Protect the kernel with Stack Smashing Protection

cpp.mk

@@ -18,6 +18,10 @@ CPP_FLAGS_16=$(COMMON_CPP_FLAGS) $(CPP_FLAGS_LOW) -mregparm=3 -mpreferred-stack-
 CPP_FLAGS_32=$(COMMON_CPP_FLAGS) $(CPP_FLAGS_LOW) -mpreferred-stack-boundary=4
 CPP_FLAGS_64=$(COMMON_CPP_FLAGS) -mpreferred-stack-boundary=4 $(ENABLE_SSE_FLAGS) $(DISABLE_AVX_FLAGS)
 
+KERNEL_CPP_FLAGS_64=$(CPP_FLAGS_64)
+
+KERNEL_CPP_FLAGS_64 += -fstack-protector
+
 COMMON_LINK_FLAGS=-lgcc
 
 KERNEL_LINK_FLAGS=$(COMMON_LINK_FLAGS) -T linker.ld

kernel/Makefile

@@ -43,28 +43,28 @@ src/%.s.o: src/%.s
 	$(AS) -g -c $< -o $@
 
 src/%.cpp.d: $(KERNEL_CPP_FILES)
-	@ $(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/$*.cpp.o src/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
+	@ $(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/$*.cpp.o src/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
 
 src/drivers/%.cpp.d: $(KERNEL_CPP_DRIVERS_FILES)
-	@ $(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/drivers/$*.cpp.o src/drivers/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
+	@ $(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/drivers/$*.cpp.o src/drivers/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
 
 src/fs/%.cpp.d: $(KERNEL_CPP_FS_FILES)
-	@ $(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/fs/$*.cpp.o src/fs/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
+	@ $(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/fs/$*.cpp.o src/fs/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
 
 src/vfs/%.cpp.d: $(KERNEL_CPP_VFS_FILES)
-	@ $(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/vfs/$*.cpp.o src/vfs/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
+	@ $(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -MM -MT src/vfs/$*.cpp.o src/vfs/$*.cpp | sed -e 's@^\(.*\)\.o:@\1.d \1.o:@' > $@
 
 src/%.cpp.o:
-	$(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
+	$(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
 
 src/drivers/%.cpp.o:
-	$(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
+	$(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
 
 src/vfs/%.cpp.o:
-	$(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
+	$(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
 
 src/fs/%.cpp.o:
-	$(CC) $(CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
+	$(CC) $(KERNEL_CPP_FLAGS_64) $(THOR_FLAGS) $(WARNING_FLAGS) -c $< -o $@
 
 -include $(KERNEL_D_FILES)
 -include $(KERNEL_D_DRIVERS_FILES)
@@ -72,7 +72,7 @@ src/fs/%.cpp.o:
 -include $(KERNEL_D_FS_FILES)
 
 kernel.bin: $(LINK_O_FILES)
-	$(CC) $(KERNEL_LINK_FLAGS) $(CPP_FLAGS_64) -o kernel.bin.o $(LINK_O_FILES)
+	$(CC) $(KERNEL_LINK_FLAGS) $(KERNEL_CPP_FLAGS_64) -o kernel.bin.o $(LINK_O_FILES)
 	$(OC) -R .note -R .comment -O binary --set-section-flags .bss=alloc,load,contents kernel.bin.o kernel.bin
 
 clean:

kernel/include/thor.hpp

@@ -31,6 +31,6 @@ struct atexit_func_entry_t {
 int __cxa_atexit(void (*f)(void *), void *objptr, void *dso);
 void __cxa_finalize(void *f);
 
-}
+} // end of extern "C"
 
 #endif

kernel/src/thor.cpp

@@ -7,6 +7,9 @@
 
 #include "thor.hpp"
 #include "kalloc.hpp"
+#include "scheduler.hpp"
+#include "logging.hpp"
+#include "console.hpp"
 
 void* operator new(uint64_t size){
     return kalloc::k_malloc(size);
@@ -64,4 +67,18 @@ void __cxa_finalize(void *f){
     }
 }
 
+#define STACK_CHK_GUARD 0x595e9fbd94fda766
+
+uintptr_t __stack_chk_guard = STACK_CHK_GUARD;
+
+#define double_printf(...) \
+    logging::logf(logging::log_level::ERROR, __VA_ARGS__); \
+    printf(__VA_ARGS__);
+
+__attribute__((noreturn)) void __stack_chk_fail(){
+    double_printf("Stack smashing detected \n");
+    double_printf("pid=%u\n", scheduler::get_pid());
+    asm volatile("hlt" : : );
+}
+
 }