diff options
author | Jerome Forissier <jerome.forissier@linaro.org> | 2018-12-20 13:54:23 +0100 |
---|---|---|
committer | Jérôme Forissier <jerome.forissier@linaro.org> | 2019-03-20 09:13:10 +0100 |
commit | 7dfff1313980949048b53ac81a09781c26cb3a4d (patch) | |
tree | 25bb66fced9fc3aa111d85af23a65de8fd42bfba /mk/config.mk | |
parent | 0a8fec75369e11f5305e115645584d085c4efe40 (diff) |
core: user_ta: implement ASLR for TAs
Introduces CFG_TA_ASLR to enable Address Space Layout Randomization of
Trusted Applications. ASLR makes the exploitation of memory corruption
vulnerabilities harder.
The feature is disabled by default except for the configurations I
could test (QEMU and HiKey960).
When CFG_TA_ASLR=y, the stack and subsequent ELF file(s) needed by the
TA are mapped into the user VA space with a random offset comprised
between CFG_TA_ASLR_MIN_OFFSET_PAGES and CFG_TA_ASLR_MAX_OFFSET_PAGES
pages (that is between 0 and 128 pages by default).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, HiKey960)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Diffstat (limited to 'mk/config.mk')
-rw-r--r-- | mk/config.mk | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/mk/config.mk b/mk/config.mk index 96365456..fca8d6ea 100644 --- a/mk/config.mk +++ b/mk/config.mk @@ -205,6 +205,20 @@ CFG_WITH_USER_TA ?= y # By default, in-tree TAs are built using the first architecture specified in # $(ta-targets). +# Address Space Layout Randomization for user-mode Trusted Applications +# +# When this flag is enabled, the ELF loader will introduce a random offset +# when mapping the application in user space. ASLR makes the exploitation of +# memory corruption vulnerabilities more difficult. +CFG_TA_ASLR ?= n + +# How much ASLR may shift the base address (in pages). The base address is +# randomly shifted by an integer number of pages comprised between these two +# values. Bigger ranges are more secure because they make the addresses harder +# to guess at the expense of using more memory for the page tables. +CFG_TA_ASLR_MIN_OFFSET_PAGES ?= 0 +CFG_TA_ASLR_MAX_OFFSET_PAGES ?= 128 + # Load user TAs from the REE filesystem via tee-supplicant CFG_REE_FS_TA ?= y |