TM4C129ENCPDT: Binary Security and Stack Canaries

Chiranth Murthy

Hi Everyone,

We have used above microcontroller TM4C129ENCPDT with TI RTOS in our device , we had a audit for security and vulnerability check , they have mentioned few points regarding Binary file security and about stack canaries ,

Security audit report :

Headline:

Missing Binary Protections - The firmware executing on the Device has missing binary protections.

"Steps to Reproduce:
1. Identify any function in the firmware disassembly.
2. In a binary with stack protections enabled, at the beginning of every function, a random variable is pushed onto the stack immediately, and compared against a baseline just before the function returns. Note that behavior is absent in the firmware.
* This indicates the absence of Stack Canaries.
3. Identify any subroutine call or long branch instruction.
4. Note that the destination of the jump is a literal within the binary's address space.
* This indicates the absence of PIE."

The above mentioned steps are given by security audit people , how can implement above topics to my code and please provide if there are any links that i can reffer to and implement.

Thanks in advance

Chiranth

over 3 years ago

0 Charles Tsai over 3 years ago

TI__Guru**** 191886 points

Hi Chiranth,

I'm not a security expert but after some research, it seems to me that stack canaries is more a feature that can be enabled on the compiler rather than from the application or TI-RTOS. I will move your post to our compiler experts for comments.

0 Chester Gillon over 3 years ago

Guru 92251 points

Chiranth Murthy said:
We have used above microcontroller TM4C129ENCPDT with TI RTOS in our device

Does your project use the GNU (GCC) or TI ARM compiler?

Found Stack Canaries with GCC: Checking for Stack Overflow at Runtime which describes how to enable Stack Canaries with GCC.

Imported the tcpEcho_EK_TM4C1294XL_GNU example from tirtos_tivac_2_16_01_14 example into CCS 12.1, and selected the "GNU v9.2.1 (Linaro)" compiler installed using the CCS menu Help -> Install GCC ARM Compiler Tools.

In the CCS Project Properties under Build -> GNU Compiler -> Miscellaneous added -fstack-protector-all to the Miscellaneous C source specific flags:

Having added the -fstack-protector-all option, the linker then reported errors that there were undefined references to __stack_chk_fail and __stack_chk_guard, which means the addition of the option was enabling the stack protector.

Adding the following to a source file in the project then enabled the program to link:

unsigned long __stack_chk_guard = 0xDEADBEEF;

void __stack_chk_fail(void) { /* will be called if guard/canary gets corrupted */
  /* Handle error, print error message, stop the target, ... */
  __asm volatile ("cpsie i" : : : "memory"); /* Disable interrupts */
  __asm volatile("bkpt #0"); /* break target */
}

Note:

1. I haven't yet tested that the stack protector, aka Stack Canaries, generated by the GCC compiler works

2. From looking at the TI ARM compiler documentation I can't find mention that Stack Canaries are supported. CCS/TMS570LC4357: stack_overflow_check contains:

Older versions of the ARM compiler had a feature for detecting stack overflow. Support for it ended a number of years ago.

0 Chiranth Murthy over 3 years ago in reply to Chester Gillon

Intellectual 375 points

Hi Chester ,

Thank you so much for your reply , The present code written for TI compiler in TI RTOS , Can you suggest me how to switch to GCC compiler with same code and files, suggest me what to do be done to change the compiler from TI to GCC GNU Lianaro compiler.

Thanks in Advance

0 Chiranth Murthy over 3 years ago in reply to Charles Tsai

Intellectual 375 points

Thanks Charles

0 Alan Phipps over 3 years ago in reply to Chiranth Murthy

TI__Expert 4960 points

Hi Chiranth and Chester,

There is no need to use GCC compiler since the new TI Arm Clang Compiler (which is LLVM-based and effectively replaces the older "TI ARM (armcl)" compiler) supports stack canaries / stack smashing detection. It is documented here:

https://software-dl.ti.com/codegen/docs/tiarmclang/compiler_tools_user_guide/compiler_manual/using_compiler/compiler_options/instrumentation_options.html

Stack Canaries / Stack Smashing is also supported by the TI Arm Clang Compiler, which is LLVM-based. The feature is not supported on the older 'armcl' proprietary compiler.

We provide a migration guide to migrate code from the older compiler to TI Arm Clang:

https://software-dl.ti.com/codegen/docs/tiarmclang/compiler_tools_user_guide/migration_guide/index.html

-Alan

0 Chiranth Murthy over 3 years ago in reply to Alan Phipps

Intellectual 375 points

Hi Alan,

I tried using TI ARM Clang compiler, as i got error saying TI RTOS is not supported by TI ARM CLANG compiler

-chiranth

0 George Mock over 3 years ago in reply to Chiranth Murthy

TI__Guru**** 252480 points

TI-RTOS is tested and documented to work with specific versions of specific compilers. Unfortunately, the TI Arm Clang compiler is not one of those compilers.

Thanks and regards,

-George

0 George Mock over 3 years ago in reply to George Mock

TI__Guru**** 252480 points

My last post is somewhat in error. There is support for some combinations of TI Arm Clang, TI-RTOS, and devices from TI. For instance, please see this FAQ. Note how it does not include the TM4C device discussed in this forum thread.

Thanks and regards,

-George

Arm-based microcontrollers

Arm-based microcontrollers forum

TM4C129ENCPDT: Binary Security and Stack Canaries