This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM62L: Some Security Question For ASLR/DEP/Stack Protection

Part Number: AM62L

Hello Expert.

These question from customer and target device is AM62L, I need your double confirm.

Q1 : Does AM62L support Address Space Layout Randomization (ASLR) ?

Q2 : Does AM62L support Data Execution Prevention (DEP) ?

Q3 : Does AM62L support Stack protection?

Q4 : How to FW upgrade For WolfSSL?

 

About Q1,

There are two concept to enable ASLR. Linux kernel 2.6.12+ already support "Address Space Layout Randomization", linux control device node (seeting) is under (/proc/sys/kernel/randomize_va_space). Our kernel version is 6.12.x, so our SW platform can support ASLR. by the way, recommand customer use some programming which support "auto memory management", example like C#, Java, Ruby  rather than C/C++

 

About Q2,

As far as I know, DEP was also support by Linux kernel 2.6.12+ . Base on HW point of view, Do we have HW support for DEP?

 

About Q3,

I think this is C-cross compiler problem (GCC), as far as I know, GCC 4.9+ already support this feature. Our BSP alreay upgrade to GCC 9.2x, so I think this should be not issues. Ref, https://lwn.net/Articles/584225/

 

About Q4,

I have no experence to implement WolfSSL on AM62x. But I think this open source is portable W/O any HW dependency, isn't? I guess it should be only replace some files (library,header file ... etc) in Linux rootfs for WolfSSL FW upgrade. isn't?

 

If I miss anything, thans your comment & suggestion

Thank You.

 

Gibbs

  • Hello, 

    Any comment?

    Thank You Very Much

    Gibbs

  • Hi Gibbs,

    The methods listed in your post are the general techniques to harden the security system design, but not TI Linux SDK specifics. I’d recommend the customer explore and investigate the various approaches as listed and beyond themself based upon their security requirements.

    Best,

    -Hong

  • Hi Hong, 

    This is WNC SW Jerry.

    From our understanding for stack protection, stack protection is typically enabled via compiler options (e.g. -fstack-protector-strong) and supported by GCC. Since the AM62L SDK uses GCC 9.x, this feature should be available from a toolchain perspective.

    To ensure correct implementation, could you please help confirm:

    1. Whether there are any recommended compiler flags or TI SDK configurations to enable stack protection?
    2. Whether there are any TI reference configurations or best practices for enabling stack protection in AM62L Linux SDK?
    3. If there are any known limitations or considerations (e.g. performance impact, compatibility issues) when enabling stack protection on this platform?

    This will help us ensure proper implementation and alignment with our security requirements.

    Thanks


    BR
    Jerry

  • Hello Jerry 

    Hong is out of office today, so please expect a response tomorrow or day after. 

    Regards

    Mukul 

  • Thanks Hong & Mukul

    Jerry is my customer.

    Share some knowledge what I know (search) about your question before Hong returns

    About Q1/Q2.

    It is trade off between performance & security requriments, there is no standard answer.

    Here are some usage scenario.

    1. Stack Canaries (Buffer Overflow Protection)
    - Enabled with -fstack-protector flags
    - Options:
    - -fstack-protector: Protects functions with local arrays or calls
    - -fstack-protector-all: Protects all functions
    - -fstack-protector-strong: Protects more functions than default (recommended)
    - -fstack-protector-explicit: Only protects functions with __attribute__((stack_protect_all))

    2. Stack Clash Protection
    - -fstack-clash-protection: Prevents stack clash attacks by probing stack pages

    3. Return-Oriented Programming (ROP) Protection
    - -fcf-protection: Control flow integrity (requires CPU support, Intel CET/ARM BTI)

    Example Usage

    # Compile with stack protection
    gcc -fstack-protector-strong -o myprogram myprogram.c

    # Compile with all protections
    gcc -fstack-protector-all -fstack-clash-protection -o myprogram myprogram.c

    # Check if binary was compiled with protections
    readelf -l myprogram | grep STACK

    so you can combine many build flags to support stack protection.

    About Q3 : 

    Performance Overhead

    - Canary insertion/checking adds CPU cycles on function entry/exit
    - Can be 1-3% overhead for typical applications
    - Higher overhead in functions with many stack variables
    - Critical for performance-sensitive code (real-time systems, tight loops)

    Memory Overhead

    - Each function adds canary storage on stack (typically 8 bytes)
    - Accumulates in deep call stacks
    - Problematic for embedded systems with limited RAM

    When you enable stack protection, it may be reduce a little bit "real time performance" your application code. 

    But base on your application, it think you may not have much concern about real time.

    Many Thanks

    Gibbs 

  • Hi Jerry,
    "CONFIG_STACKPROTECTOR_STRONG=y" is currently configured in the kernel ".config" file in AM62Lx Linux SDK.
    It is user's choice to select & re-configure the stack protection option to mitigate against stack buffer overflow attacks as necessary per user's security requirements.
    Best,
    -Hong