@@ -18,6 +18,9 @@ mod eh_unwinding {
1818#[ cfg( not( test) ) ]
1919mod c_compat {
2020 use crate :: os:: xous:: ffi:: exit;
21+ use crate :: sync:: atomic:: { AtomicU32 , Ordering } ;
22+ use crate :: os:: xous:: services:: trng_u32;
23+
2124 unsafe extern "C" {
2225 fn main ( ) -> u32 ;
2326 }
@@ -28,14 +31,18 @@ mod c_compat {
2831 }
2932
3033 #[ unsafe( no_mangle) ]
31- pub extern "C" fn _start ( _eh_frame : usize , params_address : usize ) {
34+ pub extern "C" fn _start ( _eh_frame : usize , params_address : usize , rnd_seed : usize ) {
35+ println ! ( "_start called with eh_frame = 0x{:08x}, params_address = 0x{:08x}, rnd_seed = {:08x}" , _eh_frame, params_address, rnd_seed) ;
36+
3237 #[ cfg( feature = "panic_unwind" ) ]
3338 {
3439 // TODO
3540 // unsafe { super::eh_unwinding::EH_FRAME_ADDRESS = eh_frame };
3641 // unwind::set_custom_eh_frame_finder(&super::eh_unwinding::EH_FRAME_SETTINGS).ok();
3742 }
3843
44+ init_stack_guard ( rnd_seed) ;
45+
3946 if params_address != 0 {
4047 let params_address = crate :: ptr:: with_exposed_provenance_mut :: < u8 > ( params_address) ;
4148 if unsafe {
@@ -46,6 +53,27 @@ mod c_compat {
4653 }
4754 exit ( unsafe { main ( ) } ) ;
4855 }
56+
57+ /// Stack protection canary
58+ #[ unsafe( no_mangle) ]
59+ pub static __stack_chk_guard: AtomicU32 = AtomicU32 :: new ( 0 ) ;
60+
61+ /// Called by compiler-generated epilogues on mismatch.
62+ #[ unsafe( no_mangle) ]
63+ pub extern "C" fn __stack_chk_fail ( ) -> ! {
64+ exit ( 1337 )
65+ }
66+
67+ #[ unsafe( no_mangle) ]
68+ pub extern "C" fn __stack_chk_fail_local ( ) -> ! {
69+ __stack_chk_fail ( )
70+ }
71+
72+ pub fn init_stack_guard ( rnd_seed : u32 ) {
73+ // Ensure at least one 0 byte to reduce certain string-overflow exploits
74+ let canary = rnd_seed & 0xFFFF_FF00 ;
75+ __stack_chk_guard. store ( canary, Ordering :: Relaxed ) ;
76+ }
4977}
5078
5179pub fn errno ( ) -> i32 {
0 commit comments