diff --git a/CMakeLists.txt b/CMakeLists.txt index 6feef29ce34..5bd9348cb57 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -177,6 +177,8 @@ if(CONFIG_STACK_CANARIES) zephyr_compile_options($) elseif(CONFIG_STACK_CANARIES_STRONG) zephyr_compile_options($) +elseif(CONFIG_STACK_CANARIES_ALL) + zephyr_compile_options($) elseif(CONFIG_STACK_CANARIES_EXPLICIT) zephyr_compile_options($) endif() diff --git a/cmake/compiler/arcmwdt/compiler_flags.cmake b/cmake/compiler/arcmwdt/compiler_flags.cmake index 3f8a46f4f01..7234afc0c80 100644 --- a/cmake/compiler/arcmwdt/compiler_flags.cmake +++ b/cmake/compiler/arcmwdt/compiler_flags.cmake @@ -167,8 +167,9 @@ set_compiler_property(PROPERTY imacros -imacros) # Security canaries. #no support of -mstack-protector-guard=global" -set_compiler_property(PROPERTY security_canaries -fstack-protector-all) +set_compiler_property(PROPERTY security_canaries -fstack-protector) set_compiler_property(PROPERTY security_canaries_strong -fstack-protector-strong) +set_compiler_property(PROPERTY security_canaries_all -fstack-protector-all) #no support of _FORTIFY_SOURCE" set_compiler_property(PROPERTY security_fortify_compile_time) diff --git a/cmake/compiler/compiler_flags_template.cmake b/cmake/compiler/compiler_flags_template.cmake index e35660491c6..447db04a2d3 100644 --- a/cmake/compiler/compiler_flags_template.cmake +++ b/cmake/compiler/compiler_flags_template.cmake @@ -93,6 +93,7 @@ set_compiler_property(PROPERTY coverage) # Security canaries flags. set_compiler_property(PROPERTY security_canaries) set_compiler_property(PROPERTY security_canaries_strong) +set_compiler_property(PROPERTY security_canaries_all) set_compiler_property(PROPERTY security_canaries_explicit) set_compiler_property(PROPERTY security_fortify_compile_time) diff --git a/cmake/compiler/gcc/compiler_flags.cmake b/cmake/compiler/gcc/compiler_flags.cmake index 59ae986915b..e650dd424f3 100644 --- a/cmake/compiler/gcc/compiler_flags.cmake +++ b/cmake/compiler/gcc/compiler_flags.cmake @@ -167,18 +167,21 @@ set_property(TARGET compiler-cpp PROPERTY no_rtti "-fno-rtti") set_compiler_property(PROPERTY coverage -fprofile-arcs -ftest-coverage -fno-inline) # Security canaries. -set_compiler_property(PROPERTY security_canaries -fstack-protector-all) +set_compiler_property(PROPERTY security_canaries -fstack-protector) set_compiler_property(PROPERTY security_canaries_strong -fstack-protector-strong) +set_compiler_property(PROPERTY security_canaries_all -fstack-protector-all) set_compiler_property(PROPERTY security_canaries_explicit -fstack-protector-explicit) # Only a valid option with GCC 7.x and above, so let's do check and set. if(CONFIG_STACK_CANARIES_TLS) check_set_compiler_property(APPEND PROPERTY security_canaries -mstack-protector-guard=tls) check_set_compiler_property(APPEND PROPERTY security_canaries_strong -mstack-protector-guard=tls) + check_set_compiler_property(APPEND PROPERTY security_canaries_all -mstack-protector-guard=tls) check_set_compiler_property(APPEND PROPERTY security_canaries_explicit -mstack-protector-guard=tls) else() check_set_compiler_property(APPEND PROPERTY security_canaries -mstack-protector-guard=global) check_set_compiler_property(APPEND PROPERTY security_canaries_global -mstack-protector-guard=global) + check_set_compiler_property(APPEND PROPERTY security_canaries_all -mstack-protector-guard=global) check_set_compiler_property(APPEND PROPERTY security_canaries_explicit -mstack-protector-guard=global) endif() diff --git a/kernel/Kconfig b/kernel/Kconfig index 2c0cbfce085..36fcf1d821c 100644 --- a/kernel/Kconfig +++ b/kernel/Kconfig @@ -890,12 +890,14 @@ choice will occur at build time. config STACK_CANARIES - bool "Maximum protection available" + bool "Default protection" depends on ENTROPY_GENERATOR || TEST_RANDOM_GENERATOR select NEED_LIBC_MEM_PARTITION if !STACK_CANARIES_TLS select REQUIRES_STACK_CANARIES help - This option enables compiler stack canaries for all functions. + This option enables compiler stack canaries in functions that have + vulnerable objects. Generally this means function that call alloca or + have buffers larger than 8 bytes. config STACK_CANARIES_STRONG bool "Strong protection" @@ -907,6 +909,14 @@ config STACK_CANARIES_STRONG functions that have local array definitiion or have references to local frame addresses. +config STACK_CANARIES_ALL + bool "Maximum protection available" + depends on ENTROPY_GENERATOR || TEST_RANDOM_GENERATOR + select NEED_LIBC_MEM_PARTITION if !STACK_CANARIES_TLS + select REQUIRES_STACK_CANARIES + help + This option enables compiler stack canaries for all functions. + config STACK_CANARIES_EXPLICIT bool "Explicit protection" depends on ENTROPY_GENERATOR || TEST_RANDOM_GENERATOR diff --git a/kernel/compiler_stack_protect.c b/kernel/compiler_stack_protect.c index d48190c6c9e..30da82d4a49 100644 --- a/kernel/compiler_stack_protect.c +++ b/kernel/compiler_stack_protect.c @@ -11,7 +11,7 @@ * This module provides functions to support compiler stack protection * using canaries. This feature is enabled with configuration * CONFIG_STACK_CANARIES=y or CONFIG_STACK_CANARIES_STRONG=y or - * CONFIG_STACK_CANARIES_EXPLICIT=y. + * CONFIG_STACK_CANARIES_ALL=y or CONFIG_STACK_CANARIES_EXPLICIT=y. * * When this feature is enabled, the compiler generated code refers to * function __stack_chk_fail and global variable __stack_chk_guard.