tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
csky: Initial stack protector support
This is a basic -fstack-protector support without per-task canary
switching. The protector will report something like when stack
corruption is detected:
It's tested with strcpy local array overflow in sys_kill and get:
stack-protector: Kernel stack is corrupted in: sys_kill+0x23c/0x23c
TODO:
- Support task switch for different cannary
Signed-off-by: Mao Han <han_mao@c-sky.com>
Signed-off-by: Guo Ren <guoren@linux.alibaba.com>
+36
+1
arch/csky/Kconfig
+1
arch/csky/Kconfig
+29
arch/csky/include/asm/stackprotector.h
+29
arch/csky/include/asm/stackprotector.h
···
1
+
/* SPDX-License-Identifier: GPL-2.0 */
2
+
#ifndef _ASM_STACKPROTECTOR_H
3
+
#define _ASM_STACKPROTECTOR_H 1
4
+
5
+
#include <linux/random.h>
6
+
#include <linux/version.h>
7
+
8
+
extern unsigned long __stack_chk_guard;
9
+
10
+
/*
11
+
* Initialize the stackprotector canary value.
12
+
*
13
+
* NOTE: this must only be called from functions that never return,
14
+
* and it must always be inlined.
15
+
*/
16
+
static __always_inline void boot_init_stack_canary(void)
17
+
{
18
+
unsigned long canary;
19
+
20
+
/* Try to get a semi random initial value. */
21
+
get_random_bytes(&canary, sizeof(canary));
22
+
canary ^= LINUX_VERSION_CODE;
23
+
canary &= CANARY_MASK;
24
+
25
+
current->stack_canary = canary;
26
+
__stack_chk_guard = current->stack_canary;
27
+
}
28
+
29
+
#endif /* __ASM_SH_STACKPROTECTOR_H */
+6
arch/csky/kernel/process.c
+6
arch/csky/kernel/process.c
···
16
16
17
17
struct cpuinfo_csky cpu_data[NR_CPUS];
18
18
19
+
#ifdef CONFIG_STACKPROTECTOR
20
+
#include <linux/stackprotector.h>
21
+
unsigned long __stack_chk_guard __read_mostly;
22
+
EXPORT_SYMBOL(__stack_chk_guard);
23
+
#endif
24
+
19
25
asmlinkage void ret_from_fork(void);
20
26
asmlinkage void ret_from_kernel_thread(void);
21
27