kernel: add stack canary to libc partition

Andrew Boie · nashif · commit 01100eadb8b0 · 2019-02-22T18:50:43.000-05:00
User mode needs to be able to read this value in
compiler generated function prologues/epilogues.

Special handling in init.c for arches that use
_data_copy. This happens before _Cstart() gets
called. We need to make sure that the compiler
stack canary checks in _data_copy itself do not
fail.

Signed-off-by: Andrew Boie &lt;andrew.p.boie@intel.com&gt;
diff --git a/kernel/compiler_stack_protect.c b/kernel/compiler_stack_protect.c
@@ -22,6 +22,7 @@
 #include <toolchain.h>
 #include <linker/sections.h>
 #include <kernel.h>
+#include <app_memory/app_memdomain.h>
 
 /**
  *
@@ -45,7 +46,11 @@ void FUNC_NORETURN _StackCheckHandler(void)
  * Symbol referenced by GCC compiler generated code for canary value.
  * The canary value gets initialized in _Cstart().
  */
-void __noinit *__stack_chk_guard;
+#ifdef CONFIG_APP_SHARED_MEM
+K_APP_DMEM(z_libc_partition) uintptr_t __stack_chk_guard;
+#else
+__noinit uintptr_t __stack_chk_guard;
+#endif
 
 /**
  *
diff --git a/kernel/init.c b/kernel/init.c
@@ -159,6 +159,10 @@ void _bss_zero(void)
 #endif
 }
 
+#ifdef CONFIG_STACK_CANARIES
+extern volatile uintptr_t __stack_chk_guard;
+#endif /* CONFIG_STACK_CANARIES */
+
 
 #ifdef CONFIG_XIP
 /**
@@ -187,9 +191,29 @@ void _data_copy(void)
 	data_copy_xip_relocation();
 #endif	/* CONFIG_CODE_DATA_RELOCATION */
 #ifdef CONFIG_APP_SHARED_MEM
+#ifdef CONFIG_STACK_CANARIES
+	/* stack canary checking is active for all C functions.
+	 * __stack_chk_guard is some uninitialized value living in the
+	 * app shared memory sections. Preserve it, and don't make any
+	 * function calls to perform the memory copy. The true canary
+	 * value gets set later in _Cstart().
+	 */
+	uintptr_t guard_copy = __stack_chk_guard;
+	u8_t *src = (u8_t *)&_app_smem_rom_start;
+	u8_t *dst = (u8_t *)&_app_smem_start;
+	u32_t count = (u32_t)&_app_smem_end - (u32_t)&_app_smem_start;
+
+	guard_copy = __stack_chk_guard;
+	while (count > 0) {
+		*(dst++) = *(src++);
+		count--;
+	}
+	__stack_chk_guard = guard_copy;
+#else
 	(void)memcpy(&_app_smem_start, &_app_smem_rom_start,
 		 ((u32_t) &_app_smem_end - (u32_t) &_app_smem_start));
-#endif
+#endif /* CONFIG_STACK_CANARIES */
+#endif /* CONFIG_APP_SHARED_MEM */
 }
 #endif
 
@@ -439,10 +463,6 @@ u32_t z_early_boot_rand32_get(void)
 	return sys_rand32_get();
 }
 
-#ifdef CONFIG_STACK_CANARIES
-extern uintptr_t __stack_chk_guard;
-#endif /* CONFIG_STACK_CANARIES */
-
 /**
  *
  * @brief Initialize kernel
