feat: 支持AT_RANDOM以增强用户态栈保护能力
背景:不开地址随机化时,用户态栈CANARY值是固定值 方案:支持AT_RANDOM,CANARY从AT_RANDOM获取随机值以增强用户态栈保护能力 close #I4CB8M Signed-off-by: Haryslee <lihao189@huawei.com> Change-Id: I28cef09f7016a5096e2096d4f6aa72722fcf1fd7
This commit is contained in:
Haryslee
parent
c7da23695c
commit
06ea03715f
|
|
@ -79,6 +79,7 @@ extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define STACK_ALIGN_SIZE 0x10
|
#define STACK_ALIGN_SIZE 0x10
|
||||||
|
#define RANDOM_VECTOR_SIZE 1
|
||||||
|
|
||||||
/* The permissions on sections in the program header. */
|
/* The permissions on sections in the program header. */
|
||||||
#define PF_R 0x4
|
#define PF_R 0x4
|
||||||
|
|
@ -99,23 +100,22 @@ typedef struct {
|
||||||
CHAR *execName;
|
CHAR *execName;
|
||||||
INT32 argc;
|
INT32 argc;
|
||||||
INT32 envc;
|
INT32 envc;
|
||||||
CHAR *const *argv;
|
CHAR * const *argv;
|
||||||
CHAR *const *envp;
|
CHAR * const *envp;
|
||||||
UINTPTR stackTop;
|
UINTPTR stackTop;
|
||||||
UINTPTR stackTopMax;
|
UINTPTR stackTopMax;
|
||||||
UINTPTR stackBase;
|
UINTPTR stackBase;
|
||||||
UINTPTR stackParamBase;
|
UINTPTR stackParamBase;
|
||||||
UINT32 stackSize;
|
UINT32 stackSize;
|
||||||
INT32 stackProt;
|
INT32 stackProt;
|
||||||
|
UINTPTR argStart;
|
||||||
UINTPTR loadAddr;
|
UINTPTR loadAddr;
|
||||||
UINTPTR elfEntry;
|
UINTPTR elfEntry;
|
||||||
UINTPTR topOfMem;
|
UINTPTR topOfMem;
|
||||||
UINTPTR oldFiles;
|
UINTPTR oldFiles;
|
||||||
LosVmSpace *newSpace;
|
LosVmSpace *newSpace;
|
||||||
LosVmSpace *oldSpace;
|
LosVmSpace *oldSpace;
|
||||||
#ifdef LOSCFG_ASLR
|
|
||||||
INT32 randomDevFD;
|
INT32 randomDevFD;
|
||||||
#endif
|
|
||||||
} ELFLoadInfo;
|
} ELFLoadInfo;
|
||||||
|
|
||||||
STATIC INLINE BOOL OsIsBadUserAddress(VADDR_T vaddr)
|
STATIC INLINE BOOL OsIsBadUserAddress(VADDR_T vaddr)
|
||||||
|
|
|
||||||
|
|
@ -789,12 +789,10 @@ STATIC INT32 OsSetArgParams(ELFLoadInfo *loadInfo, CHAR *const *argv, CHAR *cons
|
||||||
UINT32 vmFlags;
|
UINT32 vmFlags;
|
||||||
INT32 ret;
|
INT32 ret;
|
||||||
|
|
||||||
#ifdef LOSCFG_ASLR
|
|
||||||
loadInfo->randomDevFD = open("/dev/urandom", O_RDONLY);
|
loadInfo->randomDevFD = open("/dev/urandom", O_RDONLY);
|
||||||
if (loadInfo->randomDevFD < 0) {
|
if (loadInfo->randomDevFD < 0) {
|
||||||
PRINT_ERR("%s: open /dev/urandom failed\n", __FUNCTION__);
|
PRINT_ERR("%s: open /dev/urandom failed\n", __FUNCTION__);
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
(VOID)OsGetStackProt(loadInfo);
|
(VOID)OsGetStackProt(loadInfo);
|
||||||
if (((UINT32)loadInfo->stackProt & (PROT_READ | PROT_WRITE)) != (PROT_READ | PROT_WRITE)) {
|
if (((UINT32)loadInfo->stackProt & (PROT_READ | PROT_WRITE)) != (PROT_READ | PROT_WRITE)) {
|
||||||
|
|
@ -831,13 +829,13 @@ STATIC INT32 OsSetArgParams(ELFLoadInfo *loadInfo, CHAR *const *argv, CHAR *cons
|
||||||
if (ret != LOS_OK) {
|
if (ret != LOS_OK) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
loadInfo->argStart = loadInfo->topOfMem;
|
||||||
|
|
||||||
return LOS_OK;
|
return LOS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
STATIC INT32 OsPutParamToStack(ELFLoadInfo *loadInfo, const UINTPTR *auxVecInfo, INT32 vecIndex)
|
STATIC INT32 OsPutParamToStack(ELFLoadInfo *loadInfo, const UINTPTR *auxVecInfo, INT32 vecIndex)
|
||||||
{
|
{
|
||||||
UINTPTR argStart = loadInfo->topOfMem;
|
|
||||||
UINTPTR *topMem = (UINTPTR *)ROUNDDOWN(loadInfo->topOfMem, sizeof(UINTPTR));
|
UINTPTR *topMem = (UINTPTR *)ROUNDDOWN(loadInfo->topOfMem, sizeof(UINTPTR));
|
||||||
UINTPTR *argsPtr = NULL;
|
UINTPTR *argsPtr = NULL;
|
||||||
INT32 items = (loadInfo->argc + 1) + (loadInfo->envc + 1) + 1;
|
INT32 items = (loadInfo->argc + 1) + (loadInfo->envc + 1) + 1;
|
||||||
|
|
@ -858,8 +856,8 @@ STATIC INT32 OsPutParamToStack(ELFLoadInfo *loadInfo, const UINTPTR *auxVecInfo,
|
||||||
|
|
||||||
argsPtr++;
|
argsPtr++;
|
||||||
|
|
||||||
if ((OsPutUserArgv(&argStart, &argsPtr, loadInfo->argc) != LOS_OK) ||
|
if ((OsPutUserArgv(&loadInfo->argStart, &argsPtr, loadInfo->argc) != LOS_OK) ||
|
||||||
(OsPutUserArgv(&argStart, &argsPtr, loadInfo->envc) != LOS_OK)) {
|
(OsPutUserArgv(&loadInfo->argStart, &argsPtr, loadInfo->envc) != LOS_OK)) {
|
||||||
PRINT_ERR("%s[%d], Failed to put argv or envp to user stack!\n", __FUNCTION__, __LINE__);
|
PRINT_ERR("%s[%d], Failed to put argv or envp to user stack!\n", __FUNCTION__, __LINE__);
|
||||||
return -EFAULT;
|
return -EFAULT;
|
||||||
}
|
}
|
||||||
|
|
@ -873,16 +871,46 @@ STATIC INT32 OsPutParamToStack(ELFLoadInfo *loadInfo, const UINTPTR *auxVecInfo,
|
||||||
return LOS_OK;
|
return LOS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
STATIC INT32 OsGetRndNum(const ELFLoadInfo *loadInfo, UINT32 *rndVec, UINT32 vecSize)
|
||||||
|
{
|
||||||
|
UINT32 randomValue = 0;
|
||||||
|
UINT32 i, ret;
|
||||||
|
|
||||||
|
for (i = 0; i < vecSize; ++i) {
|
||||||
|
ret = read(loadInfo->randomDevFD, &randomValue, sizeof(UINT32));
|
||||||
|
if (ret != sizeof(UINT32)) {
|
||||||
|
return -EIO;
|
||||||
|
}
|
||||||
|
rndVec[i] = randomValue;
|
||||||
|
}
|
||||||
|
|
||||||
|
return LOS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
STATIC INT32 OsMakeArgsStack(ELFLoadInfo *loadInfo, UINTPTR interpMapBase)
|
STATIC INT32 OsMakeArgsStack(ELFLoadInfo *loadInfo, UINTPTR interpMapBase)
|
||||||
{
|
{
|
||||||
UINTPTR auxVector[AUX_VECTOR_SIZE] = { 0 };
|
UINTPTR auxVector[AUX_VECTOR_SIZE] = { 0 };
|
||||||
UINTPTR *auxVecInfo = (UINTPTR *)auxVector;
|
UINTPTR *auxVecInfo = (UINTPTR *)auxVector;
|
||||||
INT32 vecIndex = 0;
|
INT32 vecIndex = 0;
|
||||||
|
UINT32 rndVec[RANDOM_VECTOR_SIZE];
|
||||||
|
UINTPTR rndVecStart;
|
||||||
INT32 ret;
|
INT32 ret;
|
||||||
#ifdef LOSCFG_KERNEL_VDSO
|
#ifdef LOSCFG_KERNEL_VDSO
|
||||||
vaddr_t vdsoLoadAddr;
|
vaddr_t vdsoLoadAddr;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
ret = OsGetRndNum(loadInfo, rndVec, sizeof(rndVec));
|
||||||
|
if (ret != LOS_OK) {
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
loadInfo->topOfMem -= sizeof(rndVec);
|
||||||
|
rndVecStart = loadInfo->topOfMem;
|
||||||
|
|
||||||
|
ret = LOS_ArchCopyToUser((VOID *)loadInfo->topOfMem, rndVec, sizeof(rndVec));
|
||||||
|
if (ret != 0) {
|
||||||
|
return -EFAULT;
|
||||||
|
}
|
||||||
|
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_PHDR, loadInfo->loadAddr + loadInfo->execInfo.elfEhdr.elfPhoff);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_PHDR, loadInfo->loadAddr + loadInfo->execInfo.elfEhdr.elfPhoff);
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_PHENT, sizeof(LD_ELF_PHDR));
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_PHENT, sizeof(LD_ELF_PHDR));
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_PHNUM, loadInfo->execInfo.elfEhdr.elfPhNum);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_PHNUM, loadInfo->execInfo.elfEhdr.elfPhNum);
|
||||||
|
|
@ -897,7 +925,7 @@ STATIC INT32 OsMakeArgsStack(ELFLoadInfo *loadInfo, UINTPTR interpMapBase)
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_HWCAP, 0);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_HWCAP, 0);
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_CLKTCK, 0);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_CLKTCK, 0);
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_SECURE, 0);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_SECURE, 0);
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_RANDOM, 0);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_RANDOM, rndVecStart);
|
||||||
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_EXECFN, (UINTPTR)loadInfo->execName);
|
AUX_VEC_ENTRY(auxVector, vecIndex, AUX_EXECFN, (UINTPTR)loadInfo->execName);
|
||||||
|
|
||||||
#ifdef LOSCFG_KERNEL_VDSO
|
#ifdef LOSCFG_KERNEL_VDSO
|
||||||
|
|
@ -988,9 +1016,7 @@ STATIC VOID OsFlushAspace(ELFLoadInfo *loadInfo)
|
||||||
|
|
||||||
STATIC VOID OsDeInitLoadInfo(ELFLoadInfo *loadInfo)
|
STATIC VOID OsDeInitLoadInfo(ELFLoadInfo *loadInfo)
|
||||||
{
|
{
|
||||||
#ifdef LOSCFG_ASLR
|
|
||||||
(VOID)close(loadInfo->randomDevFD);
|
(VOID)close(loadInfo->randomDevFD);
|
||||||
#endif
|
|
||||||
|
|
||||||
if (loadInfo->execInfo.elfPhdr != NULL) {
|
if (loadInfo->execInfo.elfPhdr != NULL) {
|
||||||
(VOID)LOS_MemFree(m_aucSysMem0, loadInfo->execInfo.elfPhdr);
|
(VOID)LOS_MemFree(m_aucSysMem0, loadInfo->execInfo.elfPhdr);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue