diff options
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | boot/Makefile | 2 | ||||
| -rw-r--r-- | boot/load.c | 17 | ||||
| -rw-r--r-- | kernel/features/proc.c | 6 | ||||
| -rw-r--r-- | libc/Makefile | 3 | ||||
| -rw-r--r-- | libc/inc/print.h | 3 | ||||
| -rw-r--r-- | libc/list.c | 3 | ||||
| -rw-r--r-- | libc/mem.c | 4 | ||||
| -rw-r--r-- | libc/print.c | 8 | ||||
| -rw-r--r-- | libc/sanitize.c | 195 | ||||
| -rw-r--r-- | libc/stack.c | 3 | ||||
| -rw-r--r-- | libgui/msg.c | 13 |
12 files changed, 230 insertions, 31 deletions
@@ -2,11 +2,11 @@ CFLAGS_OPTIMIZATION = -finline -finline-functions -Ofast CFLAGS_WARNINGS = -Wall -Wextra -Werror -Wshadow -Wpointer-arith -Wwrite-strings -Wredundant-decls -Wnested-externs -Wformat=2 -Wmissing-declarations -Wstrict-prototypes -Wmissing-prototypes -Wcast-qual -Wswitch-default -Wswitch-enum -Wlogical-op -Wunreachable-code -Wundef -Wold-style-definition -pedantic-errors -CFLAGS_DEFAULT = $(CFLAGS_WARNINGS) $(CFLAGS_OPTIMIZATION) -std=c99 -m32 -nostdlib -nostdinc -fno-builtin -fno-profile-generate -fno-omit-frame-pointer -fno-common -mno-red-zone +CFLAGS_DEFAULT = $(CFLAGS_WARNINGS) $(CFLAGS_OPTIMIZATION) -std=c99 -m32 -nostdlib -nostdinc -fno-builtin -fno-profile-generate -fno-omit-frame-pointer -fno-common -fno-asynchronous-unwind-tables -mno-red-zone all: compile -debug: CFLAGS_DEFAULT += -ggdb3 -s +debug: CFLAGS_DEFAULT += -Wno-error -ggdb3 -s -fstack-protector-all #-fsanitize=undefined debug: compile export diff --git a/boot/Makefile b/boot/Makefile index 6d38ce5..714ec22 100644 --- a/boot/Makefile +++ b/boot/Makefile @@ -5,7 +5,7 @@ LD = ccache ../cross/opt/bin/i686-elf-ld OC = ccache ../cross/opt/bin/i686-elf-objcopy AS = ccache nasm -CFLAGS = $(CFLAGS_DEFAULT) -ffreestanding +CFLAGS = $(CFLAGS_DEFAULT) -ffreestanding -fno-stack-protector -fno-sanitize=undefined ASFLAGS = -f elf32 diff --git a/boot/load.c b/boot/load.c index 69024c0..b243629 100644 --- a/boot/load.c +++ b/boot/load.c @@ -136,7 +136,8 @@ void serial_print(const char *data); int main(void *data) { serial_install(); - heap = 0xf000; + serial_print("Loaded bootloader!\n"); + heap = 0xf00000; void (*entry)(void *); *(void **)(&entry) = read_inode(get_inode(find_inode("kernel.bin", 2))); if (entry) { @@ -329,7 +330,7 @@ void *read_inode(struct inode *in) if (!in) return 0; - int num_blocks = in->blocks / (BLOCK_SIZE / SECTOR_SIZE); + u32 num_blocks = in->blocks / (BLOCK_SIZE / SECTOR_SIZE); //assert(num_blocks != 0); if (!num_blocks) @@ -341,24 +342,20 @@ void *read_inode(struct inode *in) int indirect; int blocknum; - char *data; - for (int i = 0; i < num_blocks; i++) { + for (u32 i = 0; i < num_blocks; i++) { if (i < 12) { blocknum = in->block[i]; - data = buffer_read(blocknum); - memcpy((u32 *)((u32)buf + i * BLOCK_SIZE), data, BLOCK_SIZE); } else if (i < BLOCK_COUNT + 12) { indirect = in->block[12]; blocknum = read_indirect(indirect, i - 12); - data = buffer_read(blocknum); - memcpy((u32 *)((u32)buf + i * BLOCK_SIZE), data, BLOCK_SIZE); } else { indirect = in->block[13]; blocknum = read_indirect(indirect, (i - (BLOCK_COUNT + 12)) / BLOCK_COUNT); blocknum = read_indirect(blocknum, (i - (BLOCK_COUNT + 12)) % BLOCK_COUNT); - data = buffer_read(blocknum); - memcpy((u32 *)((u32)buf + i * BLOCK_SIZE), data, BLOCK_SIZE); } + + char *data = buffer_read(blocknum); + memcpy((u32 *)((u32)buf + i * BLOCK_SIZE), data, BLOCK_SIZE); } return buf; diff --git a/kernel/features/proc.c b/kernel/features/proc.c index 35c0fa7..cdbe8b1 100644 --- a/kernel/features/proc.c +++ b/kernel/features/proc.c @@ -297,8 +297,9 @@ static s32 procfs_write(const char *path, void *buf, u32 offset, u32 count, stru path++; if (!memcmp(path, "msg", 4)) { - // TODO: Messages should be copied by value not by reference - stack_push_bot(p->messages, buf); // TODO: Use offset and count + void *msg_data = malloc(count); + memcpy(msg_data, buf, count); + stack_push_bot(p->messages, msg_data); // TODO: Use offset proc_enable_waiting(pid, PROC_WAIT_MSG); return count; } else if (!memcmp(path, "io/", 3)) { @@ -355,6 +356,7 @@ static s32 procfs_read(const char *path, void *buf, u32 offset, u32 count, struc if (!msg) return -1; memcpy(buf, msg + offset, count); + free(msg); return count; } } else if (!memcmp(path, "io/", 3)) { diff --git a/libc/Makefile b/libc/Makefile index 2d4d1b5..eb79983 100644 --- a/libc/Makefile +++ b/libc/Makefile @@ -1,7 +1,8 @@ # MIT License, Copyright (c) 2020 Marvin Borner # TODO: Remove serial and cpu from libc? -COBJS = str.o \ +COBJS = sanitize.o \ + str.o \ mem.o \ math.o \ conv.o \ diff --git a/libc/inc/print.h b/libc/inc/print.h index f32873a..90a715c 100644 --- a/libc/inc/print.h +++ b/libc/inc/print.h @@ -1,5 +1,4 @@ // MIT License, Copyright (c) 2020 Marvin Borner -// I may (re)move this in the future // TODO #ifndef PRINT_H #define PRINT_H @@ -11,6 +10,7 @@ int vprintf(const char *format, va_list ap); int sprintf(char *str, const char *format, ...); int vsprintf(char *str, const char *format, va_list ap); int print(const char *str); +void panic(const char *format, ...); #ifdef userspace int vfprintf(const char *path, const char *format, va_list ap); @@ -20,7 +20,6 @@ int err(int code, const char *format, ...); #else #include <proc.h> int print_app(enum stream_defaults id, const char *proc_name, const char *str); -void panic(const char *format, ...); #endif #endif diff --git a/libc/list.c b/libc/list.c index f96fb27..cf51e33 100644 --- a/libc/list.c +++ b/libc/list.c @@ -130,6 +130,7 @@ struct list *list_remove(struct list *list, struct node *node) } iterator->prev->next = iterator->next; - iterator->next->prev = iterator->prev; + if (iterator->next) + iterator->next->prev = iterator->prev; return list; } @@ -287,8 +287,8 @@ void heap_init(u32 start) init_region->size = HEAP_INIT_SIZE - OVERHEAD; node_create_foot(init_region); node_add(&heap.bins[bin_index(init_region->size)], init_region); - heap.start = start; - heap.end = start + HEAP_INIT_SIZE; + heap.start = (u32)start; + heap.end = (u32)start + HEAP_INIT_SIZE; } static void *_malloc(u32 size) diff --git a/libc/print.c b/libc/print.c index 6d97599..3f6c1cd 100644 --- a/libc/print.c +++ b/libc/print.c @@ -213,14 +213,18 @@ int print(const char *str) return strlen(str); } +#endif + void panic(const char *format, ...) { va_list ap; va_start(ap, format); +#ifdef kernel vprintf(format, ap); +#else + vfprintf(PATH_ERR, format, ap); +#endif va_end(ap); assert(0); } - -#endif diff --git a/libc/sanitize.c b/libc/sanitize.c new file mode 100644 index 0000000..d4eed01 --- /dev/null +++ b/libc/sanitize.c @@ -0,0 +1,195 @@ +// MIT License, Copyright (c) 2021 Marvin Borner +// Detect stack overflows and other bugs + +#include <def.h> +#include <print.h> + +/** + * Stack protector + */ + +#define STACK_CHK_GUARD 0xdeadbeef + +u32 __stack_chk_guard = STACK_CHK_GUARD; + +void __stack_chk_fail(void); +void __stack_chk_fail(void) +{ + panic("FATAL: Stack smashing detected\n"); +} + +void __stack_chk_fail_local(void); +void __stack_chk_fail_local(void) +{ + panic("FATAL: Local stack smashing detected\n"); +} + +/** + * UBSan + */ + +#define is_aligned(value, alignment) !(value & (alignment - 1)) + +struct source_location { + const char *file; + u32 line; + u32 column; +}; + +struct type_descriptor { + u16 kind; + u16 info; + char name[]; +}; + +struct type_mismatch { + struct source_location location; + struct type_descriptor *type; + u32 alignment; + u8 type_check_kind; +}; + +struct overflow { + struct source_location location; + struct type_descriptor *type; +}; + +struct out_of_bounds { + struct source_location location; + struct type_descriptor *left_type; + struct type_descriptor *right_type; +}; + +void __ubsan_handle_load_invalid_value(void); +void __ubsan_handle_load_invalid_value(void) +{ + panic("UBSAN: load-invalid-value\n"); +} + +void __ubsan_handle_nonnull_arg(void); +void __ubsan_handle_nonnull_arg(void) +{ + panic("UBSAN: nonnull-arg\n"); +} + +void __ubsan_handle_nullability_arg(void); +void __ubsan_handle_nullability_arg(void) +{ + panic("UBSAN: nullability-arg\n"); +} + +void __ubsan_handle_nonnull_return_v1(void); +void __ubsan_handle_nonnull_return_v1(void) +{ + panic("UBSAN: nonnull-return-v1\n"); +} + +void __ubsan_handle_nullability_return_v1(void); +void __ubsan_handle_nullability_return_v1(void) +{ + panic("UBSAN: nullability-return-v1\n"); +} + +void __ubsan_handle_vla_bound_not_positive(void); +void __ubsan_handle_vla_bound_not_positive(void) +{ + panic("UBSAN: vla-bound-not-positive\n"); +} + +void __ubsan_handle_add_overflow(void); +void __ubsan_handle_add_overflow(void) +{ + panic("UBSAN: add-overflow\n"); +} + +void __ubsan_handle_sub_overflow(void); +void __ubsan_handle_sub_overflow(void) +{ + panic("UBSAN: sub-overflow\n"); +} + +void __ubsan_handle_negate_overflow(void); +void __ubsan_handle_negate_overflow(void) +{ + panic("UBSAN: negate-overflow\n"); +} + +void __ubsan_handle_mul_overflow(void); +void __ubsan_handle_mul_overflow(void) +{ + panic("UBSAN: mul-overflow\n"); +} + +void __ubsan_handle_shift_out_of_bounds(void); +void __ubsan_handle_shift_out_of_bounds(void) +{ + panic("UBSAN: shift-out-of-bounds\n"); +} + +void __ubsan_handle_divrem_overflow(struct overflow *data, void *left, void *right); +void __ubsan_handle_divrem_overflow(struct overflow *data, void *left, void *right) +{ + UNUSED(left); + UNUSED(right); + struct source_location *loc = &data->location; + panic("%s:%d: UBSAN: divrem-overflow\n", loc->file, loc->line); +} + +void __ubsan_handle_out_of_bounds(struct out_of_bounds *data, void *value); +void __ubsan_handle_out_of_bounds(struct out_of_bounds *data, void *value) +{ + UNUSED(value); + struct source_location *loc = &data->location; + panic("%s:%d: UBSAN: out-of-bounds\n", loc->file, loc->line); +} + +void __ubsan_handle_type_mismatch_v1(struct type_mismatch *data, u32 ptr); +void __ubsan_handle_type_mismatch_v1(struct type_mismatch *data, u32 ptr) +{ + struct source_location *loc = &data->location; + const char *msg = ""; + if (ptr == 0) { + msg = "Null pointer access"; + } else if (data->alignment != 0 && is_aligned(ptr, data->alignment)) + msg = "Misaligned memory access"; + else + msg = "Insufficient space"; + panic("%s:%d: UBSAN: type-mismatch-v1: %s [type: %s]\n", loc->file, loc->line, msg, + data->type->name); +} + +void __ubsan_handle_alignment_assumption(void); +void __ubsan_handle_alignment_assumption(void) +{ + panic("UBSAN: alignment-assumption\n"); +} + +void __ubsan_handle_builtin_unreachable(void); +void __ubsan_handle_builtin_unreachable(void) +{ + panic("UBSAN: builtin-unreachable\n"); +} + +void __ubsan_handle_missing_return(void); +void __ubsan_handle_missing_return(void) +{ + panic("UBSAN: missing-return\n"); +} + +void __ubsan_handle_implicit_conversion(void); +void __ubsan_handle_implicit_conversion(void) +{ + panic("UBSAN: implicit-conversion\n"); +} + +void __ubsan_handle_invalid_builtin(void); +void __ubsan_handle_invalid_builtin(void) +{ + panic("UBSAN: invalid-builtin\n"); +} + +void __ubsan_handle_pointer_overflow(void); +void __ubsan_handle_pointer_overflow(void) +{ + panic("UBSAN: pointer-overflow\n"); +} diff --git a/libc/stack.c b/libc/stack.c index e86a8c6..0cbb69d 100644 --- a/libc/stack.c +++ b/libc/stack.c @@ -102,7 +102,8 @@ void *stack_pop(struct stack *stack) struct stack_node *prev = stack->tail; - stack->tail->prev->next = NULL; + if (stack->tail->prev) + stack->tail->prev->next = NULL; stack->tail = stack->tail->prev; void *data = prev->data; diff --git a/libgui/msg.c b/libgui/msg.c index 4576a5f..8448e73 100644 --- a/libgui/msg.c +++ b/libgui/msg.c @@ -5,18 +5,17 @@ #include <print.h> #include <sys.h> -static struct message msg_buf = { 0 }; - int msg_send(u32 pid, enum message_type type, void *data) { + struct message msg = { 0 }; assert((signed)pid != -1); char path[32] = { 0 }; sprintf(path, "/proc/%d/msg", pid); - msg_buf.magic = MSG_MAGIC; - msg_buf.src = getpid(); - msg_buf.type = type; - msg_buf.data = data; - return write(path, &msg_buf, 0, sizeof(msg_buf)); + msg.magic = MSG_MAGIC; + msg.src = getpid(); + msg.type = type; + msg.data = data; + return write(path, &msg, 0, sizeof(msg)); } int msg_receive(struct message *msg) |