stack_sentinel: hang system on failure

Stack sentinel doesn't prevent corruption, it just notices when it happens. Any memory could be in a bad state and it's more appropriate to take the entire system down rather than just kill the thread. Fatal testcase will still work since it installs its own _SysFatalErrorHandler. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
2017-06-07 15:15:19 -07:00 · 2017-06-07 15:15:19 -07:00 · e3550a29ff
commit e3550a29ff
parent 000429c069
5 changed files with 25 additions and 0 deletions
--- a/arch/arm/core/sys_fatal_error_handler.c
+++ b/arch/arm/core/sys_fatal_error_handler.c
@ -44,6 +44,11 @@ void __weak _SysFatalErrorHandler(unsigned int reason,
 	ARG_UNUSED(pEsf);

 #if !defined(CONFIG_SIMPLE_FATAL_ERROR_HANDLER)
+#ifdef CONFIG_STACK_SENTINEL
+	if (reason == _NANO_ERR_STACK_CHK_FAIL) {
+		goto hang_system;
+	}
+#endif
 	if (reason == _NANO_ERR_KERNEL_PANIC) {
 		goto hang_system;
 	}
--- a/arch/nios2/core/fatal.c
+++ b/arch/nios2/core/fatal.c
@ -226,6 +226,11 @@ FUNC_NORETURN __weak void _SysFatalErrorHandler(unsigned int reason,
 	ARG_UNUSED(pEsf);

 #if !defined(CONFIG_SIMPLE_FATAL_ERROR_HANDLER)
+#ifdef CONFIG_STACK_SENTINEL
+	if (reason == _NANO_ERR_STACK_CHK_FAIL) {
+		goto hang_system;
+	}
+#endif
 	if (reason == _NANO_ERR_KERNEL_PANIC) {
 		goto hang_system;
 	}
--- a/arch/riscv32/core/fatal.c
+++ b/arch/riscv32/core/fatal.c
@ -140,6 +140,11 @@ FUNC_NORETURN __weak void _SysFatalErrorHandler(unsigned int reason,
 	ARG_UNUSED(esf);

 #if !defined(CONFIG_SIMPLE_FATAL_ERROR_HANDLER)
+#ifdef CONFIG_STACK_SENTINEL
+	if (reason == _NANO_ERR_STACK_CHK_FAIL) {
+		goto hang_system;
+	}
+#endif
 	if (reason == _NANO_ERR_KERNEL_PANIC) {
 		goto hang_system;
 	}
--- a/arch/x86/core/sys_fatal_error_handler.c
+++ b/arch/x86/core/sys_fatal_error_handler.c
@ -44,6 +44,11 @@ FUNC_NORETURN __weak void _SysFatalErrorHandler(unsigned int reason,
 	ARG_UNUSED(pEsf);

 #if !defined(CONFIG_SIMPLE_FATAL_ERROR_HANDLER)
+#ifdef CONFIG_STACK_SENTINEL
+	if (reason == _NANO_ERR_STACK_CHK_FAIL) {
+		goto hang_system;
+	}
+#endif
 	if (reason == _NANO_ERR_KERNEL_PANIC) {
 		goto hang_system;
 	}
--- a/arch/xtensa/core/fatal.c
+++ b/arch/xtensa/core/fatal.c
@ -241,6 +241,11 @@ FUNC_NORETURN __weak void _SysFatalErrorHandler(unsigned int reason,
 	ARG_UNUSED(pEsf);

 #if !defined(CONFIG_SIMPLE_FATAL_ERROR_HANDLER)
+#ifdef CONFIG_STACK_SENTINEL
+	if (reason == _NANO_ERR_STACK_CHK_FAIL) {
+		goto hang_system;
+	}
+#endif
 	if (reason == _NANO_ERR_KERNEL_PANIC) {
 		goto hang_system;
 	}