Develop a sanitizer backend for RISC-V.
The RISC-V Bare-Metal Sanitizer Integration Project focuses on enhancing the security and robustness of software applications running on RISC-V architectures by incorporating sanitization mechanisms. Key components of this project should include the application of sanitization techniques to RISC-V bare-metal environments, the development of a dedicated sanitizer backend, and seamless integration into GCC.
Key pieces:
-
Application to RISC-V bare-metal.
- The project runs directly on hardware without operating system.
-
Sanitizer backend.
- A dedicated software that implements sanitization mechanisms for detecting various types of software vulnerabilities, such as memory corruption, data races, and undefined behavior.
-
Integration with compiler.
- Integration of the sanitizer into the backend of widely used compilers, specifically GCC. This integration ensures that sanitization processes become an integral part of the compilation pipeline.
-
Demo application for testing.
- A demo application is provided to test effectiveness of the sanitizers. It includes intentionally broken code to trigger various types of vulnerabilities.
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
What things you need to install the software and how to install them
- Intel® Simics® Simulator
- RISC-V GNU Compiler Toolchain
- Install The Simics® simulator, ideally linux distribution Simics Download.
- Create a new project.
- Copy to project's targets the risc-v-baremetal directory.
- Launch it in simics to confirm correct configuration.
-
Get riscv-gnu-toolchain GitHub.
-
Configure the toolchain build options.
./configure --prefix=/opt/riscv --with-cmodel=medany --with-arch=rv64gc --with-abi=lp64
- Build the toolchain.
make -j $(nproc)
-
Recompile snake game example located in
risc-v-baremetal/images/src
(you may remove build options for 32bit binaries). -
Move built binary to the source directory.
-
Launch risc-v-baremetal example again to confirm correct toolchain configuration.
-
Try to add some code to e.g. snake.c file that uses functions from libc, e.g.
malloc()
. -
Test if building the game works.
Remember to add /opt/riscv/bin
to the PATH variable and to set CROSS_PREFIX (used in Makefile) to 'riscv-unknown-elf-' or use export.sh
script to build the application and to move binary file to target location.
To launch the project on risc-v bare-metal platform please follow these instructions:
- Go to the project that contains bare-metal target plaform.
Run:
./simics
Then, in launched simics console, load the target:
simics> load-target target="risc-v-baremetal/bare-metal"
And run it:
simics> r
To close simulation, run:
simics> q
A serial console should open in which you should see output from the application.
-
Simics - The Simics® simulator and Simics® Virtual Platform
-
riscv-gnu-toolchain - RISC-V GNU Compiler Toolchain
- Piotr Baryczkowski - Initial work, documentation - Piotr45
- Paweł Strzelczyk - Initial work, research, documentation - pawelstrzelczyk
- Marcin Strzesak - Testing - MarcinStrzesak
- Maciej Szefliński - Testing - rtzw
This project is licensed under the Apache 2 License - see the LICENSE.md file for details.