mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 15:38:11 +00:00
enable stack protector
This commit is contained in:
parent
a2eb43b057
commit
524f2a957a
@ -6,14 +6,9 @@ FROM ubuntu:14.04
|
||||
|
||||
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE324A81C208C89497EFC6246D1D8367A3421AFB && echo "deb http://ppa.launchpad.net/terry.guo/gcc-arm-embedded/ubuntu trusty main" >> /etc/apt/sources.list && apt-get update
|
||||
|
||||
# define used versions for pinning
|
||||
|
||||
ENV GCC_ARM_VERSION 4-8-2014q2-0trusty10
|
||||
ENV LIBOPENCM3_GITREV f6b6d62ec5628ebb0602c466ee9fd7a6070ef1f0
|
||||
ENV TREZOR_MCU_GITREV v1.2.0
|
||||
|
||||
# install build tools and dependencies
|
||||
|
||||
ENV GCC_ARM_VERSION 4-8-2014q2-0trusty10
|
||||
RUN apt-get install -y build-essential git gcc-arm-none-eabi=$GCC_ARM_VERSION python
|
||||
|
||||
# clone the source code
|
||||
@ -22,8 +17,10 @@ RUN git clone https://github.com/libopencm3/libopencm3 && git clone https://gith
|
||||
|
||||
# build libopencm3
|
||||
|
||||
ENV LIBOPENCM3_GITREV f6b6d62ec5628ebb0602c466ee9fd7a6070ef1f0
|
||||
RUN cd libopencm3 && git checkout $LIBOPENCM3_GITREV && make
|
||||
|
||||
# build the firmware
|
||||
|
||||
ENV TREZOR_MCU_GITREV v1.2.1
|
||||
RUN cd trezor-mcu && git checkout $TREZOR_MCU_GITREV && git submodule update --init && make && cd firmware && make
|
||||
|
@ -35,6 +35,7 @@ CFLAGS += $(OPTFLAGS) \
|
||||
-fvisibility=internal \
|
||||
-ffunction-sections \
|
||||
-fdata-sections \
|
||||
-fstack-protector-all \
|
||||
-mcpu=cortex-m3 \
|
||||
-mthumb \
|
||||
-msoft-float \
|
||||
|
@ -2,7 +2,6 @@ APPVER = 1.0.0
|
||||
|
||||
NAME = trezor
|
||||
|
||||
OBJS += ssp.o
|
||||
OBJS += usb.o
|
||||
OBJS += messages.o
|
||||
OBJS += storage.o
|
||||
|
@ -1,40 +0,0 @@
|
||||
/*
|
||||
* This file is part of the TREZOR project.
|
||||
*
|
||||
* Copyright (C) 2014 Pavol Rusnak <stick@satoshilabs.com>
|
||||
*
|
||||
* This library is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include "ssp.h"
|
||||
#include "rng.h"
|
||||
#include "layout.h"
|
||||
|
||||
void *__stack_chk_guard = 0;
|
||||
|
||||
void __stack_chk_guard_setup(void)
|
||||
{
|
||||
unsigned char * p;
|
||||
p = (unsigned char *) &__stack_chk_guard;
|
||||
p[0] = 0;
|
||||
p[1] = 0;
|
||||
p[2] = '\n';
|
||||
p[3] = 0xFF; // random32() & 0xFF;
|
||||
}
|
||||
|
||||
void __attribute__((noreturn)) __stack_chk_fail(void)
|
||||
{
|
||||
layoutDialog(DIALOG_ICON_ERROR, NULL, NULL, NULL, "Stack smashing", "detected.", NULL, "Please unplug", "the device.", NULL);
|
||||
for (;;) {} // loop forever
|
||||
}
|
@ -1,26 +0,0 @@
|
||||
/*
|
||||
* This file is part of the TREZOR project.
|
||||
*
|
||||
* Copyright (C) 2014 Pavol Rusnak <stick@satoshilabs.com>
|
||||
*
|
||||
* This library is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef __SSP_H_
|
||||
#define __SSP_H_
|
||||
|
||||
void __stack_chk_guard_setup(void);
|
||||
void __attribute__((noreturn)) __stack_chk_fail(void);
|
||||
|
||||
#endif
|
@ -63,12 +63,15 @@ static char sessionPassphrase[51];
|
||||
0x0010 | ? | Storage structure
|
||||
*/
|
||||
|
||||
#define STORAGE_VERSION 1
|
||||
#define STORAGE_VERSION 2
|
||||
|
||||
void storage_from_flash(uint32_t version)
|
||||
{
|
||||
switch (version) {
|
||||
case 1:
|
||||
case 1: // copy
|
||||
memcpy(&storage, (void *)(FLASH_STORAGE_START + 4 + sizeof(storage_uuid)), sizeof(Storage));
|
||||
break;
|
||||
case 2: // copy
|
||||
memcpy(&storage, (void *)(FLASH_STORAGE_START + 4 + sizeof(storage_uuid)), sizeof(Storage));
|
||||
break;
|
||||
}
|
||||
|
@ -246,7 +246,7 @@ void tx_init(TxStruct *tx, uint32_t inputs_len, uint32_t outputs_len, uint32_t v
|
||||
|
||||
bool tx_hash_input(TxStruct *t, TxInputType *input)
|
||||
{
|
||||
uint8_t buf[512];
|
||||
uint8_t buf[1024];
|
||||
uint32_t r = tx_serialize_input(t, input->prev_hash.bytes, input->prev_index, input->script_sig.bytes, input->script_sig.size, input->sequence, buf);
|
||||
if (!r) return false;
|
||||
sha256_Update(&(t->ctx), buf, r);
|
||||
@ -255,7 +255,7 @@ bool tx_hash_input(TxStruct *t, TxInputType *input)
|
||||
|
||||
bool tx_hash_output(TxStruct *t, TxOutputBinType *output)
|
||||
{
|
||||
uint8_t buf[512];
|
||||
uint8_t buf[1024];
|
||||
uint32_t r = tx_serialize_output(t, output->amount, output->script_pubkey.bytes, output->script_pubkey.size, buf);
|
||||
if (!r) return false;
|
||||
sha256_Update(&(t->ctx), buf, r);
|
||||
|
@ -24,18 +24,27 @@
|
||||
#include "usb.h"
|
||||
#include "setup.h"
|
||||
#include "storage.h"
|
||||
#include "layout.h"
|
||||
#include "layout2.h"
|
||||
#include "ssp.h"
|
||||
#include "rng.h"
|
||||
|
||||
uint32_t __stack_chk_guard;
|
||||
|
||||
void __attribute__((noreturn)) __stack_chk_fail(void)
|
||||
{
|
||||
layoutDialog(DIALOG_ICON_ERROR, NULL, NULL, NULL, "Stack smashing", "detected.", NULL, "Please unplug", "the device.", NULL);
|
||||
for (;;) {} // loop forever
|
||||
}
|
||||
|
||||
int main(void)
|
||||
{
|
||||
__stack_chk_guard = random32();
|
||||
#ifndef APPVER
|
||||
setup();
|
||||
oledInit();
|
||||
#else
|
||||
setupApp();
|
||||
#endif
|
||||
// __stack_chk_guard_setup();
|
||||
#if DEBUG_LINK
|
||||
oledSetDebug(1);
|
||||
storage_reset(); // wipe storage if debug link
|
||||
|
@ -22,7 +22,7 @@
|
||||
|
||||
#define VERSION_MAJOR 1
|
||||
#define VERSION_MINOR 2
|
||||
#define VERSION_PATCH 0
|
||||
#define VERSION_PATCH 1
|
||||
|
||||
#define STR(X) #X
|
||||
#define VERSTR(X) STR(X)
|
||||
|
18
serialno.c
18
serialno.c
@ -20,27 +20,17 @@
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <libopencm3/stm32/desig.h>
|
||||
|
||||
#include "serialno.h"
|
||||
#include "util.h"
|
||||
#include "sha2.h"
|
||||
|
||||
#if defined(STM32F4) || defined(STM32F2)
|
||||
#define UNIQUE_SERIAL_ADDR 0x1FFF7A10
|
||||
#elif defined(STM32F3)
|
||||
#define UNIQUE_SERIAL_ADDR 0x1FFFF7AC
|
||||
#elif defined(STM32L1)
|
||||
#define UNIQUE_SERIAL_ADDR 0x1FF80050
|
||||
#else // STM32F1
|
||||
#define UNIQUE_SERIAL_ADDR 0x1FFFF7E8
|
||||
#endif
|
||||
|
||||
void fill_serialno_fixed(char *s)
|
||||
{
|
||||
uint8_t uuid[32];
|
||||
memcpy(uuid, (uint8_t *)UNIQUE_SERIAL_ADDR, 12);
|
||||
memcpy(uuid + 12, (uint8_t *)UNIQUE_SERIAL_ADDR, 12);
|
||||
memcpy(uuid + 24, (uint8_t *)UNIQUE_SERIAL_ADDR, 8);
|
||||
sha256_Raw(uuid, 32, uuid);
|
||||
desig_get_unique_id((uint32_t *)uuid);
|
||||
sha256_Raw(uuid, 12, uuid);
|
||||
sha256_Raw(uuid, 32, uuid);
|
||||
data2hex(uuid, 12, s);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user