enable stack protector

Dockerfile

@@ -6,14 +6,9 @@ FROM ubuntu:14.04
 
 RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE324A81C208C89497EFC6246D1D8367A3421AFB && echo "deb http://ppa.launchpad.net/terry.guo/gcc-arm-embedded/ubuntu trusty main" >> /etc/apt/sources.list && apt-get update
 
-# define used versions for pinning
-
-ENV GCC_ARM_VERSION    4-8-2014q2-0trusty10
-ENV LIBOPENCM3_GITREV  f6b6d62ec5628ebb0602c466ee9fd7a6070ef1f0
-ENV TREZOR_MCU_GITREV  v1.2.0
-
 # install build tools and dependencies
 
+ENV GCC_ARM_VERSION 4-8-2014q2-0trusty10
 RUN apt-get install -y build-essential git gcc-arm-none-eabi=$GCC_ARM_VERSION python
 
 # clone the source code
@@ -22,8 +17,10 @@ RUN git clone https://github.com/libopencm3/libopencm3 && git clone https://gith
 
 # build libopencm3
 
+ENV LIBOPENCM3_GITREV f6b6d62ec5628ebb0602c466ee9fd7a6070ef1f0
 RUN cd libopencm3 && git checkout $LIBOPENCM3_GITREV && make
 
 # build the firmware
 
+ENV TREZOR_MCU_GITREV v1.2.1
 RUN cd trezor-mcu && git checkout $TREZOR_MCU_GITREV && git submodule update --init && make && cd firmware && make

Makefile.include

@@ -35,6 +35,7 @@ CFLAGS   += $(OPTFLAGS) \
             -fvisibility=internal \
             -ffunction-sections \
             -fdata-sections \
+            -fstack-protector-all \
             -mcpu=cortex-m3 \
             -mthumb \
             -msoft-float \

firmware/Makefile

@@ -2,7 +2,6 @@ APPVER = 1.0.0
 
 NAME  = trezor
 
-OBJS += ssp.o
 OBJS += usb.o
 OBJS += messages.o
 OBJS += storage.o

firmware/ssp.c

@@ -1,40 +0,0 @@
-/*
- * This file is part of the TREZOR project.
- *
- * Copyright (C) 2014 Pavol Rusnak <stick@satoshilabs.com>
- *
- * This library is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this library.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "ssp.h"
-#include "rng.h"
-#include "layout.h"
-
-void *__stack_chk_guard = 0;
-
-void __stack_chk_guard_setup(void)
-{
-	unsigned char * p;
-	p = (unsigned char *) &__stack_chk_guard;
-	p[0] = 0;
-	p[1] = 0;
-	p[2] = '\n';
-	p[3] = 0xFF; // random32() & 0xFF;
-}
-
-void __attribute__((noreturn)) __stack_chk_fail(void)
-{
-	layoutDialog(DIALOG_ICON_ERROR, NULL, NULL, NULL, "Stack smashing", "detected.", NULL, "Please unplug", "the device.", NULL);
-	for (;;) {} // loop forever
-}

firmware/ssp.h

@@ -1,26 +0,0 @@
-/*
- * This file is part of the TREZOR project.
- *
- * Copyright (C) 2014 Pavol Rusnak <stick@satoshilabs.com>
- *
- * This library is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this library.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef __SSP_H_
-#define __SSP_H_
-
-void __stack_chk_guard_setup(void);
-void __attribute__((noreturn)) __stack_chk_fail(void);
-
-#endif

firmware/storage.c

@@ -63,12 +63,15 @@ static char sessionPassphrase[51];
  0x0010 |  ?          |  Storage structure
  */
 
-#define STORAGE_VERSION 1
+#define STORAGE_VERSION 2
 
 void storage_from_flash(uint32_t version)
 {
 	switch (version) {
-		case 1:
+		case 1: // copy
+			memcpy(&storage, (void *)(FLASH_STORAGE_START + 4 + sizeof(storage_uuid)), sizeof(Storage));
+			break;
+		case 2: // copy
 			memcpy(&storage, (void *)(FLASH_STORAGE_START + 4 + sizeof(storage_uuid)), sizeof(Storage));
 			break;
 	}

firmware/transaction.c

@@ -246,7 +246,7 @@ void tx_init(TxStruct *tx, uint32_t inputs_len, uint32_t outputs_len, uint32_t v
 
 bool tx_hash_input(TxStruct *t, TxInputType *input)
 {
-	uint8_t buf[512];
+	uint8_t buf[1024];
 	uint32_t r = tx_serialize_input(t, input->prev_hash.bytes, input->prev_index, input->script_sig.bytes, input->script_sig.size, input->sequence, buf);
 	if (!r) return false;
 	sha256_Update(&(t->ctx), buf, r);
@@ -255,7 +255,7 @@ bool tx_hash_input(TxStruct *t, TxInputType *input)
 
 bool tx_hash_output(TxStruct *t, TxOutputBinType *output)
 {
-	uint8_t buf[512];
+	uint8_t buf[1024];
 	uint32_t r = tx_serialize_output(t, output->amount, output->script_pubkey.bytes, output->script_pubkey.size, buf);
 	if (!r) return false;
 	sha256_Update(&(t->ctx), buf, r);

firmware/trezor.c

@@ -24,18 +24,27 @@
 #include "usb.h"
 #include "setup.h"
 #include "storage.h"
+#include "layout.h"
 #include "layout2.h"
-#include "ssp.h"
+#include "rng.h"
+
+uint32_t __stack_chk_guard;
+
+void __attribute__((noreturn)) __stack_chk_fail(void)
+{
+	layoutDialog(DIALOG_ICON_ERROR, NULL, NULL, NULL, "Stack smashing", "detected.", NULL, "Please unplug", "the device.", NULL);
+	for (;;) {} // loop forever
+}
 
 int main(void)
 {
+	__stack_chk_guard = random32();
 #ifndef APPVER
 	setup();
 	oledInit();
 #else
 	setupApp();
 #endif
-//	__stack_chk_guard_setup();
 #if DEBUG_LINK
 	oledSetDebug(1);
 	storage_reset(); // wipe storage if debug link

firmware/trezor.h

@@ -22,7 +22,7 @@
 
 #define VERSION_MAJOR 1
 #define VERSION_MINOR 2
-#define VERSION_PATCH 0
+#define VERSION_PATCH 1
 
 #define STR(X) #X
 #define VERSTR(X) STR(X)

serialno.c

@@ -20,27 +20,17 @@
 #include <stdint.h>
 #include <string.h>
 
+#include <libopencm3/stm32/desig.h>
+
 #include "serialno.h"
 #include "util.h"
 #include "sha2.h"
 
-#if defined(STM32F4) || defined(STM32F2)
-#define UNIQUE_SERIAL_ADDR 0x1FFF7A10
-#elif defined(STM32F3)
-#define UNIQUE_SERIAL_ADDR 0x1FFFF7AC
-#elif defined(STM32L1)
-#define UNIQUE_SERIAL_ADDR 0x1FF80050
-#else // STM32F1
-#define UNIQUE_SERIAL_ADDR 0x1FFFF7E8
-#endif
-
 void fill_serialno_fixed(char *s)
 {
 	uint8_t uuid[32];
-	memcpy(uuid, (uint8_t *)UNIQUE_SERIAL_ADDR, 12);
+	desig_get_unique_id((uint32_t *)uuid);
-	memcpy(uuid + 12, (uint8_t *)UNIQUE_SERIAL_ADDR, 12);
+	sha256_Raw(uuid, 12, uuid);
-	memcpy(uuid + 24, (uint8_t *)UNIQUE_SERIAL_ADDR, 8);
-	sha256_Raw(uuid, 32, uuid);
 	sha256_Raw(uuid, 32, uuid);
 	data2hex(uuid, 12, s);
 }