xref: /freebsd/sys/kern/stack_protector.c (revision 3b2324c3a800d7599f348c408f01908d0cef05a0) 
1 #include <sys/cdefs.h>
2 __FBSDID("$FreeBSD$");
3 
4 #include <sys/types.h>
5 #include <sys/param.h>
6 #include <sys/kernel.h>
7 #include <sys/random.h>
8 #include <sys/sysctl.h>
9 #include <sys/systm.h>
10 #include <sys/libkern.h>
11 
12 long __stack_chk_guard[8] = {};
13 void __stack_chk_fail(void);
14 
15 /*
16  * XXX This default is unsafe!!!  We intend to change it after resolving issues
17  * with early entropy in the installer; some kinds of systems that do not use
18  * loader(8), such as riscv, aarch64, and power; and perhaps others that I am
19  * forgetting off the top of my head.
20  */
21 static bool permit_nonrandom_cookies = true;
22 
23 SYSCTL_NODE(_security, OID_AUTO, stack_protect, CTLFLAG_RW, 0,
24     "-fstack-protect support");
25 SYSCTL_BOOL(_security_stack_protect, OID_AUTO, permit_nonrandom_cookies,
26     CTLFLAG_RDTUN, &permit_nonrandom_cookies, 0,
27     "Allow stack guard to be used without real random cookies");
28 
29 void
30 __stack_chk_fail(void)
31 {
32 
33 	panic("stack overflow detected; backtrace may be corrupted");
34 }
35 
36 static void
37 __stack_chk_init(void *dummy __unused)
38 {
39 	size_t i;
40 	long guard[nitems(__stack_chk_guard)];
41 
42 	if (is_random_seeded()) {
43 		arc4rand(guard, sizeof(guard), 0);
44 		for (i = 0; i < nitems(guard); i++)
45 			__stack_chk_guard[i] = guard[i];
46 		return;
47 	}
48 
49 	if (permit_nonrandom_cookies) {
50 		printf("%s: WARNING: Initializing stack protection with "
51 		    "non-random cookies!\n", __func__);
52 		printf("%s: WARNING: This severely limits the benefit of "
53 		    "-fstack-protector!\n", __func__);
54 
55 		/*
56 		 * The emperor is naked, but I rolled some dice and at least
57 		 * these values aren't zero.
58 		 */
59 		__stack_chk_guard[0] = (long)0xe7318d5959af899full;
60 		__stack_chk_guard[1] = (long)0x35a9481c089348bfull;
61 		__stack_chk_guard[2] = (long)0xde657fdc04117255ull;
62 		__stack_chk_guard[3] = (long)0x0dd44c61c22e4a6bull;
63 		__stack_chk_guard[4] = (long)0x0a5869a354edb0a5ull;
64 		__stack_chk_guard[5] = (long)0x05cebfed255b5232ull;
65 		__stack_chk_guard[6] = (long)0x270ffac137c4c72full;
66 		__stack_chk_guard[7] = (long)0xd8141a789bad478dull;
67 		_Static_assert(nitems(__stack_chk_guard) == 8,
68 		    "__stack_chk_guard doesn't have 8 items");
69 		return;
70 	}
71 
72 	panic("%s: cannot initialize stack cookies because random device is "
73 	    "not yet seeded", __func__);
74 }
75 SYSINIT(stack_chk, SI_SUB_RANDOM, SI_ORDER_ANY, __stack_chk_init, NULL);
76