tools/nolibc: riscv: add stackprotector support
Commit Message
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
This was split out from the general stackprotector series[0] to be
rebased on the nolibc rv32 work from Zhangjin.
This was only tested for rv64 as the nolibc rv32 port is not yet
functional.
Based on the nolibc/20230520-nolibc-rv32+stkp branch.
[0] https://lore.kernel.org/lkml/20230408-nolibc-stackprotector-archs-v1-0-271f5c859c71@weissschuh.net/
---
tools/include/nolibc/arch-riscv.h | 7 ++++++-
tools/testing/selftests/nolibc/Makefile | 1 +
2 files changed, 7 insertions(+), 1 deletion(-)
---
base-commit: 6a1f732e0d753a691e9e787615b9a0dd92e1f3f4
change-id: 20230520-nolibc-stackprotector-riscv-160cb957fcd5
Best regards,
Comments
Willy, Thomas,
Resend more info about this patch (added but lost after a new format-patch):
This patch is based on the nolibc/20230520-nolibc-rv32+stkp branch of
[1] + the STKP patch for riscv [2], it is a testing 'side-effect' of the
STKP on rv32.
The nolibc rv32 port is not yet functional, we did this compile test by
adding -D__ARCH_WANT_TIME32_SYSCALLS to gcc (only for compile, see [3]).
We did get this info for rv32:
!!Stack smashing detected!!
Just to mention, -DNOLIBC_STACKPROTECTOR -fstack-protector-all is used to
enable STKP, for -mstack-protector-guard=global is not available for riscv64
gcc 9.3:
riscv64-linux-gnu-gcc: error: unrecognized command line option '-mstack-protector-guard=global'; did you mean '-fstack-protector-all'
[1]: https://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/nolibc.git
[2]: https://lore.kernel.org/linux-riscv/20230520-nolibc-stackprotector-riscv-v1-1-d8912012a034@weissschuh.net/T/#
[3]: https://lore.kernel.org/linux-riscv/20230520084610.GA27206@1wt.eu/T/#mf0e54ee19bd3f94dadbb4420ed9dffa316d1719d
Best regards,
Zhangjin Wu
> When compile nolibc-test.c for rv32, we got such error:
>
> tools/testing/selftests/nolibc/nolibc-test.c:599:57: error: '__NR_fstat' undeclared (first use in this function)
> 599 | CASE_TEST(syscall_args); EXPECT_SYSER(1, syscall(__NR_fstat, 0, NULL), -1, EFAULT); break;
>
> The generic include/uapi/asm-generic/unistd.h used by rv32 doesn't
> support __NR_fstat, using the common __NR_read functions as expected.
>
> Running test 'syscall'
> 69 syscall_noargs = 1 [OK]
> 70 syscall_args = -1 EBADF [OK]
>
> Btw, the latest riscv libc6-dev package is required, otherwise, we would
> also get such error:
>
> In file included from /usr/riscv64-linux-gnu/include/sys/cdefs.h:452,
> from /usr/riscv64-linux-gnu/include/features.h:461,
> from /usr/riscv64-linux-gnu/include/bits/libc-header-start.h:33,
> from /usr/riscv64-linux-gnu/include/limits.h:26,
> from /usr/lib/gcc-cross/riscv64-linux-gnu/9/include/limits.h:194,
> from /usr/lib/gcc-cross/riscv64-linux-gnu/9/include/syslimits.h:7,
> from /usr/lib/gcc-cross/riscv64-linux-gnu/9/include/limits.h:34,
> from /labs/linux-lab/src/linux-stable/tools/testing/selftests/nolibc/nolibc-test.c:6:
> /usr/riscv64-linux-gnu/include/bits/wordsize.h:28:3: error: #error "rv32i-based targets are not supported"
> 28 | # error "rv32i-based targets are not supported"
>
> The glibc commit 5b6113d62efa ("RISC-V: Support the 32-bit ABI
> implementation") fixed up above error, so, glibc >= 2.33 (who includes
> this commit) is required.
>
> Signed-off-by: Zhangjin Wu <falcon@tinylab.org>
> ---
> tools/testing/selftests/nolibc/nolibc-test.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c
> index 063f9959ac44..d8b59c8f6c03 100644
> --- a/tools/testing/selftests/nolibc/nolibc-test.c
> +++ b/tools/testing/selftests/nolibc/nolibc-test.c
> @@ -596,7 +596,7 @@ int run_syscall(int min, int max)
> CASE_TEST(write_badf); EXPECT_SYSER(1, write(-1, &tmp, 1), -1, EBADF); break;
> CASE_TEST(write_zero); EXPECT_SYSZR(1, write(1, &tmp, 0)); break;
> CASE_TEST(syscall_noargs); EXPECT_SYSEQ(1, syscall(__NR_getpid), getpid()); break;
> - CASE_TEST(syscall_args); EXPECT_SYSER(1, syscall(__NR_fstat, 0, NULL), -1, EFAULT); break;
> + CASE_TEST(syscall_args); EXPECT_SYSER(1, syscall(__NR_read, -1, &tmp, 1), -1, EBADF); break;
> case __LINE__:
> return ret; /* must be last */
> /* note: do not set any defaults so as to permit holes above */
@@ -177,14 +177,19 @@ struct sys_stat_struct {
char **environ __attribute__((weak));
const unsigned long *_auxv __attribute__((weak));
+#define __ARCH_SUPPORTS_STACK_PROTECTOR
+
/* startup code */
-void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) _start(void)
+void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void)
{
__asm__ volatile (
".option push\n"
".option norelax\n"
"lla gp, __global_pointer$\n"
".option pop\n"
+#ifdef NOLIBC_STACKPROTECTOR
+ "call __stack_chk_init\n" /* initialize stack protector */
+#endif
REG_L" a0, 0(sp)\n" /* argc (a0) was in the stack */
"add a1, sp, "SZREG"\n" /* argv (a1) = sp */
"slli a2, a0, "PTRLOG"\n" /* envp (a2) = SZREG*argc ... */
@@ -85,6 +85,7 @@ CFLAGS_STKP_x86 = $(CFLAGS_STACKPROTECTOR)
CFLAGS_STKP_arm64 = $(CFLAGS_STACKPROTECTOR)
CFLAGS_STKP_arm = $(CFLAGS_STACKPROTECTOR)
CFLAGS_STKP_mips = $(CFLAGS_STACKPROTECTOR)
+CFLAGS_STKP_riscv = $(CFLAGS_STACKPROTECTOR)
CFLAGS_STKP_loongarch = $(CFLAGS_STACKPROTECTOR)
CFLAGS_s390 = -m64
CFLAGS ?= -Os -fno-ident -fno-asynchronous-unwind-tables -std=c89 \