embed: rework memory layout, enable stack protector

2024-11-13 11:09:01 +00:00 · 2017-10-11 21:15:22 +02:00 · 2017-10-11 21:15:22 +02:00 · 6413c2c23e
commit 6413c2c23e
parent 7117c59ed9
15 changed files with 69 additions and 41 deletions
--- a/28
+++ b/28
@ -28,6 +28,14 @@ endif
 STLINK_VER ?= v2
 OPENOCD = openocd -f interface/stlink-$(STLINK_VER).cfg -c "transport select hla_swd" -f target/stm32f4x.cfg

+BOARDLOADER_START   = 0x08000000
+BOOTLOADER_START    = 0x08020000
+FIRMWARE_START      = 0x08040000
+
+BOARDLOADER_MAXSIZE = 49152
+BOOTLOADER_MAXSIZE  = 131072
+FIRMWARE_MAXSIZE    = 786432
+
 ## help commands:

 help: ## show this help
@ -109,16 +117,16 @@ clean_cross: ## clean mpy-cross build
 flash: flash_boardloader flash_bootloader flash_firmware ## flash everything using OpenOCD

 flash_boardloader: $(BOARDLOADER_BUILD_DIR)/boardloader.bin ## flash boardloader using OpenOCD
-	$(OPENOCD) -c "init; reset halt; flash write_image erase $< 0x08000000; exit"
+	$(OPENOCD) -c "init; reset halt; flash write_image erase $< $(BOARDLOADER_START); exit"

 flash_bootloader: $(BOOTLOADER_BUILD_DIR)/bootloader.bin ## flash bootloader using OpenOCD
-	$(OPENOCD) -c "init; reset halt; flash write_image erase $< 0x08010000; exit"
+	$(OPENOCD) -c "init; reset halt; flash write_image erase $< $(BOOTLOADER_START); exit"

 flash_firmware: $(FIRMWARE_BUILD_DIR)/firmware.bin ## flash firmware using OpenOCD
-	$(OPENOCD) -c "init; reset halt; flash write_image erase $< 0x08020000; exit"
+	$(OPENOCD) -c "init; reset halt; flash write_image erase $< $(FIRMWARE_START); exit"

 flash_combine: $(FIRMWARE_BUILD_DIR)/combined.bin ## flash combined using OpenOCD
-	$(OPENOCD) -c "init; reset halt; flash write_image erase $< 0x08000000; exit"
+	$(OPENOCD) -c "init; reset halt; flash write_image erase $< $(BOARDLOADER_START); exit"

 flash_erase: ## erase all sectors in flash bank 0
 	$(OPENOCD) -c "init; reset halt; flash info 0; flash erase_sector 0 0 last; flash erase_check 0; exit"
@ -159,13 +167,13 @@ bloaty: ## run bloaty size profiler
 	bloaty -d compileunits -n 0 -s file $(FIRMWARE_BUILD_DIR)/firmware.elf | less

 sizecheck: ## check sizes of binary files
-	test 32768 -ge $(shell stat -c%s $(BOARDLOADER_BUILD_DIR)/boardloader.bin)
-	test 65536 -ge $(shell stat -c%s $(BOOTLOADER_BUILD_DIR)/bootloader.bin)
-	test 917504 -ge $(shell stat -c%s $(FIRMWARE_BUILD_DIR)/firmware.bin)
+	test $(BOARDLOADER_MAXSIZE) -ge $(shell stat -c%s $(BOARDLOADER_BUILD_DIR)/boardloader.bin)
+	test $(BOOTLOADER_MAXSIZE) -ge $(shell stat -c%s $(BOOTLOADER_BUILD_DIR)/bootloader.bin)
+	test $(FIRMWARE_MAXSIZE) -ge $(shell stat -c%s $(FIRMWARE_BUILD_DIR)/firmware.bin)

 combine: ## combine boardloader + bootloader + firmware into one combined image
 	./tools/combine_firmware \
-		0x08000000 $(BOARDLOADER_BUILD_DIR)/boardloader.bin \
-		0x08010000 $(BOOTLOADER_BUILD_DIR)/bootloader.bin \
-		0x08020000 $(FIRMWARE_BUILD_DIR)/firmware.bin \
+		$(BOARDLOADER_START) $(BOARDLOADER_BUILD_DIR)/boardloader.bin \
+		$(BOOTLOADER_START) $(BOOTLOADER_BUILD_DIR)/bootloader.bin \
+		$(FIRMWARE_START) $(FIRMWARE_BUILD_DIR)/firmware.bin \
 		> $(FIRMWARE_BUILD_DIR)/combined.bin \
--- a/SConscript.boardloader
+++ b/SConscript.boardloader
@ -105,6 +105,7 @@ env.Replace(
    '-std=gnu99 -Wall -Werror -Wdouble-promotion -Wpointer-arith '
    '-mthumb -mtune=cortex-m4 -mcpu=cortex-m4 -mfpu=fpv4-sp-d16 -mfloat-abi=hard '
    '-fsingle-precision-constant -fdata-sections -ffunction-sections ' +
+    '-fstack-protector-all ' +
    CCFLAGS_MOD,
    CCFLAGS_QSTR='-DNO_QSTR -DN_X64 -DN_X86 -DN_THUMB',
    LINKFLAGS='-nostdlib -T embed/boardloader/memory.ld --gc-sections',
--- a/SConscript.bootloader
+++ b/SConscript.bootloader
@ -93,6 +93,7 @@ SOURCE_TREZORHAL = [
    'embed/trezorhal/image.c',
    'embed/trezorhal/flash.c',
    'embed/trezorhal/mini_printf.c',
+    'embed/trezorhal/rng.c',
    'embed/trezorhal/stm32.c',
    'embed/trezorhal/touch.c',
    'embed/trezorhal/usb.c',
@ -122,6 +123,7 @@ env.Replace(
    '-std=gnu99 -Wall -Werror -Wdouble-promotion -Wpointer-arith '
    '-mthumb -mtune=cortex-m4 -mcpu=cortex-m4 -mfpu=fpv4-sp-d16 -mfloat-abi=hard '
    '-fsingle-precision-constant -fdata-sections -ffunction-sections ' +
+    '-fstack-protector-all ' +
    CCFLAGS_MOD,
    CCFLAGS_QSTR='-DNO_QSTR -DN_X64 -DN_X86 -DN_THUMB',
    LINKFLAGS='-nostdlib -T embed/bootloader/memory.ld --gc-sections',
--- a/SConscript.firmware
+++ b/SConscript.firmware
@ -324,6 +324,7 @@ env.Replace(
    '-std=gnu99 -Wall -Werror -Wdouble-promotion -Wpointer-arith '
    '-mthumb -mtune=cortex-m4 -mcpu=cortex-m4 -mfpu=fpv4-sp-d16 -mfloat-abi=hard '
    '-fsingle-precision-constant -fdata-sections -ffunction-sections ' +
+    '-fstack-protector-all ' +
    CCFLAGS_MOD,
    CCFLAGS_QSTR='-DNO_QSTR -DN_X64 -DN_X86 -DN_THUMB',
    CCFLAGS_OPT='-O3',
--- a/docs/memory.md
+++ b/docs/memory.md
@ -6,16 +6,29 @@
 |-----------|-------------------------|--------:|----------------------
 | Sector  0 | 0x08000000 - 0x08003FFF |  16 KiB | boardloader (1st stage) (write-protected)
 | Sector  1 | 0x08004000 - 0x08007FFF |  16 KiB | boardloader (1st stage) (write-protected)
-| Sector  2 | 0x08008000 - 0x0800BFFF |  16 KiB | storage area
-| Sector  3 | 0x0800C000 - 0x0800FFFF |  16 KiB | storage area
-| Sector  4 | 0x08010000 - 0x0801FFFF |  64 KiB | bootloader (2nd stage)
-| Sector  5 | 0x08020000 - 0x0803FFFF | 128 KiB | firmware
+| Sector  2 | 0x08008000 - 0x0800BFFF |  16 KiB | boardloader (1st stage) (write-protected)
+| Sector  3 | 0x0800C000 - 0x0800FFFF |  16 KiB | ?
+| Sector  4 | 0x08010000 - 0x0801FFFF |  64 KiB | storage area #1
+| Sector  5 | 0x08020000 - 0x0803FFFF | 128 KiB | boardloader (2nd stage)
 | Sector  6 | 0x08040000 - 0x0805FFFF | 128 KiB | firmware
 | Sector  7 | 0x08060000 - 0x0807FFFF | 128 KiB | firmware
 | Sector  8 | 0x08080000 - 0x0809FFFF | 128 KiB | firmware
 | Sector  9 | 0x080A0000 - 0x080BFFFF | 128 KiB | firmware
 | Sector 10 | 0x080C0000 - 0x080DFFFF | 128 KiB | firmware
 | Sector 11 | 0x080E0000 - 0x080FFFFF | 128 KiB | firmware
+|-----------|-------------------------|--------:|----------------------
+| Sector 12 | 0x08100000 - 0x08103FFF |  16 KiB | ?
+| Sector 13 | 0x08104000 - 0x08107FFF |  16 KiB | ?
+| Sector 14 | 0x08108000 - 0x0810BFFF |  16 KiB | ?
+| Sector 15 | 0x0810C000 - 0x0810FFFF |  16 KiB | ?
+| Sector 16 | 0x08110000 - 0x0811FFFF |  64 KiB | storage area #2
+| Sector 17 | 0x08120000 - 0x0813FFFF | 128 KiB | ?
+| Sector 18 | 0x08140000 - 0x0815FFFF | 128 KiB | ?
+| Sector 19 | 0x08160000 - 0x0817FFFF | 128 KiB | ?
+| Sector 20 | 0x08180000 - 0x0819FFFF | 128 KiB | ?
+| Sector 21 | 0x081A0000 - 0x081BFFFF | 128 KiB | ?
+| Sector 22 | 0x081C0000 - 0x081DFFFF | 128 KiB | ?
+| Sector 23 | 0x081E0000 - 0x081FFFFF | 128 KiB | ?

 ## RAM

--- a/embed/boardloader/main.c
+++ b/embed/boardloader/main.c
@ -4,6 +4,7 @@
 #include "display.h"
 #include "image.h"
 #include "flash.h"
+#include "rng.h"
 #include "sdcard.h"
 #include "version.h"

@ -143,6 +144,8 @@ void check_and_jump(void)

 int main(void)
 {
+    __stack_chk_guard = rng_get();
+
    clear_peripheral_local_memory();
    periph_init();

--- a/embed/boardloader/memory.ld
+++ b/embed/boardloader/memory.ld
@ -3,7 +3,7 @@
 ENTRY(reset_handler)

 MEMORY {
-  FLASH  (rx)  : ORIGIN = 0x08000000, LENGTH = 32K
+  FLASH  (rx)  : ORIGIN = 0x08000000, LENGTH = 48K
  CCMRAM (wal) : ORIGIN = 0x10000000, LENGTH = 64K
  SRAM   (wal) : ORIGIN = 0x20000000, LENGTH = 128K
 }
--- a/embed/bootloader/main.c
+++ b/embed/bootloader/main.c
@ -6,6 +6,7 @@
 #include "display.h"
 #include "image.h"
 #include "flash.h"
+#include "rng.h"
 #include "touch.h"
 #include "usb.h"
 #include "version.h"
@ -16,7 +17,8 @@
 #define IMAGE_MAGIC   0x465A5254 // TRZF
 #define IMAGE_MAXSIZE (7 * 128 * 1024)

-void pendsv_isr_handler(void) {
+void pendsv_isr_handler(void)
+{
    __fatal_error("pendsv", __FILE__, __LINE__, __FUNCTION__);
 }

@ -193,6 +195,8 @@ void mainloop(void)

 int main(void)
 {
+    __stack_chk_guard = rng_get();
+
    periph_init();

    display_pwm_init();
--- a/embed/bootloader/memory.ld
+++ b/embed/bootloader/memory.ld
@ -3,7 +3,7 @@
 ENTRY(reset_handler)

 MEMORY {
-  FLASH  (rx)  : ORIGIN = 0x08010000, LENGTH = 64K
+  FLASH  (rx)  : ORIGIN = 0x08020000, LENGTH = 128K
  CCMRAM (wal) : ORIGIN = 0x10000000, LENGTH = 64K
  SRAM   (wal) : ORIGIN = 0x20000000, LENGTH = 128K
 }
--- a/embed/extmod/modtrezorconfig/norcow_config.h
+++ b/embed/extmod/modtrezorconfig/norcow_config.h
@ -2,8 +2,8 @@

 #define NORCOW_STM32 1

-#define NORCOW_START_SECTOR  2
-#define NORCOW_START_ADDRESS 0x08008000
+#define NORCOW_SECTORS   {4, 16}
+#define NORCOW_ADDRESSES {0x08010000, 0x08110000}

 #elif defined TREZOR_UNIX

--- a/embed/firmware/main.c
+++ b/embed/firmware/main.c
@ -21,30 +21,17 @@
 #include "sdcard.h"
 #include "touch.h"

-bool firmware_standalone(void)
+int main(void)
 {
-    // linker script defined symbol -- reference 3.5.5 in GNU linker manual
-    extern const uint32_t _flash_start;
-    return &_flash_start == ((uint32_t *) 0x0800000);
-}
-
-int main(void) {
-
-    if (firmware_standalone()) {
-        SystemInit();
-    }
+    __stack_chk_guard = rng_get();

    periph_init();

    pendsv_init();

-    if (firmware_standalone()) {
-        display_init();
-    } else {
-        display_pwm_init();
-        display_orientation(0);
-        display_backlight(255);
-    }
+    display_pwm_init();
+    display_orientation(0);
+    display_backlight(255);

    if (0 != flash_init()) {
        __fatal_error("flash_init", __FILE__, __LINE__, __FUNCTION__);
--- a/embed/firmware/memory.ld
+++ b/embed/firmware/memory.ld
@ -3,7 +3,7 @@
 ENTRY(reset_handler)

 MEMORY {
-  FLASH  (rx)  : ORIGIN = 0x08020000, LENGTH = 896K
+  FLASH  (rx)  : ORIGIN = 0x08040000, LENGTH = 768K
  CCMRAM (wal) : ORIGIN = 0x10000000, LENGTH = 64K
  SRAM   (wal) : ORIGIN = 0x20000000, LENGTH = 128K
 }
--- a/embed/trezorhal/common.c
+++ b/embed/trezorhal/common.c
@ -19,6 +19,13 @@ void __attribute__((noreturn)) __fatal_error(const char *msg, const char *file,
    for (;;);
 }

+uint32_t __stack_chk_guard;
+
+void __attribute__((noreturn)) __stack_chk_fail(void)
+{
+    __fatal_error("Stack smashing detected.", NULL, 0, NULL);
+}
+
 #ifndef NDEBUG
 void __assert_func(const char *file, int line, const char *func, const char *expr) {
    display_printf("\nassert(%s)\n", expr);
--- a/embed/trezorhal/common.h
+++ b/embed/trezorhal/common.h
@ -4,8 +4,8 @@
 #include <stdint.h>

 #define BOARDLOADER_START  0x08000000
-#define BOOTLOADER_START   0x08010000
-#define FIRMWARE_START     0x08020000
+#define BOOTLOADER_START   0x08020000
+#define FIRMWARE_START     0x08040000
 #define HEADER_SIZE        0x200

 extern void memset_reg(volatile void *start, volatile void *stop, uint32_t val);
@ -20,4 +20,6 @@ void jump_to(uint32_t address);

 void hal_delay(uint32_t ms);

+extern uint32_t __stack_chk_guard;
+
 #endif
--- a/vendor/norcow
+++ b/vendor/norcow
@ -1 +1 @@
-Subproject commit 8d2843aeb58f8fd0fc5162a11d5be1e2575776ca
+Subproject commit 56f11a3d6c8c77d4ecb82e1a55d3003263ef2a72