Support Rust's stack-protector feature (#1135)

* Support Rust's `stack-protector` feature * Update changelogs
2024-02-02 14:56:39 +01:00 · 2024-02-02 14:56:39 +01:00 · c0f9169879
commit c0f9169879
parent a586cb311e
8 changed files with 66 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -19,6 +19,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - ESP32-S3: Added LCD_CAM I8080 driver (#1086)
 - Allow for splitting of the USB Serial JTAG peripheral into tx/rx components (#1024)
 - `RngCore` trait is implemented (#1122)
 - Support Rust's `stack-protector` feature (#1135)
 ### Fixed
--- a/esp-hal/ld/sections/stack.x
+++ b/esp-hal/ld/sections/stack.x
@ -34,3 +34,10 @@ PROVIDE(_stack_start = ORIGIN(RWDATA) + LENGTH(RWDATA));
 PROVIDE(_stack_start_cpu0 = ORIGIN(RWDATA) + LENGTH(RWDATA));
 #ENDIF
 /*
 Provide the stack_guard for `stack-protector`
 Ideally the offset should be configurable - should be done once we have https://github.com/esp-rs/esp-hal/issues/1111
 */
 PROVIDE(__stack_chk_guard = _stack_end + 4096);
--- a/esp-hal/src/lib.rs
+++ b/esp-hal/src/lib.rs
@ -448,3 +448,30 @@ impl<T, const SIZE: usize> FlashSafeDma<T, SIZE> {
        self.inner
    }
 }
 #[cfg(riscv)]
 #[export_name = "hal_main"]
 fn hal_main(a0: usize, a1: usize, a2: usize) -> ! {
    extern "Rust" {
        // This symbol will be provided by the user via `#[entry]`
        fn main(a0: usize, a1: usize, a2: usize) -> !;
    }
    extern "C" {
        static mut __stack_chk_guard: u32;
    }
    unsafe {
        let stack_chk_guard = core::ptr::addr_of_mut!(__stack_chk_guard);
        // we _should_ use a random value but we don't have a good source for random
        // numbers here
        stack_chk_guard.write_volatile(0xdeadbabe);
        main(a0, a1, a2);
    }
 }
 #[export_name = "__stack_chk_fail"]
 unsafe extern "C" fn stack_chk_fail() {
    panic!("Stack corruption detected");
 }
--- a/esp-hal/src/soc/esp32/mod.rs
+++ b/esp-hal/src/soc/esp32/mod.rs
@ -46,6 +46,8 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
        static mut _rtc_slow_bss_end: u32;
        static mut _stack_start_cpu0: u32;
        static mut __stack_chk_guard: u32;
    }
    // set stack pointer to end of memory: no need to retain stack up to this point
@ -58,6 +60,13 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
    xtensa_lx_rt::zero_bss(&mut _rtc_fast_bss_start, &mut _rtc_fast_bss_end);
    xtensa_lx_rt::zero_bss(&mut _rtc_slow_bss_start, &mut _rtc_slow_bss_end);
    unsafe {
        let stack_chk_guard = core::ptr::addr_of_mut!(__stack_chk_guard);
        // we _should_ use a random value but we don't have a good source for random
        // numbers here
        stack_chk_guard.write_volatile(0xdeadbabe);
    }
    // continue with default reset handler
    xtensa_lx_rt::Reset();
 }
--- a/esp-hal/src/soc/esp32s2/mod.rs
+++ b/esp-hal/src/soc/esp32s2/mod.rs
@ -50,6 +50,8 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
        static mut _rtc_slow_bss_end: u32;
        static mut _stack_start_cpu0: u32;
        static mut __stack_chk_guard: u32;
    }
    // set stack pointer to end of memory: no need to retain stack up to this point
@ -62,6 +64,13 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
    xtensa_lx_rt::zero_bss(&mut _rtc_fast_bss_start, &mut _rtc_fast_bss_end);
    xtensa_lx_rt::zero_bss(&mut _rtc_slow_bss_start, &mut _rtc_slow_bss_end);
    unsafe {
        let stack_chk_guard = core::ptr::addr_of_mut!(__stack_chk_guard);
        // we _should_ use a random value but we don't have a good source for random
        // numbers here
        stack_chk_guard.write_volatile(0xdeadbabe);
    }
    // continue with default reset handler
    xtensa_lx_rt::Reset();
 }
--- a/esp-hal/src/soc/esp32s3/mod.rs
+++ b/esp-hal/src/soc/esp32s3/mod.rs
@ -85,6 +85,8 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
        static mut _rtc_slow_bss_end: u32;
        static mut _stack_start_cpu0: u32;
        static mut __stack_chk_guard: u32;
    }
    // set stack pointer to end of memory: no need to retain stack up to this point
@ -97,6 +99,13 @@ pub unsafe extern "C" fn ESP32Reset() -> ! {
    xtensa_lx_rt::zero_bss(&mut _rtc_fast_bss_start, &mut _rtc_fast_bss_end);
    xtensa_lx_rt::zero_bss(&mut _rtc_slow_bss_start, &mut _rtc_slow_bss_end);
    unsafe {
        let stack_chk_guard = core::ptr::addr_of_mut!(__stack_chk_guard);
        // we _should_ use a random value but we don't have a good source for random
        // numbers here
        stack_chk_guard.write_volatile(0xdeadbabe);
    }
    // continue with default reset handler
    xtensa_lx_rt::Reset();
 }
--- a/esp-riscv-rt/CHANGELOG.md
+++ b/esp-riscv-rt/CHANGELOG.md
@ -13,6 +13,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 - `start_rust` calls `hal_main` instead of calling user's `main` directly (#1135)
 ### Removed
 ## 0.6.1 - 2024-01-19
--- a/esp-riscv-rt/src/lib.rs
+++ b/esp-riscv-rt/src/lib.rs
@ -52,8 +52,7 @@ extern "C" {
 #[export_name = "_start_rust"]
 pub unsafe extern "C" fn start_rust(a0: usize, a1: usize, a2: usize) -> ! {
    extern "Rust" {
-        // This symbol will be provided by the user via `#[entry]`
+        fn hal_main(a0: usize, a1: usize, a2: usize) -> !;
        fn main(a0: usize, a1: usize, a2: usize) -> !;
        fn __post_init();
@ -65,7 +64,7 @@ pub unsafe extern "C" fn start_rust(a0: usize, a1: usize, a2: usize) -> ! {
    _setup_interrupts();
-    main(a0, a1, a2);
+    hal_main(a0, a1, a2);
 }
 /// Registers saved in trap handler