3e75c03cb2
STACK_CANARIES was enabling canaries in all functions using the compiler flag -fstack-protector-all. This became confuse with the addition of the options STRONG and EXPLICIT. This commit adds the missing option (default level) and disambiguous the options mapping them close to the compiler flags. Now we have the following options: STACK_CANARIES -> fstack-protector STACK_CANARIES_STRONG -> fstack-protector-strong STACK_CANARIES_ALL -> fstack-protector-all STACK_CANARIES_EXPLICIT -> fstack-protector-explicit Note that from now on STACK_CANARIES_ALL is the symbol that adds canaries for all functions. Signed-off-by: Flavio Ceolin <flavio.ceolin@gmail.com>
65 lines
1.8 KiB
C
65 lines
1.8 KiB
C
/*
|
|
* Copyright (c) 2012-2014 Wind River Systems, Inc.
|
|
*
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
|
|
/**
|
|
* @file
|
|
* @brief Compiler stack protection (kernel part)
|
|
*
|
|
* This module provides functions to support compiler stack protection
|
|
* using canaries. This feature is enabled with configuration
|
|
* CONFIG_STACK_CANARIES=y or CONFIG_STACK_CANARIES_STRONG=y or
|
|
* CONFIG_STACK_CANARIES_ALL=y or CONFIG_STACK_CANARIES_EXPLICIT=y.
|
|
*
|
|
* When this feature is enabled, the compiler generated code refers to
|
|
* function __stack_chk_fail and global variable __stack_chk_guard.
|
|
*/
|
|
|
|
#include <zephyr/toolchain.h> /* compiler specific configurations */
|
|
|
|
#include <zephyr/kernel_structs.h>
|
|
#include <zephyr/toolchain.h>
|
|
#include <zephyr/linker/sections.h>
|
|
#include <zephyr/kernel.h>
|
|
#include <zephyr/app_memory/app_memdomain.h>
|
|
|
|
/**
|
|
*
|
|
* @brief Stack canary error handler
|
|
*
|
|
* This function is invoked when a stack canary error is detected.
|
|
*
|
|
* @return Does not return
|
|
*/
|
|
void _StackCheckHandler(void)
|
|
{
|
|
/* Stack canary error is a software fatal condition; treat it as such.
|
|
*/
|
|
z_except_reason(K_ERR_STACK_CHK_FAIL);
|
|
CODE_UNREACHABLE; /* LCOV_EXCL_LINE */
|
|
}
|
|
|
|
/* Global variable */
|
|
|
|
/*
|
|
* Symbol referenced by GCC compiler generated code for canary value.
|
|
* The canary value gets initialized in z_cstart().
|
|
*/
|
|
#ifdef CONFIG_STACK_CANARIES_TLS
|
|
Z_THREAD_LOCAL volatile uintptr_t __stack_chk_guard;
|
|
#elif CONFIG_USERSPACE
|
|
K_APP_DMEM(z_libc_partition) volatile uintptr_t __stack_chk_guard;
|
|
#else
|
|
__noinit volatile uintptr_t __stack_chk_guard;
|
|
#endif
|
|
|
|
/**
|
|
*
|
|
* @brief Referenced by GCC compiler generated code
|
|
*
|
|
* This routine is invoked when a stack canary error is detected, indicating
|
|
* a buffer overflow or stack corruption problem.
|
|
*/
|
|
FUNC_ALIAS(_StackCheckHandler, __stack_chk_fail, void);
|