Allow qemu users to enable stack protection. Since the virt platform
does not provide an RNG, use a basic, timer-based, canary generation,
similarly to FVP.
Increase SRAM size and BL2 size to fit images when stack protection is
enabled.
Notice that stack protection is not enabled by default in qemu.
Fixes ARM-software/tf-issues#568
Signed-off-by: Michalis Pappas <[email protected]>
#define NS_DRAM0_SIZE 0x3de00000
#define SEC_SRAM_BASE 0x0e000000
-#define SEC_SRAM_SIZE 0x00040000
+#define SEC_SRAM_SIZE 0x00060000
#define SEC_DRAM_BASE 0x0e100000
#define SEC_DRAM_SIZE 0x00f00000
* Put BL2 just below BL3-1. BL2_BASE is calculated using the current BL2 debug
* size plus a little space for growth.
*/
-#define BL2_BASE (BL31_BASE - 0x1D000)
+#define BL2_BASE (BL31_BASE - 0x25000)
#define BL2_LIMIT BL31_BASE
/*
endif
SEPARATE_CODE_AND_RODATA := 1
+ENABLE_STACK_PROTECTOR := 0
+ifneq ($(ENABLE_STACK_PROTECTOR), 0)
+ PLAT_BL_COMMON_SOURCES += plat/qemu/qemu_stack_protector.c
+endif
# Disable the PSCI platform compatibility layer
ENABLE_PLAT_COMPAT := 0
--- /dev/null
+/*
+ * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch_helpers.h>
+#include <platform.h>
+#include <stdint.h>
+
+#define RANDOM_CANARY_VALUE ((u_register_t) 3288484550995823360ULL)
+
+u_register_t plat_get_stack_protector_canary(void)
+{
+ /*
+ * Ideally, a random number should be returned instead of the
+ * combination of a timer's value and a compile-time constant.
+ * As the virt platform does not have any random number generator,
+ * this is better than nothing but not necessarily really secure.
+ */
+ return RANDOM_CANARY_VALUE ^ read_cntpct_el0();
+}
+
projects / project / bcm63xx / atf.git / commitdiff