From patchwork Tue Mar 7 22:22:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 660810 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5E1BCC678D5 for ; Tue, 7 Mar 2023 22:23:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231674AbjCGWX1 (ORCPT ); Tue, 7 Mar 2023 17:23:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229667AbjCGWWz (ORCPT ); Tue, 7 Mar 2023 17:22:55 -0500 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0BFBF15C81; Tue, 7 Mar 2023 14:22:44 -0800 (PST) From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1678227761; bh=Q1jPkyZPjmkNR+Jyt/fGKq7/BIdQKHocnxXtbPXnLSw=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=lfM6gB7vpnbV7lLlqhIAQvjNfPPsozDIil7qCsXldnF7LPqqzcg+6k9gfyy8OVi5N F03kVXkRO5yyxxK6hYFAm0FXxCwRiP2KYL49r3PBOSQ6y4PAVju0czdw/bkWcUIjIG FFufZnn/jvclQ1YHa2ZChcz6uyZIkJS+s+qYARXk= Date: Tue, 07 Mar 2023 22:22:30 +0000 Subject: [PATCH RFC 1/5] tools/nolibc: add definitions for standard fds MIME-Version: 1.0 Message-Id: <20230223-nolibc-stackprotector-v1-1-3e74d81b3f21@weissschuh.net> References: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> In-Reply-To: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> To: Willy Tarreau , Shuah Khan Cc: linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1678227756; l=623; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=Q1jPkyZPjmkNR+Jyt/fGKq7/BIdQKHocnxXtbPXnLSw=; b=k9sQ2zQo0NYNDTEvziF2PQIfuN0V6xMfb7Q1Mjy1kpxg7OsUccF2ZAZUmoqJ0+KzrfoAY2NzZ +mLkLpw/h3IAnWIF+tu2OHFTiVb2tr4DISmA/JJGeea/cY4teLpfhYk X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org These are useful for users and will also be used in an upcoming testcase. Signed-off-by: Thomas Weißschuh --- tools/include/nolibc/unistd.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/include/nolibc/unistd.h b/tools/include/nolibc/unistd.h index 1cfcd52106a4..ac7d53d986cd 100644 --- a/tools/include/nolibc/unistd.h +++ b/tools/include/nolibc/unistd.h @@ -13,6 +13,11 @@ #include "sys.h" +#define STDIN_FILENO 0 +#define STDOUT_FILENO 1 +#define STDERR_FILENO 2 + + static __attribute__((unused)) int msleep(unsigned int msecs) { From patchwork Tue Mar 7 22:22:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 660248 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57122C6FD1E for ; Tue, 7 Mar 2023 22:24:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229811AbjCGWXb (ORCPT ); Tue, 7 Mar 2023 17:23:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48288 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231320AbjCGWW6 (ORCPT ); Tue, 7 Mar 2023 17:22:58 -0500 Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2B6ECA42F0; Tue, 7 Mar 2023 14:22:44 -0800 (PST) From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1678227761; bh=9ijO2FgEHSBXBbzWygiIEip5jvfy9mMUKI8xVpKX8BU=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=HQMapmLZu3DFMo3y2aAxN0oKW0JLnjw6MjMyhg+HpedyX6XmT7FwQI1NbyYTv3kos 6dFGhbVW9aRs6omR5vboOXCWZQaw4+EIy1ee9YR9VwKLAGTFuNahcK3KVB/qaPrhyL dz2d0kenZMzp33kBwsMixgy0SITa5GKMNHbhsg6c= Date: Tue, 07 Mar 2023 22:22:31 +0000 Subject: [PATCH RFC 2/5] tools/nolibc: add helpers for wait() signal exits MIME-Version: 1.0 Message-Id: <20230223-nolibc-stackprotector-v1-2-3e74d81b3f21@weissschuh.net> References: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> In-Reply-To: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> To: Willy Tarreau , Shuah Khan Cc: linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1678227756; l=748; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=9ijO2FgEHSBXBbzWygiIEip5jvfy9mMUKI8xVpKX8BU=; b=vpKWsWajl/M7+0KFiw/baQYH4JP520fwnOaEho9N3dVnA2bY6euCdM2YAibch+hdm5UuCnlSI NEL1+U1CvsUC7oz2VyQIj6NWZEyD1oxW5NgmB8IqRIldGbbHZ6RgNzz X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org These are useful for users and will also be used in an upcoming testcase. Signed-off-by: Thomas Weißschuh --- tools/include/nolibc/types.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/include/nolibc/types.h b/tools/include/nolibc/types.h index 10823e5ac44b..aedd7d9e3f64 100644 --- a/tools/include/nolibc/types.h +++ b/tools/include/nolibc/types.h @@ -97,6 +97,8 @@ /* Macros used on waitpid()'s return status */ #define WEXITSTATUS(status) (((status) & 0xff00) >> 8) #define WIFEXITED(status) (((status) & 0x7f) == 0) +#define WTERMSIG(status) ((status) & 0x7f) +#define WIFSIGNALED(status) ((status) - 1 < 0xff) /* waitpid() flags */ #define WNOHANG 1 From patchwork Tue Mar 7 22:22:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 660809 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 789C9C74A44 for ; Tue, 7 Mar 2023 22:24:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231424AbjCGWXe (ORCPT ); Tue, 7 Mar 2023 17:23:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231299AbjCGWW6 (ORCPT ); Tue, 7 Mar 2023 17:22:58 -0500 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0CCE0A2F03; Tue, 7 Mar 2023 14:22:44 -0800 (PST) From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1678227762; bh=8vpJp3oAEKODLAv9t1dEXsETCFI+gjgH/LM0SQtKvyk=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=rHPQbbi/2Nz+LU7UGTHNps/xBxZ7er/WEsarwmW8dH65goVja+uqW9IbmTJGXjR9o anJouWbHU+PIS+F4KrGxVkkNdz4+UJKWQGvUP1KXBDtiGFDrWgqwCSvZFNuOwEvaM6 E+35vj0hkYTnK6887gZFxmZs1BCtnoqsMDATT9+4= Date: Tue, 07 Mar 2023 22:22:32 +0000 Subject: [PATCH RFC 3/5] tools/nolibc: tests: constify test_names MIME-Version: 1.0 Message-Id: <20230223-nolibc-stackprotector-v1-3-3e74d81b3f21@weissschuh.net> References: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> In-Reply-To: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> To: Willy Tarreau , Shuah Khan Cc: linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1678227756; l=802; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=8vpJp3oAEKODLAv9t1dEXsETCFI+gjgH/LM0SQtKvyk=; b=c7rCOUMg7N5z4JyASccazgTh924VO7kz0NQvFm/NngjdZMPE4U+IzbfsTF7Si1APsNZ9Sjpe2 96IDa8n7DtJCs+RqXAfwNpEQHFgSZ80TespqkD3+3kNowBb56iOFbwt X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Nothing ever modifies this structure. Signed-off-by: Thomas Weißschuh --- tools/testing/selftests/nolibc/nolibc-test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index 6a7c13f0cd61..fb2d4872fac9 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -717,7 +717,7 @@ int prepare(void) } /* This is the definition of known test names, with their functions */ -static struct test test_names[] = { +static const struct test test_names[] = { /* add new tests here */ { .name = "syscall", .func = run_syscall }, { .name = "stdlib", .func = run_stdlib }, From patchwork Tue Mar 7 22:22:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 660246 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7575C74A5B for ; Tue, 7 Mar 2023 22:24:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231446AbjCGWXg (ORCPT ); Tue, 7 Mar 2023 17:23:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48658 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231453AbjCGWXB (ORCPT ); Tue, 7 Mar 2023 17:23:01 -0500 Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C851A4B32; Tue, 7 Mar 2023 14:22:44 -0800 (PST) From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1678227762; bh=7B9eU1poI//tORVnXKk/Isa53ZRzzHKFs17ILGS5uAY=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=O14LOF3jp44o43W/cVAfN9UTGrU7Je+MZjmS8/5gJ4yidCy575yHJhQLBk5PMdFBV alOFaqyfDBKT6HrppTAb/4QzqYt6ypX8cNQd6df+N+pGhRorDA+VAvuIy4YeoqipFz d01UbPM7K8OKyuMzMPTzzciEvgC7rsCKQCHlanIg= Date: Tue, 07 Mar 2023 22:22:33 +0000 Subject: [PATCH RFC 4/5] tools/nolibc: add support for stack protector MIME-Version: 1.0 Message-Id: <20230223-nolibc-stackprotector-v1-4-3e74d81b3f21@weissschuh.net> References: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> In-Reply-To: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> To: Willy Tarreau , Shuah Khan Cc: linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1678227756; l=7186; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=7B9eU1poI//tORVnXKk/Isa53ZRzzHKFs17ILGS5uAY=; b=0uWbmRx4pY+W8ydurYQGxLqGKtMnVJBCi+t7ihfRpjbO56SVmFC+cnXWLko3NNRsh+oJEUd4n aMc2socQ8bFCC9xZ/UrHsR/nm6UWEQSgS8tFlk+Fwj7dTIE+whBYu5+ X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Stack protection is a feature to detect and handle stack buffer overflows at runtime. For this to work the compiler and libc have to collaborate. This patch adds the following parts to nolibc that are required by the compiler: * __stack_chk_guard: random sentinel value * __stack_chk_fail: handler for detected stack smashes In addition an initialization function is added that randomizes the sentinel value. Only support for global guards is implemented. Register guards are useful in multi-threaded context which nolibc does not provide support for. Link: https://lwn.net/Articles/584225/ Signed-off-by: Thomas Weißschuh --- tools/include/nolibc/Makefile | 4 +-- tools/include/nolibc/arch-i386.h | 8 +++++- tools/include/nolibc/arch-x86_64.h | 5 ++++ tools/include/nolibc/nolibc.h | 1 + tools/include/nolibc/stackprotector.h | 48 +++++++++++++++++++++++++++++++++ tools/testing/selftests/nolibc/Makefile | 12 +++++++++ 6 files changed, 75 insertions(+), 3 deletions(-) diff --git a/tools/include/nolibc/Makefile b/tools/include/nolibc/Makefile index ec57d3932506..9839feafd38a 100644 --- a/tools/include/nolibc/Makefile +++ b/tools/include/nolibc/Makefile @@ -25,8 +25,8 @@ endif nolibc_arch := $(patsubst arm64,aarch64,$(ARCH)) arch_file := arch-$(nolibc_arch).h -all_files := ctype.h errno.h nolibc.h signal.h std.h stdint.h stdio.h stdlib.h \ - string.h sys.h time.h types.h unistd.h +all_files := ctype.h errno.h nolibc.h signal.h stackprotector.h std.h stdint.h \ + stdio.h stdlib.h string.h sys.h time.h types.h unistd.h # install all headers needed to support a bare-metal compiler all: headers diff --git a/tools/include/nolibc/arch-i386.h b/tools/include/nolibc/arch-i386.h index e8d0cf545bf1..a8deb123edca 100644 --- a/tools/include/nolibc/arch-i386.h +++ b/tools/include/nolibc/arch-i386.h @@ -180,6 +180,9 @@ struct sys_stat_struct { char **environ __attribute__((weak)); const unsigned long *_auxv __attribute__((weak)); +void __stack_chk_init(void) __attribute__((weak)); + +#define __ARCH_SUPPORTS_STACK_PROTECTOR /* startup code */ /* @@ -188,9 +191,12 @@ const unsigned long *_auxv __attribute__((weak)); * 2) The deepest stack frame should be set to zero * */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) { __asm__ volatile ( +#ifdef NOLIBC_STACKPROTECTOR + "call __stack_chk_init\n" // initialize stack protector +#endif "pop %eax\n" // argc (first arg, %eax) "mov %esp, %ebx\n" // argv[] (second arg, %ebx) "lea 4(%ebx,%eax,4),%ecx\n" // then a NULL then envp (third arg, %ecx) diff --git a/tools/include/nolibc/arch-x86_64.h b/tools/include/nolibc/arch-x86_64.h index 17f6751208e7..f7f2a11d4c3b 100644 --- a/tools/include/nolibc/arch-x86_64.h +++ b/tools/include/nolibc/arch-x86_64.h @@ -181,6 +181,8 @@ struct sys_stat_struct { char **environ __attribute__((weak)); const unsigned long *_auxv __attribute__((weak)); +#define __ARCH_SUPPORTS_STACK_PROTECTOR + /* startup code */ /* * x86-64 System V ABI mandates: @@ -191,6 +193,9 @@ const unsigned long *_auxv __attribute__((weak)); void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) _start(void) { __asm__ volatile ( +#ifdef NOLIBC_STACKPROTECTOR + "call __stack_chk_init\n" // initialize stack protector +#endif "pop %rdi\n" // argc (first arg, %rdi) "mov %rsp, %rsi\n" // argv[] (second arg, %rsi) "lea 8(%rsi,%rdi,8),%rdx\n" // then a NULL then envp (third arg, %rdx) diff --git a/tools/include/nolibc/nolibc.h b/tools/include/nolibc/nolibc.h index b2bc48d3cfe4..04739a6293c4 100644 --- a/tools/include/nolibc/nolibc.h +++ b/tools/include/nolibc/nolibc.h @@ -104,6 +104,7 @@ #include "string.h" #include "time.h" #include "unistd.h" +#include "stackprotector.h" /* Used by programs to avoid std includes */ #define NOLIBC diff --git a/tools/include/nolibc/stackprotector.h b/tools/include/nolibc/stackprotector.h new file mode 100644 index 000000000000..ca1360b7afd8 --- /dev/null +++ b/tools/include/nolibc/stackprotector.h @@ -0,0 +1,48 @@ +/* SPDX-License-Identifier: LGPL-2.1 OR MIT */ +/* + * Stack protector support for NOLIBC + * Copyright (C) 2023 Thomas Weißschuh + */ + +#ifndef _NOLIBC_STACKPROTECTOR_H +#define _NOLIBC_STACKPROTECTOR_H + +#include "arch.h" + +#if defined(NOLIBC_STACKPROTECTOR) + +#if !defined(__ARCH_SUPPORTS_STACK_PROTECTOR) +#error "nolibc does not support stack protectors on this arch" +#endif + +#include "sys.h" +#include "stdlib.h" + +__attribute__((weak,noreturn,section(".text.nolibc_stack_chk"))) +void __stack_chk_fail(void) +{ + write(STDERR_FILENO, "!!Stack smashing detected!!\n", 28); + abort(); +} + +__attribute__((weak,noreturn,section(".text.nolibc_stack_chk"))) +void __stack_chk_fail_local(void) +{ + __stack_chk_fail(); +} + +__attribute__((weak,section(".data.nolibc_stack_chk"))) +uintptr_t __stack_chk_guard; + +__attribute__((weak,no_stack_protector,section(".text.nolibc_stack_chk"))) +void __stack_chk_init(void) +{ + // raw syscall assembly as calling a function would trigger the + // stackprotector itself + my_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard), 0); + // a bit more randomness in case getrandom() fails + __stack_chk_guard |= (uintptr_t) &__stack_chk_guard; +} +#endif // defined(NOLIBC_STACKPROTECTOR) + +#endif // _NOLIBC_STACKPROTECTOR_H diff --git a/tools/testing/selftests/nolibc/Makefile b/tools/testing/selftests/nolibc/Makefile index ea2b82a3cd86..749a09c9a012 100644 --- a/tools/testing/selftests/nolibc/Makefile +++ b/tools/testing/selftests/nolibc/Makefile @@ -1,6 +1,8 @@ # SPDX-License-Identifier: GPL-2.0 # Makefile for nolibc tests include ../../../scripts/Makefile.include +# We need this for the "cc-option" macro. +include ../../../build/Build.include # we're in ".../tools/testing/selftests/nolibc" ifeq ($(srctree),) @@ -74,7 +76,13 @@ else Q=@ endif +CFLAGS_STACKPROTECTOR = -DNOLIBC_STACKPROTECTOR \ + $(call cc-option,-mstack-protector-guard=global) \ + $(call cc-option,-fstack-protector-all) CFLAGS_s390 = -m64 +CFLAGS_x86 = $(CFLAGS_STACKPROTECTOR) +CFLAGS_i386 = $(CFLAGS_STACKPROTECTOR) +CFLAGS_x86_64 = $(CFLAGS_STACKPROTECTOR) CFLAGS ?= -Os -fno-ident -fno-asynchronous-unwind-tables $(CFLAGS_$(ARCH)) LDFLAGS := -s @@ -118,6 +126,10 @@ nolibc-test: nolibc-test.c sysroot/$(ARCH)/include $(QUIET_CC)$(CC) $(CFLAGS) $(LDFLAGS) -o $@ \ -nostdlib -static -Isysroot/$(ARCH)/include $< -lgcc +foo: foo.c sysroot/$(ARCH)/include + $(QUIET_CC)$(CC) $(CFLAGS) $(LDFLAGS) -o $@ \ + -nostdlib -static -Isysroot/$(ARCH)/include $< -lgcc + # qemu user-land test run-user: nolibc-test $(Q)qemu-$(QEMU_ARCH) ./nolibc-test > "$(CURDIR)/run.out" || : From patchwork Tue Mar 7 22:22:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Patchwork-Id: 660247 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5668C76186 for ; Tue, 7 Mar 2023 22:24:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231448AbjCGWXh (ORCPT ); Tue, 7 Mar 2023 17:23:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231575AbjCGWXD (ORCPT ); Tue, 7 Mar 2023 17:23:03 -0500 Received: from todd.t-8ch.de (todd.t-8ch.de [159.69.126.157]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8DB2D18B0F; Tue, 7 Mar 2023 14:22:58 -0800 (PST) From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1678227764; bh=wMlMqNF3HdsYBhiMwlY00yIFmFgEItJMu93P1cpiTpQ=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=NmpjSn5YwfoF1abfuFJijYMNNRIa0mx8eQEZFvBSGeYztxwiE/Me+n99EAMrGX6Fv gI1qjXLVit3g103iTC5gfOKWsqCRtT/gKQV1Ml8vy3OQvmxwWySaLKhbaErh/KC1cF ugjQwa6WJ922MDTuy/bSkVZbcNw3QEdg4L2f8dwI= Date: Tue, 07 Mar 2023 22:22:34 +0000 Subject: [PATCH RFC 5/5] tools/nolibc: tests: add test for -fstack-protector MIME-Version: 1.0 Message-Id: <20230223-nolibc-stackprotector-v1-5-3e74d81b3f21@weissschuh.net> References: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> In-Reply-To: <20230223-nolibc-stackprotector-v1-0-3e74d81b3f21@weissschuh.net> To: Willy Tarreau , Shuah Khan Cc: linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.1 X-Developer-Signature: v=1; a=ed25519-sha256; t=1678227756; l=3131; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=wMlMqNF3HdsYBhiMwlY00yIFmFgEItJMu93P1cpiTpQ=; b=LUG3ujBuABS0LQOJZ/EC+fRvBT+VCTd8tKxSAkaQ/VV8PiWPHofAfK/UB+9qTeTgG+SngI5BU Cn6xoSswl9+COeeKYUc6FbOjZ2q/+j/slBLKz6tcRU8R8JIdpFwXD5W X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Test the previously introduce stack protector functionality in nolibc. Signed-off-by: Thomas Weißschuh --- tools/testing/selftests/nolibc/nolibc-test.c | 74 +++++++++++++++++++++++++++- 1 file changed, 72 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index fb2d4872fac9..4990b2750279 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -45,6 +45,7 @@ char **environ; struct test { const char *name; // test name int (*func)(int min, int max); // handler + char skip_by_default; // don't run by default }; #ifndef _NOLIBC_STDLIB_H @@ -667,6 +668,70 @@ int run_stdlib(int min, int max) return ret; } +#if defined(__clang__) +__attribute__((optnone)) +#elif defined(__GNUC__) +__attribute__((optimize("O0"))) +#endif +static int run_smash_stack(int min, int max) +{ + char buf[100]; + + for (size_t i = 0; i < 200; i++) + buf[i] = 15; + + return 1; +} + +int run_stackprotector(int min, int max) +{ + int llen = 0; + + llen += printf("0 "); + +#if !defined(NOLIBC_STACKPROTECTOR) + llen += printf("stack smashing detection not supported"); + pad_spc(llen, 64, "[SKIPPED]\n"); + return 0; +#endif + + pid_t pid = fork(); + + switch (pid) { + case -1: + llen += printf("fork()"); + pad_spc(llen, 64, "[FAIL]\n"); + return 1; + + case 0: + close(STDOUT_FILENO); + close(STDERR_FILENO); + + char *const argv[] = { + "/proc/self/exe", + "_smash_stack", + NULL, + }; + execve("/proc/self/exe", argv, NULL); + return 1; + + default: { + int status; + + pid = waitpid(pid, &status, 0); + + if (pid == -1 || !WIFSIGNALED(status) || WTERMSIG(status) != SIGABRT) { + llen += printf("waitpid()"); + pad_spc(llen, 64, "[FAIL]\n"); + return 1; + } + llen += printf("stack smashing detected"); + pad_spc(llen, 64, " [OK]\n"); + return 0; + } + } +} + /* prepare what needs to be prepared for pid 1 (stdio, /dev, /proc, etc) */ int prepare(void) { @@ -719,8 +784,11 @@ int prepare(void) /* This is the definition of known test names, with their functions */ static const struct test test_names[] = { /* add new tests here */ - { .name = "syscall", .func = run_syscall }, - { .name = "stdlib", .func = run_stdlib }, + { .name = "syscall", .func = run_syscall }, + { .name = "stdlib", .func = run_stdlib }, + { .name = "stackprotector", .func = run_stackprotector, }, + { .name = "_smash_stack", .func = run_smash_stack, + .skip_by_default = 1 }, { 0 } }; @@ -811,6 +879,8 @@ int main(int argc, char **argv, char **envp) } else { /* no test mentioned, run everything */ for (idx = 0; test_names[idx].name; idx++) { + if (test_names[idx].skip_by_default) + continue; printf("Running test '%s'\n", test_names[idx].name); err = test_names[idx].func(min, max); ret += err;