mirror of
https://github.com/FreeRTOS/FreeRTOS-Kernel.git
synced 2025-11-05 11:12:27 -05:00
armv8.1-m: Add task dedicated PAC key
To harden the security, each task is assigned a dedicated PAC key, so that attackers needs to guess the all the tasks' PAC keys right to exploit the system using Return Oriented Programming. The kernel is now updated to support the following: * A PAC key set with a random number generated and is pushed onto the task's stack when a task is created. * As part of scheduling, the task's PAC key is stacked/unstacked to/from the task's stack when a task is unscheduled/scheduled from/to run. Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
This commit is contained in:
Ahmed Ismail
parent
c84fc7226e
commit
029545f4ad
63 changed files with 4247 additions and 1292 deletions
|
|
@ -1582,6 +1582,20 @@ void vPortSVCHandler_C( uint32_t * pulCallerStackAddress ) /* PRIVILEGED_FUNCTIO
|
|||
}
|
||||
#endif /* configUSE_MPU_WRAPPERS_V1 == 0 */
|
||||
|
||||
#if ( configENABLE_PAC == 1 )
|
||||
{
|
||||
uint32_t ulTaskPacKey[ 4 ], i;
|
||||
|
||||
vApplicationGenerateTaskRandomPacKey( &( ulTaskPacKey[ 0 ] ) );
|
||||
|
||||
for( i = 0; i < 4; i++ )
|
||||
{
|
||||
xMPUSettings->ulContext[ ulIndex ] = ulTaskPacKey[ i ];
|
||||
ulIndex++;
|
||||
}
|
||||
}
|
||||
#endif /* configENABLE_PAC */
|
||||
|
||||
return &( xMPUSettings->ulContext[ ulIndex ] );
|
||||
}
|
||||
|
||||
|
|
@ -1664,6 +1678,20 @@ void vPortSVCHandler_C( uint32_t * pulCallerStackAddress ) /* PRIVILEGED_FUNCTIO
|
|||
}
|
||||
#endif /* portPRELOAD_REGISTERS */
|
||||
|
||||
#if ( configENABLE_PAC == 1 )
|
||||
{
|
||||
uint32_t ulTaskPacKey[ 4 ], i;
|
||||
|
||||
vApplicationGenerateTaskRandomPacKey( &( ulTaskPacKey[ 0 ] ) );
|
||||
|
||||
for( i = 0; i < 4; i++ )
|
||||
{
|
||||
pxTopOfStack--;
|
||||
*pxTopOfStack = ulTaskPacKey[ i ];
|
||||
}
|
||||
}
|
||||
#endif /* configENABLE_PAC */
|
||||
|
||||
return pxTopOfStack;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
/*
|
||||
* FreeRTOS Kernel <DEVELOPMENT BRANCH>
|
||||
* Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
||||
* Copyright 2024 Arm Limited and/or its affiliates
|
||||
* <open-source-office@arm.com>
|
||||
*
|
||||
* SPDX-License-Identifier: MIT
|
||||
*
|
||||
|
|
@ -125,6 +127,18 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P
|
|||
extern BaseType_t xIsPrivileged( void ) /* __attribute__ (( naked )) */;
|
||||
extern void vResetPrivilege( void ) /* __attribute__ (( naked )) */;
|
||||
#endif /* configENABLE_MPU */
|
||||
|
||||
#if ( configENABLE_PAC == 1 )
|
||||
|
||||
/**
|
||||
* @brief Generates 128-bit task's random PAC key.
|
||||
*
|
||||
* @param[out] pulTaskPacKey Pointer to a 4-word (128-bits) array to be
|
||||
* filled with a 128-bit random number.
|
||||
*/
|
||||
void vApplicationGenerateTaskRandomPacKey( uint32_t * pulTaskPacKey );
|
||||
|
||||
#endif /* configENABLE_PAC */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
/**
|
||||
|
|
@ -223,63 +237,114 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P
|
|||
*/
|
||||
#if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) )
|
||||
|
||||
#if ( configENABLE_TRUSTZONE == 1 )
|
||||
#if ( ( configENABLE_TRUSTZONE == 1 ) && ( configENABLE_PAC == 1 ) )
|
||||
/*
|
||||
* +-----------+---------------+----------+-----------------+------------------------------+------------+-----+
|
||||
* | s16-s31 | s0-s15, FPSCR | r4-r11 | r0-r3, r12, LR, | xSecureContext, PSP, PSPLIM, | TaskPacKey | |
|
||||
* | | | | PC, xPSR | CONTROL, EXC_RETURN | | |
|
||||
* +-----------+---------------+----------+-----------------+------------------------------+------------+-----+
|
||||
*
|
||||
* <-----------><--------------><---------><----------------><-----------------------------><-----------><---->
|
||||
* 16 16 8 8 5 16 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 70
|
||||
|
||||
#elif ( ( configENABLE_TRUSTZONE == 1 ) && ( configENABLE_PAC == 0 ) )
|
||||
|
||||
/*
|
||||
* +-----------+---------------+----------+-----------------+------------------------------+-----+
|
||||
* | s16-s31 | s0-s15, FPSCR | r4-r11 | r0-r3, r12, LR, | xSecureContext, PSP, PSPLIM, | |
|
||||
* | | | | PC, xPSR | CONTROL, EXC_RETURN | |
|
||||
* +-----------+---------------+----------+-----------------+------------------------------+-----+
|
||||
*
|
||||
* <-----------><--------------><---------><----------------><-----------------------------><---->
|
||||
* 16 16 8 8 5 1
|
||||
*/
|
||||
* +-----------+---------------+----------+-----------------+------------------------------+-----+
|
||||
* | s16-s31 | s0-s15, FPSCR | r4-r11 | r0-r3, r12, LR, | xSecureContext, PSP, PSPLIM, | |
|
||||
* | | | | PC, xPSR | CONTROL, EXC_RETURN | |
|
||||
* +-----------+---------------+----------+-----------------+------------------------------+-----+
|
||||
*
|
||||
* <-----------><--------------><---------><----------------><-----------------------------><---->
|
||||
* 16 16 8 8 5 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 54
|
||||
|
||||
#else /* #if( configENABLE_TRUSTZONE == 1 ) */
|
||||
#elif ( ( configENABLE_TRUSTZONE == 0 ) && ( configENABLE_PAC == 1 ) )
|
||||
|
||||
/*
|
||||
* +-----------+---------------+----------+-----------------+----------------------+-----+
|
||||
* | s16-s31 | s0-s15, FPSCR | r4-r11 | r0-r3, r12, LR, | PSP, PSPLIM, CONTROL | |
|
||||
* | | | | PC, xPSR | EXC_RETURN | |
|
||||
* +-----------+---------------+----------+-----------------+----------------------+-----+
|
||||
*
|
||||
* <-----------><--------------><---------><----------------><---------------------><---->
|
||||
* 16 16 8 8 4 1
|
||||
*/
|
||||
* +-----------+---------------+----------+-----------------+----------------------+------------+-----+
|
||||
* | s16-s31 | s0-s15, FPSCR | r4-r11 | r0-r3, r12, LR, | PSP, PSPLIM, CONTROL | TaskPacKey | |
|
||||
* | | | | PC, xPSR | EXC_RETURN | | |
|
||||
* +-----------+---------------+----------+-----------------+----------------------+------------+-----+
|
||||
*
|
||||
* <-----------><--------------><---------><----------------><---------------------><-----------><---->
|
||||
* 16 16 8 8 4 16 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 69
|
||||
|
||||
#else
|
||||
|
||||
/*
|
||||
* +-----------+---------------+----------+-----------------+----------------------+-----+
|
||||
* | s16-s31 | s0-s15, FPSCR | r4-r11 | r0-r3, r12, LR, | PSP, PSPLIM, CONTROL | |
|
||||
* | | | | PC, xPSR | EXC_RETURN | |
|
||||
* +-----------+---------------+----------+-----------------+----------------------+-----+
|
||||
*
|
||||
* <-----------><--------------><---------><----------------><---------------------><---->
|
||||
* 16 16 8 8 4 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 53
|
||||
|
||||
#endif /* #if( configENABLE_TRUSTZONE == 1 ) */
|
||||
#endif /* #if ( ( configENABLE_TRUSTZONE == 1 ) && ( configENABLE_PAC == 1 ) ) */
|
||||
|
||||
#else /* #if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) ) */
|
||||
|
||||
#if ( configENABLE_TRUSTZONE == 1 )
|
||||
#if ( ( configENABLE_TRUSTZONE == 1 ) && ( configENABLE_PAC == 1 ) )
|
||||
|
||||
/*
|
||||
* +----------+-----------------+------------------------------+-----+
|
||||
* | r4-r11 | r0-r3, r12, LR, | xSecureContext, PSP, PSPLIM, | |
|
||||
* | | PC, xPSR | CONTROL, EXC_RETURN | |
|
||||
* +----------+-----------------+------------------------------+-----+
|
||||
*
|
||||
* <---------><----------------><------------------------------><---->
|
||||
* 8 8 5 1
|
||||
*/
|
||||
* +----------+-----------------+------------------------------+------------+-----+
|
||||
* | r4-r11 | r0-r3, r12, LR, | xSecureContext, PSP, PSPLIM, | TaskPacKey | |
|
||||
* | | PC, xPSR | CONTROL, EXC_RETURN | | |
|
||||
* +----------+-----------------+------------------------------+------------+-----+
|
||||
*
|
||||
* <---------><----------------><------------------------------><-----------><---->
|
||||
* 8 8 5 16 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 38
|
||||
|
||||
#elif ( ( configENABLE_TRUSTZONE == 1 ) && ( configENABLE_PAC == 0 ) )
|
||||
|
||||
/*
|
||||
* +----------+-----------------+------------------------------+-----+
|
||||
* | r4-r11 | r0-r3, r12, LR, | xSecureContext, PSP, PSPLIM, | |
|
||||
* | | PC, xPSR | CONTROL, EXC_RETURN | |
|
||||
* +----------+-----------------+------------------------------+-----+
|
||||
*
|
||||
* <---------><----------------><------------------------------><---->
|
||||
* 8 8 5 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 22
|
||||
|
||||
#elif ( ( configENABLE_TRUSTZONE == 0 ) && ( configENABLE_PAC == 1 ) )
|
||||
|
||||
/*
|
||||
* +----------+-----------------+----------------------+------------+-----+
|
||||
* | r4-r11 | r0-r3, r12, LR, | PSP, PSPLIM, CONTROL | TaskPacKey | |
|
||||
* | | PC, xPSR | EXC_RETURN | | |
|
||||
* +----------+-----------------+----------------------+------------+-----+
|
||||
*
|
||||
* <---------><----------------><----------------------><-----------><---->
|
||||
* 8 8 4 16 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 37
|
||||
|
||||
#else /* #if( configENABLE_TRUSTZONE == 1 ) */
|
||||
|
||||
/*
|
||||
* +----------+-----------------+----------------------+-----+
|
||||
* | r4-r11 | r0-r3, r12, LR, | PSP, PSPLIM, CONTROL | |
|
||||
* | | PC, xPSR | EXC_RETURN | |
|
||||
* +----------+-----------------+----------------------+-----+
|
||||
*
|
||||
* <---------><----------------><----------------------><---->
|
||||
* 8 8 4 1
|
||||
*/
|
||||
* +----------+-----------------+----------------------+-----+
|
||||
* | r4-r11 | r0-r3, r12, LR, | PSP, PSPLIM, CONTROL | |
|
||||
* | | PC, xPSR | EXC_RETURN | |
|
||||
* +----------+-----------------+----------------------+-----+
|
||||
*
|
||||
* <---------><----------------><----------------------><---->
|
||||
* 8 8 4 1
|
||||
*/
|
||||
#define MAX_CONTEXT_SIZE 21
|
||||
|
||||
#endif /* #if( configENABLE_TRUSTZONE == 1 ) */
|
||||
#endif /* #if ( ( configENABLE_TRUSTZONE == 1 ) && ( configENABLE_PAC == 1 ) ) */
|
||||
|
||||
#endif /* #if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) ) */
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue