[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Minios-devel] [UNIKRAFT PATCH 0/3] lib/uksecurity: Introduce uksecurity library


  • To: "minios-devel@xxxxxxxxxxxxx" <minios-devel@xxxxxxxxxxxxx>
  • From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
  • Date: Tue, 13 Aug 2019 09:54:43 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=stud.acs.upb.ro; dmarc=pass action=none header.from=stud.acs.upb.ro; dkim=pass header.d=stud.acs.upb.ro; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pSbCf9Tg2ycR+E1b3XRTBd8QF3vlAQEM07sNkAMtqsI=; b=erRru1jklKV016Mc67xi2LHxsoR/xnrViG6IhRy2WU0aQg/0WDGn8is5GMU8c6vd+0J60kNDRBUcARtsvUmhluYYvf7x4dDw9pGLYMOieXPPusjk0MoYIRNcbH1MWct8zCFHEhZzc1deEnzYgkmJnvyv+JpDPmR4AKO4W8zyCT0YqwbXimVXflnwWzFB8Jn57iW7VjRLRfOS9MQFfMUUgg90fS81tqfj1Rv6qBKPrS7O8k8kRD6TBfLw2i+BkKRYhoxOBKCp6Do8GkUysry1vsxVCqVtM2sHf9ZCELK0DXCKu//UD3rRnOJQhJ/2wmbdEF89L45biSbzX5pn+lZlrw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fcwe0MVfrGZvEzmf2RzC793FqoYQkIsBPCKdYPlBFnFV1rGYc7h9c+1D3nFfKNwJ8jnN4cLMaAKHiU/00zAo3R4DXK18HEYMY3c60fjRHn6LbW3P/+dy2+qAzNEqWHDbArQcWpHe0mM9SgNf79noMR4MIjIVF0QKEjE0nkAH4HqJDIyeWU8PmYacEg5nkIH2iHpz9tiMTuH3a4zkJ863RbQ6n4nuq4+mS64cFJCIryALiSS37x1b9JCLKxJ6u3P5Ne9bwWRYkVG8juu1uokoeADW0XhECwK4Z7Cug3zaH8nz+UrxVsXKSwYXZ571YWVA21F3hojiy5h4f/1sNN5FZg==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=vlad_andrei.badoiu@xxxxxxxxxxxxxxx;
  • Cc: "felipe.huici@xxxxxxxxx" <felipe.huici@xxxxxxxxx>, "simon.kuenzer@xxxxxxxxx" <simon.kuenzer@xxxxxxxxx>, Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>, "costin.lupu@xxxxxxxxx" <costin.lupu@xxxxxxxxx>
  • Delivery-date: Tue, 13 Aug 2019 09:54:53 +0000
  • List-id: Mini-os development list <minios-devel.lists.xenproject.org>
  • Thread-index: AQHVUb0hNjfpM1uKPkOu6vxphOqvfw==
  • Thread-topic: [UNIKRAFT PATCH 0/3] lib/uksecurity: Introduce uksecurity library

This patch introduces an internal library for security related functionalities.
Currently, we provide a basic implementation of stack smashing protection that
has a global value for all threads. The value is randomly initialized during the
boot. We use the '-fstack-protector-all' due to security concerns. Finally, this
option might help us detect bugs caused by stack overflows.

Vlad-Andrei Badoiu (3):
  lib/uksecurity: Introduce uksecurity library
  build: Add option to toggle the stack protection
  lib/ukboot: Initialize the canary value at boot

 Makefile.uk                                   |  9 ++-
 lib/Config.uk                                 |  1 +
 lib/Makefile.uk                               |  1 +
 lib/ukboot/boot.c                             |  7 +++
 lib/uksecurity/Config.uk                      | 12 ++++
 lib/uksecurity/Makefile.uk                    | 13 +++++
 lib/uksecurity/exportsyms.uk                  |  2 +
 .../include/uksecurity/stackprotector.h       | 58 +++++++++++++++++++
 lib/uksecurity/ssp.c                          | 43 ++++++++++++++
 9 files changed, 144 insertions(+), 2 deletions(-)
 create mode 100644 lib/uksecurity/Config.uk
 create mode 100644 lib/uksecurity/Makefile.uk
 create mode 100644 lib/uksecurity/exportsyms.uk
 create mode 100644 lib/uksecurity/include/uksecurity/stackprotector.h
 create mode 100644 lib/uksecurity/ssp.c

-- 
2.20.1


_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.