-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sys/spp: randomize canary value on each build #13119
Conversation
9535ee0
to
384cf0a
Compare
+1 in general for making this random, even at compile-time. As is, this renders the CI test cache ineffective. We could disable the random value generation if (This also conflicts the long-term goal of reproducible builds.) |
This variable contains a new random hexadecimal value on each build. As such, it can be utilized by the ssp module as a canary value which is randomized on each new build. This cannot be implemented in the Makefile.include file of the ssp module as this file is included multiple times and would result in a different random value on each include. The variable is set to a hardcoded value when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
384cf0a
to
1070ce5
Compare
f1d13f0
to
1070ce5
Compare
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
1070ce5
to
d3a3ee2
Compare
Revised my implementation. The canary value generation has been moved to Test procedure now looks as follows:
|
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
d3a3ee2
to
225fd65
Compare
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
225fd65
to
eaf323b
Compare
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
eaf323b
to
cd218b3
Compare
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
cd218b3
to
c26de59
Compare
Rewrote I am currently no longer aware of any remaining issues with the changes proposed here, imho this could be merged as is. Let me know if I missed anything. |
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
c26de59
to
109770a
Compare
@kaspar030 I believe I addressed all of your comments. Any chance you could take another look at this? :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK, apart from the missing license.
Looking good now. Thanks! |
This tool generates a random hexadecimal value of a given maximum size. This is useful for generating random canary values during compile-time for the ssp module which currently uses a constant value.
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
109770a
to
dbd5b4a
Compare
Thanks! |
The
Is that a known issue? Because it seems unrelated to this PR. |
yes, unrelated. All other tests passes, I'll re-trigger without running tests. |
This implements the randomization of canary values on each build as mentioned in the comment above the STACK_CHK_GUARD macro. The canary value is generated by the buildsystem and passed to the ssp module using a `-D` compiler flag. The ssp object file, using this canary value, is marked as PHONY to make sure it is rebuild on each make invocation, thereby ensuring that each build uses a new random canary value. Implementing this properly would require generating a cryptographically secure random value on each boot of the RIOT operating system. This is not deemed possible on some constrained devices, e.g. due to lack of hardware random number generators. Besides, RIOT only seems to support a PRNG (random module) currently. While this may be implemented in the future for some devices the changes implemented in this commit may still be used as a fallback then. A hardcoded canary value is used when building software on the CI to not break the CI test cache [1]. [1]: RIOT-OS#13119 (comment)
Contribution description
The optional
ssp
module implements stack smash protections for RIOT. Stack smash protections are a very useful protection mechanisms against issues like #10739 and #12905 (stack-based buffer overflows). Unfortunately, thessp
module currently uses a hardcode canary value which renders it useless for protecting against malicious attackers.The changes proposed here randomize the value on each
make
invocation. Randomization during compile-time was previously mentioned in a comment inssp.c
. On conventional operating systems, random stack canary values are usually generated on program startup. Unfortunately, many constrained devices do not have a hardware random number generator which makes generating cryptographic secure values challenging at run-time.Generating the value at compile-time has various disadvantages, compared to generating it at run-time. For instance, it offers less protections as the canary value does not change at all for a given firmware image which is an issue if a malicious attacker gains access to it once. Nonetheless, I believe that the changes proposed here are an improvement over the hardcode value used currently. If run-time generation is implemented in the future this implementation may still be suitable as a fallback.
@kaspar030, you committed the initial SSP implementation. Any thoughts on the changes proposed here?
Testing procedure
tests/ssp
STACK_CHK_GUARD
macro inriotbuild.h
is different on each build.