asserteq(-ERANGE, regmap_read(priv->cfg_regmap, -1, &val)); + ut_asserteq(-ERANGE, regmap_read(priv->cfg_regmap, -1, valp)); return 0; } -- cgit v1.3.1 From 4e9bce12432492aa7a7c2121d9fae1640606ace5 Mon Sep 17 00:00:00 2001 From: Joel Peshkin Date: Sun, 11 Apr 2021 11:21:58 +0200 Subject: Add support for stack-protector Add support for stack protector for UBOOT, SPL, and TPL as well as new pytest for stackprotector Signed-off-by: Joel Peshkin Adjust UEFI build flags. Signed-off-by: Heinrich Schuchardt --- MAINTAINERS | 7 +++++++ Makefile | 5 +++++ arch/arm/config.mk | 3 ++- arch/riscv/lib/Makefile | 1 + arch/x86/config.mk | 2 +- cmd/Kconfig | 9 +++++++++ cmd/Makefile | 1 + cmd/stackprot_test.c | 19 +++++++++++++++++++ common/Kconfig | 17 +++++++++++++++++ common/Makefile | 1 + common/stackprot.c | 20 ++++++++++++++++++++ configs/sandbox_defconfig | 2 ++ scripts/Makefile.spl | 6 ++++++ test/py/tests/test_stackprotector.py | 14 ++++++++++++++ 14 files changed, 105 insertions(+), 2 deletions(-) create mode 100644 cmd/stackprot_test.c create mode 100644 common/stackprot.c create mode 100644 test/py/tests/test_stackprotector.py (limited to 'test') diff --git a/MAINTAINERS b/MAINTAINERS index c6dd9bf838d..2d267aeff24 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -1062,6 +1062,13 @@ F: include/sqfs.h F: cmd/sqfs.c F: test/py/tests/test_fs/test_squashfs/ +STACKPROTECTOR +M: Joel Peshkin +S: Maintained +F: common/stackprot.c +F: cmd/stackprot_test.c +F: test/py/tests/test_stackprotector.py + TARGET_BCMNS3 M: Bharat Gooty M: Rayagonda Kokatanur diff --git a/Makefile b/Makefile index e423f6de746..3fc9777b0b2 100644 --- a/Makefile +++ b/Makefile @@ -676,7 +676,12 @@ else KBUILD_CFLAGS += -O2 endif +ifeq ($(CONFIG_STACKPROTECTOR),y) +KBUILD_CFLAGS += $(call cc-option,-fstack-protector-strong) +CFLAGS_EFI += $(call cc-option,-fno-stack-protector) +else KBUILD_CFLAGS += $(call cc-option,-fno-stack-protector) +endif KBUILD_CFLAGS += $(call cc-option,-fno-delete-null-pointer-checks) # disable stringop warnings in gcc 8+ diff --git a/arch/arm/config.mk b/arch/arm/config.mk index 4153f7e3713..e79f0104b92 100644 --- a/arch/arm/config.mk +++ b/arch/arm/config.mk @@ -11,7 +11,8 @@ CONFIG_STANDALONE_LOAD_ADDR = 0xc100000 endif endif -CFLAGS_NON_EFI := -fno-pic -ffixed-r9 -ffunction-sections -fdata-sections +CFLAGS_NON_EFI := -fno-pic -ffixed-r9 -ffunction-sections -fdata-sections \ + -fstack-protector-strong CFLAGS_EFI := -fpic -fshort-wchar LDFLAGS_FINAL += --gc-sections diff --git a/arch/riscv/lib/Makefile b/arch/riscv/lib/Makefile index ff0677aa966..d08cbe9b79d 100644 --- a/arch/riscv/lib/Makefile +++ b/arch/riscv/lib/Makefile @@ -27,6 +27,7 @@ obj-$(CONFIG_SPL_BUILD) += spl.o obj-y += fdt_fixup.o # For building EFI apps +CFLAGS_NON_EFI := -fstack-protector-strong CFLAGS_$(EFI_CRT0) := $(CFLAGS_EFI) CFLAGS_REMOVE_$(EFI_CRT0) := $(CFLAGS_NON_EFI) diff --git a/arch/x86/config.mk b/arch/x86/config.mk index 3067702858a..7a8242562db 100644 --- a/arch/x86/config.mk +++ b/arch/x86/config.mk @@ -42,7 +42,7 @@ OBJCOPYFLAGS_EFI := -j .text -j .sdata -j .data -j .dynamic -j .dynsym \ # Compiler flags to be added when building UEFI applications CFLAGS_EFI := -fpic -fshort-wchar # Compiler flags to be removed when building UEFI applications -CFLAGS_NON_EFI := -mregparm=3 +CFLAGS_NON_EFI := -mregparm=3 -fstack-protector-strong ifeq ($(CONFIG_EFI_STUB_64BIT),) CFLAGS_EFI += $(call cc-option, -mno-red-zone) diff --git a/cmd/Kconfig b/cmd/Kconfig index 2b66285e0d4..9e8b69258ff 100644 --- a/cmd/Kconfig +++ b/cmd/Kconfig @@ -2325,6 +2325,15 @@ config CMD_AVB avb read_part_hex - read data from partition and output to stdout avb write_part - write data to partition avb verify - run full verification chain + +config CMD_STACKPROTECTOR_TEST + bool "Test command for stack protector" + depends on STACKPROTECTOR + help + Enable stackprot_test command + The stackprot_test command will force a stack overrun to test + the stack smashing detection mechanisms. + endmenu config CMD_UBI diff --git a/cmd/Makefile b/cmd/Makefile index e606ac4e8c0..4977fa15f43 100644 --- a/cmd/Makefile +++ b/cmd/Makefile @@ -144,6 +144,7 @@ obj-$(CONFIG_CMD_SPI) += spi.o obj-$(CONFIG_CMD_STRINGS) += strings.o obj-$(CONFIG_CMD_SMC) += smccc.o obj-$(CONFIG_CMD_SYSBOOT) += sysboot.o pxe_utils.o +obj-$(CONFIG_CMD_STACKPROTECTOR_TEST) += stackprot_test.o obj-$(CONFIG_CMD_TERMINAL) += terminal.o obj-$(CONFIG_CMD_TIME) += time.o obj-$(CONFIG_CMD_TIMER) += timer.o diff --git a/cmd/stackprot_test.c b/cmd/stackprot_test.c new file mode 100644 index 00000000000..36f5bac8d23 --- /dev/null +++ b/cmd/stackprot_test.c @@ -0,0 +1,19 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2021 Broadcom + */ + +#include +#include + +static int do_test_stackprot_fail(struct cmd_tbl *cmdtp, int flag, int argc, + char *const argv[]) +{ + char a[128]; + + memset(a, 0xa5, 512); + return 0; +} + +U_BOOT_CMD(stackprot_test, 1, 1, do_test_stackprot_fail, + "test stack protector fail", ""); diff --git a/common/Kconfig b/common/Kconfig index 0e36dfd2368..26496f9a2e7 100644 --- a/common/Kconfig +++ b/common/Kconfig @@ -618,6 +618,23 @@ config TPL_HASH and the algorithms it supports are defined in common/hash.c. See also CMD_HASH for command-line access. +config STACKPROTECTOR + bool "Stack Protector buffer overflow detection" + default n + help + Enable stack smash detection through compiler's stack-protector + canary logic + +config SPL_STACKPROTECTOR + bool "Stack Protector buffer overflow detection for SPL" + depends on STACKPROTECTOR && SPL + default n + +config TPL_STACKPROTECTOR + bool "Stack Protector buffer overflow detection for TPL" + depends on STACKPROTECTOR && TPL + default n + endmenu menu "Update support" diff --git a/common/Makefile b/common/Makefile index 0952ae23f8c..829ea5fb426 100644 --- a/common/Makefile +++ b/common/Makefile @@ -137,6 +137,7 @@ obj-$(CONFIG_CMD_LOADB) += xyzModem.o obj-$(CONFIG_$(SPL_TPL_)YMODEM_SUPPORT) += xyzModem.o obj-$(CONFIG_AVB_VERIFY) += avb_verify.o +obj-$(CONFIG_$(SPL_TPL_)STACKPROTECTOR) += stackprot.o obj-$(CONFIG_SCP03) += scp03.o obj-$(CONFIG_QFW) += qfw.o diff --git a/common/stackprot.c b/common/stackprot.c new file mode 100644 index 00000000000..d5b70616655 --- /dev/null +++ b/common/stackprot.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2021 Broadcom + */ + +#include +#include + +DECLARE_GLOBAL_DATA_PTR; + +unsigned long __stack_chk_guard = (unsigned long)(0xfeedf00ddeadbeef & ~0UL); + +void __stack_chk_fail(void) +{ + void *ra; + + ra = __builtin_extract_return_addr(__builtin_return_address(0)); + panic("Stack smashing detected in function:\n%p relocated from %p", + ra, ra - gd->reloc_off); +} diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig index 12af9be3603..d3de9c31554 100644 --- a/configs/sandbox_defconfig +++ b/configs/sandbox_defconfig @@ -25,6 +25,7 @@ CONFIG_LOG_SYSLOG=y CONFIG_LOG_ERROR_RETURN=y CONFIG_DISPLAY_BOARDINFO_LATE=y CONFIG_MISC_INIT_F=y +CONFIG_STACKPROTECTOR=y CONFIG_ANDROID_AB=y CONFIG_CMD_CPU=y CONFIG_CMD_LICENSE=y @@ -97,6 +98,7 @@ CONFIG_CMD_CRAMFS=y CONFIG_CMD_EXT4_WRITE=y CONFIG_CMD_SQUASHFS=y CONFIG_CMD_MTDPARTS=y +CONFIG_CMD_STACKPROTECTOR_TEST=y CONFIG_MAC_PARTITION=y CONFIG_AMIGA_PARTITION=y CONFIG_OF_CONTROL=y diff --git a/scripts/Makefile.spl b/scripts/Makefile.spl index ca988224dad..c69525fa748 100644 --- a/scripts/Makefile.spl +++ b/scripts/Makefile.spl @@ -67,6 +67,12 @@ include $(srctree)/scripts/Makefile.lib KBUILD_CFLAGS += -ffunction-sections -fdata-sections LDFLAGS_FINAL += --gc-sections +ifeq ($(CONFIG_$(SPL_TPL_)STACKPROTECTOR),y) +KBUILD_CFLAGS += -fstack-protector-strong +else +KBUILD_CFLAGS += -fno-stack-protector +endif + # FIX ME cpp_flags := $(KBUILD_CPPFLAGS) $(PLATFORM_CPPFLAGS) $(UBOOTINCLUDE) \ $(NOSTDINC_FLAGS) diff --git a/test/py/tests/test_stackprotector.py b/test/py/tests/test_stackprotector.py new file mode 100644 index 00000000000..b009437e5e0 --- /dev/null +++ b/test/py/tests/test_stackprotector.py @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2021 Broadcom + +import pytest +import signal + +@pytest.mark.buildconfigspec('cmd_stackprotector_test') +def test_stackprotector(u_boot_console): + """Test that the stackprotector function works.""" + + u_boot_console.run_command('stackprot_test',wait_for_prompt=False) + expected_response = 'Stack smashing detected' + u_boot_console.wait_for(expected_response) + u_boot_console.restart_uboot() -- cgit v1.3.1