Add cc1120 random number generator and stack smashing protection (#297)

Cathouwu · Navtajh04 · web-flow · commit f96e844c130c · 2025-02-09T01:02:04.000-05:00
# Purpose Created a number generator function from the c1120 to generate a stack canary for stack overflow protection: https://www.notion.so/uworbital/6375c5c5dcf1485e8a6c47f18d419ae5?v=72baf90d01f643b09d77418bd3f53b14&p=02e40c1185bb439d93fd92288137edcc&pm=s # New Changes - Added a random number generator function in the cc1120 file. - Modified state_mgr to initialize peripherals and cc1120. Changed stack guard after cc1120 is initialized. # Testing - Tested that the cc1120 can generate random numbers - Tested that the stack canary in app_main is updated with the random number. Stack canaries generated (generated after every reboot: ) ![image](https://github.com/user-attachments/assets/0b1fc378-5ae2-4f17-8e1d-c1110319a67f) # Outstanding Changes - n/a --------- Co-authored-by: Navtajhundal <87790825+Navtajh04@users.noreply.github.com>
diff --git a/obc/app/app_main.c b/obc/app/app_main.c
@@ -19,10 +19,11 @@
 #include <het.h>
 
 // This is the stack canary. It should never be overwritten.
-// Ideally, it would be a random value, but we don't have a good source of entropy
-// that we can use.
+
 void *__stack_chk_guard = (void *)0xDEADBEEF;
 
+uint32_t __stack_chk_guard_init(void);
+
 void __stack_chk_fail(void) { resetSystem(RESET_REASON_STACK_CHECK_FAIL); }
 
 int main(void) {
@@ -33,7 +34,6 @@ int main(void) {
   spiInit();
   canInit();
   hetInit();
-
   _enable_interrupt_();
 
   // Initialize bus mutexes
diff --git a/obc/app/drivers/cc1120/cc1120.c b/obc/app/drivers/cc1120/cc1120.c
@@ -11,6 +11,8 @@
 #define CHIP_READY 0
 #define CHIP_STATE 0b1110000
 
+#define CC1120_RND_CONFIG 0x80
+
 static const register_setting_t cc1120SettingsStd[] = {
     // Set GPIO 0 to RXFIFO_THR_PKT
     {CC1120_REGS_IOCFG0, 0x01U},
@@ -52,14 +54,27 @@ static const register_setting_t cc1120SettingsStd[] = {
     {CC1120_REGS_PA_CFG0, 0x7DU},
     {CC1120_REGS_PKT_LEN, 0x0CU}};
 
-static const register_setting_t cc1120SettingsExt[] = {
-    {CC1120_REGS_EXT_IF_MIX_CFG, 0x00U}, {CC1120_REGS_EXT_FREQOFF_CFG, 0x34U}, {CC1120_REGS_EXT_FREQ2, 0x6CU},
-    {CC1120_REGS_EXT_FREQ1, 0x7AU},      {CC1120_REGS_EXT_FREQ0, 0xE1U},       {CC1120_REGS_EXT_FS_DIG1, 0x00U},
-    {CC1120_REGS_EXT_FS_DIG0, 0x5FU},    {CC1120_REGS_EXT_FS_CAL1, 0x40U},     {CC1120_REGS_EXT_FS_CAL0, 0x0EU},
-    {CC1120_REGS_EXT_FS_DIVTWO, 0x03U},  {CC1120_REGS_EXT_FS_DSM0, 0x33U},     {CC1120_REGS_EXT_FS_DVC0, 0x17U},
-    {CC1120_REGS_EXT_FS_PFD, 0x50U},     {CC1120_REGS_EXT_FS_PRE, 0x6EU},      {CC1120_REGS_EXT_FS_REG_DIV_CML, 0x14U},
-    {CC1120_REGS_EXT_FS_SPARE, 0xACU},   {CC1120_REGS_EXT_FS_VCO0, 0xB4U},     {CC1120_REGS_EXT_XOSC5, 0x0EU},
-    {CC1120_REGS_EXT_XOSC1, 0x03U},      {CC1120_REGS_EXT_TOC_CFG, 0x89U}};
+static const register_setting_t cc1120SettingsExt[] = {{CC1120_REGS_EXT_IF_MIX_CFG, 0x00U},
+                                                       {CC1120_REGS_EXT_FREQOFF_CFG, 0x34U},
+                                                       {CC1120_REGS_EXT_FREQ2, 0x6CU},
+                                                       {CC1120_REGS_EXT_FREQ1, 0x7AU},
+                                                       {CC1120_REGS_EXT_FREQ0, 0xE1U},
+                                                       {CC1120_REGS_EXT_FS_DIG1, 0x00U},
+                                                       {CC1120_REGS_EXT_FS_DIG0, 0x5FU},
+                                                       {CC1120_REGS_EXT_FS_CAL1, 0x40U},
+                                                       {CC1120_REGS_EXT_FS_CAL0, 0x0EU},
+                                                       {CC1120_REGS_EXT_FS_DIVTWO, 0x03U},
+                                                       {CC1120_REGS_EXT_FS_DSM0, 0x33U},
+                                                       {CC1120_REGS_EXT_FS_DVC0, 0x17U},
+                                                       {CC1120_REGS_EXT_FS_PFD, 0x50U},
+                                                       {CC1120_REGS_EXT_FS_PRE, 0x6EU},
+                                                       {CC1120_REGS_EXT_FS_REG_DIV_CML, 0x14U},
+                                                       {CC1120_REGS_EXT_FS_SPARE, 0xACU},
+                                                       {CC1120_REGS_EXT_FS_VCO0, 0xB4U},
+                                                       {CC1120_REGS_EXT_XOSC5, 0x0EU},
+                                                       {CC1120_REGS_EXT_XOSC1, 0x03U},
+                                                       {CC1120_REGS_EXT_TOC_CFG, 0x89U},
+                                                       {CC1120_REGS_EXT_RNDGEN, CC1120_RND_CONFIG}};
 
 /**
  * @brief - Reads from consecutive registers from the CC1120.
@@ -445,3 +460,17 @@ obc_error_code_t cc1120GetBytesInRxFifo(uint8_t *numBytes) {
   RETURN_IF_ERROR_CODE(cc1120ReadExtAddrSpi(CC1120_REGS_EXT_NUM_RXBYTES, numBytes, 1));
   return OBC_ERR_CODE_SUCCESS;
 }
+
+obc_error_code_t cc1120Rng(uint8_t *randomValue) {
+  obc_error_code_t errCode;
+  uint8_t receivedData;
+  if (randomValue == NULL) {
+    return OBC_ERR_CODE_INVALID_ARG;
+  }
+  RETURN_IF_ERROR_CODE(cc1120StrobeSpi(CC1120_STROBE_SRX));
+  RETURN_IF_ERROR_CODE(cc1120ReadExtAddrSpi(CC1120_REGS_EXT_RNDGEN, randomValue, 1));
+  RETURN_IF_ERROR_CODE(cc1120ReadFifo(&receivedData, 1));
+  (*randomValue) &= ~(1 << 7);
+  (*randomValue) ^= receivedData;
+  return OBC_ERR_CODE_SUCCESS;
+}
diff --git a/obc/app/drivers/cc1120/cc1120.h b/obc/app/drivers/cc1120/cc1120.h
@@ -171,3 +171,12 @@ obc_error_code_t cc1120GetState(cc1120_state_t *stateNum);
  * @return obc_error_code_t - Whether or not the setup was a success
  */
 obc_error_code_t cc1120Init(void);
+
+/**
+ * @brief Returns a random number generated by CC1120
+ * #Check section 3.2 RNDGEN for more information
+ *
+ * @param randomValue- A pointer to an 8-bit integer to store the random value in
+ * @return obc_error_code_t - Whether or not the register read was successful
+ */
+obc_error_code_t cc1120Rng(uint8_t *randomValue);
diff --git a/obc/app/modules/comms_link_mgr/comms_manager.c b/obc/app/modules/comms_link_mgr/comms_manager.c
@@ -295,9 +295,6 @@ void obcTaskFunctionCommsMgr(void *pvParameters) {
 
   initAllCc1120TxRxSemaphores();
 
-#ifdef CONFIG_CC1120
-  LOG_IF_ERROR_CODE(cc1120Init());
-#endif  // CONFIG_CC1120
   while (1) {
     comms_event_t queueMsg;
 
diff --git a/obc/app/modules/state_mgr/state_mgr.c b/obc/app/modules/state_mgr/state_mgr.c
@@ -1,6 +1,5 @@
 #include "state_mgr.h"
 #include "comms_manager.h"  // for comms_state_t
-
 #include "obc_board_config.h"
 #include "obc_errors.h"
 #include "obc_logging.h"
@@ -10,6 +9,9 @@
 
 #include "fm25v20a.h"
 #include "lm75bd.h"  // TODO: Handle within thermal manager
+#include "cc1120_txrx.h"
+#include "cc1120.h"
+#include "arducam.h"
 
 #include <FreeRTOS.h>
 #include <os_portmacro.h>
@@ -21,6 +23,9 @@
 #include <gio.h>
 #endif
 
+extern void *__stack_chk_guard;
+#define STACK_CANARY_BYTES 4
+
 /* Supervisor queue config */
 #define STATE_MGR_QUEUE_LENGTH 10U
 #define STATE_MGR_QUEUE_ITEM_SIZE sizeof(state_mgr_event_t)
@@ -59,6 +64,27 @@ obc_error_code_t sendToStateMgrEventQueue(state_mgr_event_t *event) {
 
 static void sendStartupMessages(void) {}
 
+uint32_t stack_chk_guard_change(void) {
+  obc_error_code_t errCode;
+  uint32_t newStackGuard = 0;
+  for (uint8_t i = 0; i < STACK_CANARY_BYTES; i++) {
+    uint8_t randomByte;
+    LOG_IF_ERROR_CODE(cc1120Rng(&randomByte));
+    if (errCode == OBC_ERR_CODE_SUCCESS) {
+      (newStackGuard) = (newStackGuard << 8) | randomByte;
+    } else {
+      return 0xDEADBEEF;
+    }
+  }
+  return newStackGuard;
+}
+
+static inline void __attribute__((no_stack_protector)) construct_stk_chk_guard() {
+  if (__stack_chk_guard == (void *)0xDEADBEEF) {
+    __stack_chk_guard = (void *)stack_chk_guard_change();
+  }
+}
+
 void obcTaskFunctionStateMgr(void *pvParameters) {
   obc_error_code_t errCode;
 
@@ -75,6 +101,12 @@ void obcTaskFunctionStateMgr(void *pvParameters) {
 #ifdef CONFIG_DS3232
   LOG_IF_ERROR_CODE(initTime());  // RTC
 #endif                            // CONFIG_DS3232
+#ifdef CONFIG_CC1120
+  LOG_IF_ERROR_CODE(cc1120Init());
+  construct_stk_chk_guard();
+#endif
+
+  // TODO add other peripherals
 
   lm75bd_config_t config = {
       .devAddr = LM75BD_OBC_I2C_ADDR,
diff --git a/obc/app/sys/obc_errors.h b/obc/app/sys/obc_errors.h
@@ -24,6 +24,7 @@ typedef enum {
   OBC_ERR_CODE_FAILED_PACK = 16,
   OBC_ERR_CODE_INVALID_STATE_TRANSITION = 17,
   OBC_ERR_CODE_FREERTOS_ASSERT_FAIL = 18,
+  OBC_ERR_CODE_FAILED_STACK_CANARY = 19,
 
   /* Driver Errors 100 - 199*/
   OBC_ERR_CODE_SPI_FAILURE = 100,
@@ -191,4 +192,5 @@ typedef enum {
 
   /** Operation is not supported. */
   OBC_ERR_CODE_RED_ENOTSUPP = 1524,
+
 } obc_error_code_t;
