From patchwork Tue Jul 8 13:26:25 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Olivier Martin X-Patchwork-Id: 33219 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-vc0-f200.google.com (mail-vc0-f200.google.com [209.85.220.200]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 79AE620969 for ; Tue, 8 Jul 2014 13:26:59 +0000 (UTC) Received: by mail-vc0-f200.google.com with SMTP id id10sf20192012vcb.7 for ; Tue, 08 Jul 2014 06:26:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:message-id:from:to:references :in-reply-to:date:mime-version:thread-index:cc:subject:precedence :reply-to:list-id:list-unsubscribe:list-archive:list-post:list-help :list-subscribe:errors-to:x-original-sender :x-original-authentication-results:mailing-list:content-language :content-type; bh=6oj7XRMxy9eIHTtCg5hq98/d4c3NMq1F/sgjF9MIZPM=; b=jErbGgXkfONzkp3zQldJP04HeWRt2o8bGOt2rR0L/YXES8xiRh6h2UquK/6JutPEi+ mc8FVMEb/SFL3SoJ9mUqUhee40DcAKd4ygiPypQ40gtQysk/Dkl7XuvrTD8GjJ7Yoho4 iqtBn29chBnq8X/EUe7Gq4MnzyTYfE/S3+Sou647k6mHJXPT+tLOf7AhskPHAKLHL4bm FupUodU/pPhTj3zheAa2E5UlNrlorTgUyXT5zx6gA5cVWaZckK4X4E04qD0++kgSTNh4 VOneBGjjv1hWjBrK29NSI26O9fdqeiBj8jNcUjlABD1l6k4W771ZAlyrKmo2G77FTNHj DJ7A== X-Gm-Message-State: ALoCoQmJ5Ui1IxFPzK/1Pqk/cBRDsK9cIKI0DCqfJv8zDMNyHa4E2XNnvkh3MzgxVf6iU/pSf0ei X-Received: by 10.236.123.68 with SMTP id u44mr15118442yhh.19.1404826019304; Tue, 08 Jul 2014 06:26:59 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.94.107 with SMTP id f98ls2180278qge.65.gmail; Tue, 08 Jul 2014 06:26:59 -0700 (PDT) X-Received: by 10.220.15.8 with SMTP id i8mr345360vca.45.1404826019195; Tue, 08 Jul 2014 06:26:59 -0700 (PDT) Received: from mail-vc0-f174.google.com (mail-vc0-f174.google.com [209.85.220.174]) by mx.google.com with ESMTPS id zg9si7974091vdb.62.2014.07.08.06.26.59 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 08 Jul 2014 06:26:59 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.174 as permitted sender) client-ip=209.85.220.174; Received: by mail-vc0-f174.google.com with SMTP id hy4so5426109vcb.19 for ; Tue, 08 Jul 2014 06:26:59 -0700 (PDT) X-Received: by 10.58.112.65 with SMTP id io1mr130225veb.61.1404826019054; Tue, 08 Jul 2014 06:26:59 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.37.5 with SMTP id tc5csp770431vcb; Tue, 8 Jul 2014 06:26:58 -0700 (PDT) X-Received: by 10.42.58.207 with SMTP id j15mr38062382ich.14.1404826017981; Tue, 08 Jul 2014 06:26:57 -0700 (PDT) Received: from lists.sourceforge.net (lists.sourceforge.net. [216.34.181.88]) by mx.google.com with ESMTPS id j5si27880624icx.98.2014.07.08.06.26.57 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 08 Jul 2014 06:26:57 -0700 (PDT) Received-SPF: pass (google.com: domain of edk2-devel-bounces@lists.sourceforge.net designates 216.34.181.88 as permitted sender) client-ip=216.34.181.88; Message-ID: <53bbf1a1.059f2a0a.69c4.ffffa0e4SMTPIN_ADDED_BROKEN@mx.google.com> Received: from localhost ([127.0.0.1] helo=sfs-ml-4.v29.ch3.sourceforge.com) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1X4VPy-0007qV-Hh; Tue, 08 Jul 2014 13:26:46 +0000 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1X4VPw-0007qN-QZ for edk2-devel@lists.sourceforge.net; Tue, 08 Jul 2014 13:26:44 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of arm.com designates 91.220.42.44 as permitted sender) client-ip=91.220.42.44; envelope-from=olivier.martin@arm.com; helo=service87.mimecast.com; Received: from service87.mimecast.com ([91.220.42.44]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1X4VPs-0001Qp-N4 for edk2-devel@lists.sourceforge.net; Tue, 08 Jul 2014 13:26:44 +0000 Received: from cam-owa1.Emea.Arm.com (fw-tnat.cambridge.arm.com [217.140.96.21]) by service87.mimecast.com; Tue, 08 Jul 2014 14:26:34 +0100 Received: from E102252 ([10.1.255.212]) by cam-owa1.Emea.Arm.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 8 Jul 2014 14:26:32 +0100 From: "Olivier Martin" To: "'Andrew Fish'" , "Gao, Liming" References: <1404747833-653-1-git-send-email-olivier.martin@arm.com> <1404747833-653-3-git-send-email-olivier.martin@arm.com> <4A89E2EF3DFEDB4C8BFDE51014F606A1118B41D7@shsmsx102.ccr.corp.intel.com> <74DC89F9-E911-430A-B3D0-4238BAFB4425@apple.com> In-Reply-To: <74DC89F9-E911-430A-B3D0-4238BAFB4425@apple.com> Date: Tue, 8 Jul 2014 14:26:25 +0100 MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Ac+aSf2S44VAErSySCy69rB7GE3IrQAZgUJg X-OriginalArrivalTime: 08 Jul 2014 13:26:32.0565 (UTC) FILETIME=[3BD32A50:01CF9AB0] X-MC-Unique: 114070814263400401 X-Spam-Score: 0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 MSGID_MULTIPLE_AT Message-ID contains multiple '@' characters -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message X-Headers-End: 1X4VPs-0001Qp-N4 Cc: edk2-devel@lists.sourceforge.net, edk2-buildtools-devel@lists.sourceforge.net Subject: Re: [edk2] [edk2-buildtools] [PATCH 2/3] MdePkg: Introduced BaseStackCheckLib X-BeenThere: edk2-devel@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list Reply-To: edk2-devel@lists.sourceforge.net List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: edk2-devel-bounces@lists.sourceforge.net X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: olivier.martin@arm.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.174 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 Content-Language: en-gb Actually, I was thinking to replace this canary value by a FixedPcd but I do not remember why I have not done it. I might have just forgot it. Olivier From: Andrew Fish [mailto:afish@apple.com] Sent: 08 July 2014 02:14 To: Gao, Liming Cc: Olivier Martin; Mike Kinney; edk2-buildtools-devel@lists.sourceforge.net; edk2-devel@lists.sourceforge.net Subject: Re: [edk2-buildtools] [PATCH 2/3] MdePkg: Introduced BaseStackCheckLib On Jul 7, 2014, at 5:40 PM, Gao, Liming wrote: Martin: What is 0x0AFF for? Is it an address or a value? This value is the recommended constant if you can not generate a real random number for the "canary" value. It has NULL (will terminate strings), LF, and -1. http://wiki.osdev.org/GCC_Stack_Smashing_Protector. So it helps contains read based overruns. __stack_chk_guard is the "canary" placed on the stack by the compiler. __stack_check_fail() is called if the "canary" has been over written. These are both compiler intrinsics. Thanks, Andrew Fish ~/work/Compiler>cat stack.c void test (int i, char v) { char test[0x100]; test[i] = v; return; } ~/work/Compiler>clang -S stack.c ~/work/Compiler>cat stack.S .section __TEXT,__text,regular,pure_instructions .globl _test .align 4, 0x90 _test: ## @test .cfi_startproc ## BB#0: pushq %rbp Ltmp2: .cfi_def_cfa_offset 16 Ltmp3: .cfi_offset %rbp, -16 movq %rsp, %rbp Ltmp4: .cfi_def_cfa_register %rbp subq $272, %rsp ## imm = 0x110 movb %sil, %al movq ___stack_chk_guard@GOTPCREL(%rip), %rcx movq (%rcx), %rcx movq %rcx, -8(%rbp) movq ___stack_chk_guard@GOTPCREL(%rip), %rcx movl %edi, -12(%rbp) movb %al, -13(%rbp) movb -13(%rbp), %al movslq -12(%rbp), %rdx movb %al, -272(%rbp,%rdx) movq (%rcx), %rcx movq -8(%rbp), %rdx cmpq %rdx, %rcx jne LBB0_2 ## BB#1: ## %SP_return addq $272, %rsp ## imm = 0x110 popq %rbp ret LBB0_2: ## %CallStackCheckFailBlk callq ___stack_chk_fail .cfi_endproc .subsections_via_symbols +/// "canary" value that is inserted by the compiler into the stack frame. +VOID *__stack_chk_guard = (VOID*)0x0AFF; And, this library instance is used as NULL class instance. Its library class should be NULL. Thanks Liming -----Original Message----- From: Olivier Martin [mailto:olivier.martin@arm.com] Sent: Monday, July 07, 2014 11:44 PM To: Kinney, Michael D; edk2-buildtools-devel@lists.sourceforge.net Cc: andrew.fish@apple.com; edk2-devel@lists.sourceforge.net Subject: [edk2-buildtools] [PATCH 2/3] MdePkg: Introduced BaseStackCheckLib This library only support GCC and XCode for now. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Andrew Fish Signed-off-by: Olivier Martin This program + and the accompanying materials are licensed and made available under + the terms and conditions of the BSD License which accompanies this + distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php. + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include +#include +#include +#include + +VOID +__stack_chk_fail ( + VOID + ); + + +/// "canary" value that is inserted by the compiler into the stack frame. +VOID *__stack_chk_guard = (VOID*)0x0AFF; + +// If ASLR was enabled we could use +//void (*__stack_chk_guard)(void) = __stack_chk_fail; + +/** + Error path for compiler generated stack "canary" value check code. If +the stack canary has been overwritten this function gets called on +exit of the function. +**/ +VOID +__stack_chk_fail ( + VOID + ) +{ + UINT8 DebugPropertyMask; + + DEBUG ((DEBUG_ERROR, "STACK FAULT: Buffer Overflow in function + %a.\n", __builtin_return_address(0))); + + // + // Generate a Breakpoint, DeadLoop, or NOP based on PCD settings even +if + // BaseDebugLibNull is in use. + // + DebugPropertyMask = PcdGet8 (PcdDebugPropertyMask); + if ((DebugPropertyMask & DEBUG_PROPERTY_ASSERT_BREAKPOINT_ENABLED) != 0) { + CpuBreakpoint (); + } else if ((DebugPropertyMask & DEBUG_PROPERTY_ASSERT_DEADLOOP_ENABLED) != 0) { + CpuDeadLoop (); + } +} + diff --git a/MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf b/MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf new file mode 100644 index 0000000..4e2285d --- /dev/null +++ b/MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf @@ -0,0 +1,41 @@ +## @file +# Stack Check Library +# +# Copyright (c) 2014, ARM Ltd. All rights reserved.
# # This +program and the accompanying materials # are licensed and made +available under the terms and conditions of the BSD License # which +accompanies this distribution. The full text of the license may be +found at # http://opensource.org/licenses/bsd-license.php. +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" +BASIS, # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = BaseStackCheckLib + FILE_GUID = 5f6579f7-b648-4fdb-9f19-4c17e27e8eff + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = BaseStackCheckLib + + +# +# VALID_ARCHITECTURES = ARM AARCH64 +# + +[Sources] + BaseStackCheckGcc.c | GCC + +[Packages] + MdePkg/MdePkg.dec + +[LibraryClasses] + BaseLib + DebugLib + +[Pcd] + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask +