From 3636c45aa0ef70cfe907c5a8443708dbedfe4655 Mon Sep 17 00:00:00 2001 From: Taylor Beebe Date: Sat, 10 Feb 2024 12:36:32 -0800 Subject: [PATCH] Swap Out Stack Cookie Libraries with New Versions Description This update replaces StackCheckLib with StackCheckLibStaticInit and StackCheckLibDynamicInit. The new libraries have GCC support for ARM, AARCH64, IA32 and X64 builds. The libraries have MSVC support for IA32 and X64 builds. This update also removes the stack cookie library definitions from MdeLibs.dsc.inc due to GCC build issues when the instanced versions are used during CI builds. The instanced versions will need to be explicitly added to the platform DSC files, and this is acceptable because platforms will likely want to mix and match the static and dynamic versions of the library for each module type. - [x] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [x] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... How This Was Tested Tested on MSVC and GCC builds of Q35 and a GCC build of SBSA by purposefully corrupting the stack. Integration Instructions Platforms which used MdeLibs.dsc.inc to get the stack cookie library defintions in their platform DSC files will need to explicitly declare them. --- CryptoPkg/CryptoPkg.dsc | 4 +- MdeModulePkg/MdeModulePkg.dsc | 4 +- MdePkg/Library/StackCheckLib/StackCheckLib.c | 48 ------------------- .../Library/StackCheckLib/StackCheckLib.inf | 40 ---------------- MdePkg/MdeLibs.dsc.inc | 7 --- MdePkg/MdePkg.dsc | 18 +++---- NetworkPkg/NetworkPkg.dsc | 7 +-- .../SharedNetworking/SharedNetworkPkg.dsc | 15 +----- PcAtChipsetPkg/PcAtChipsetPkg.dsc | 1 + PolicyServicePkg/PolicyServicePkg.dsc | 9 +--- ShellPkg/ShellPkg.dsc | 3 +- StandaloneMmPkg/StandaloneMmPkg.dsc | 3 +- UefiCpuPkg/UefiCpuPkg.dsc | 3 +- .../UnitTestFrameworkPkgTarget.dsc.inc | 9 +--- 14 files changed, 28 insertions(+), 143 deletions(-) delete mode 100644 MdePkg/Library/StackCheckLib/StackCheckLib.c delete mode 100644 MdePkg/Library/StackCheckLib/StackCheckLib.inf diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 144a1be6e30..e2ca7f20faf 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -48,6 +48,8 @@ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support + ##MSCHANGE Begin FltUsedLib|MdePkg/Library/FltUsedLib/FltUsedLib.inf @@ -94,7 +96,7 @@ NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf # Add support for stack protector - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib [LibraryClasses.common.PEIM] PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 847e2f41333..cdb52e05e06 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -122,6 +122,8 @@ PanicLib|MdePkg/Library/BasePanicLibNull/BasePanicLibNull.inf # MU_CHANGE + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support + # MU_CHANGE START Include MemoryProtectionHobLib [LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.DXE_CORE, LibraryClasses.common.UEFI_APPLICATION] DxeMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf @@ -235,7 +237,7 @@ # Since software stack checking may be heuristically enabled by the compiler # include BaseStackCheckLib unconditionally. # - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib [LibraryClasses.EBC, LibraryClasses.RISCV64, LibraryClasses.LOONGARCH64] LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf diff --git a/MdePkg/Library/StackCheckLib/StackCheckLib.c b/MdePkg/Library/StackCheckLib/StackCheckLib.c deleted file mode 100644 index c62cae7df62..00000000000 --- a/MdePkg/Library/StackCheckLib/StackCheckLib.c +++ /dev/null @@ -1,48 +0,0 @@ -/** @file - Provides the required functionality for initializing and - checking the stack cookie. - - Copyright (c) Microsoft Corporation. All rights reserved. - SPDX-License-Identifier: BSD-2-Clause-Patent -**/ - -#include -#include -#include -#include -#include -#include -#include -#include - -#if defined (__GNUC__) || defined (__clang__) -VOID *__stack_chk_guard = (VOID *)0xBEEBE; -#elif defined (_MSC_VER) -UINTN __security_cookie = 0xBEEBE; -#endif - -/** - Initialize the security cookie. -**/ -NO_STACK_COOKIE -EFI_STATUS -EFIAPI -InitializeSecurityCookie ( - VOID - ) -{ - // Only generate a random value for MSVC builds. GCC builds which use - // -fstack-protector-strong or -fstack-protector-all may encounter a - // stack overflow with a random cookie value. The exact cause of this - // behavior needs to be investigated further. - #ifdef _MSC_VER - if (sizeof (UINTN) == sizeof (UINT64)) { - GetRandomNumber64 ((UINT64 *)&__security_cookie); - } else { - GetRandomNumber32 ((UINT32 *)&__security_cookie); - } - - #endif - - return EFI_SUCCESS; -} diff --git a/MdePkg/Library/StackCheckLib/StackCheckLib.inf b/MdePkg/Library/StackCheckLib/StackCheckLib.inf deleted file mode 100644 index 7415dd25ae6..00000000000 --- a/MdePkg/Library/StackCheckLib/StackCheckLib.inf +++ /dev/null @@ -1,40 +0,0 @@ -## @file -# Provides the required functionality for initializing and -# checking the stack cookie. -# -# Copyright (c) Microsoft Corporation. All rights reserved. -# SPDX-License-Identifier: BSD-2-Clause-Patent -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = StackCheckLib - FILE_GUID = 495b10c8-7148-4b62-92b0-7cf4551df83d - MODULE_TYPE = BASE - VERSION_STRING = 1.0 - LIBRARY_CLASS = NULL - CONSTRUCTOR = InitializeSecurityCookie - -[Sources] - StackCheckLib.c - StackCheckFunctionsGcc.nasm |GCC - -[Sources.IA32] - IA32/StackCheckFunctionsMsvc.nasm | MSFT - -[Sources.X64] - X64/StackCheckFunctionsMsvc.nasm | MSFT - -[Packages] - MdePkg/MdePkg.dec - -[LibraryClasses] - BaseLib - BaseMemoryLib - DebugLib - RngLib - StackCheckFailureLib - -[BuildOptions] - GCC:*_*_*_CC_FLAGS = -fno-lto - MSFT:*_*_*_CC_FLAGS = /GL- diff --git a/MdePkg/MdeLibs.dsc.inc b/MdePkg/MdeLibs.dsc.inc index e72ec1342fb..4580481cb58 100644 --- a/MdePkg/MdeLibs.dsc.inc +++ b/MdePkg/MdeLibs.dsc.inc @@ -16,10 +16,3 @@ RegisterFilterLib|MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf SmmCpuRendezvousLib|MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf - -# MU_CHANGE [BEGIN] - Add Stack Cookie Support -[LibraryClasses.X64.SEC, LibraryClasses.X64.PEIM, LibraryClasses.X64.PEI_CORE, LibraryClasses.X64.SMM_CORE, LibraryClasses.X64.DXE_SMM_DRIVER, LibraryClasses.X64.MM_CORE_STANDALONE, LibraryClasses.X64.MM_STANDALONE, LibraryClasses.X64.DXE_CORE, LibraryClasses.X64.DXE_DRIVER, LibraryClasses.X64.DXE_RUNTIME_DRIVER, LibraryClasses.X64.DXE_SAL_DRIVER, LibraryClasses.X64.UEFI_DRIVER, LibraryClasses.X64.UEFI_APPLICATION] - RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureLib|MdePkg/Library/StackCheckFailureLib/StackCheckFailureLib.inf -# MU_CHANGE [END] - Add Stack Cookie Support \ No newline at end of file diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index b9f1ed50b2d..c695b178fff 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -34,6 +34,7 @@ [LibraryClasses] SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [Components] MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf @@ -138,7 +139,11 @@ MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf MdePkg/Library/SmmCpuRendezvousLibNull/SmmCpuRendezvousLibNull.inf - MdePkg/Library/BaseMmuLibNull/BaseMmuLibNull.inf ## MU_CHANGE + MdePkg/Library/BaseMmuLibNull/BaseMmuLibNull.inf ## MU_CHANGE + MdePkg/Library/StackCheckLib/StackCheckLibStaticInit.inf ## MU_CHANGE + MdePkg/Library/StackCheckLib/StackCheckLibDynamicInit.inf ## MU_CHANGE + MdePkg/Library/StackCheckFailureLib/StackCheckFailureLib.inf ## MU_CHANGE + MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf ## MU_CHANGE [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] # @@ -186,15 +191,6 @@ MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf MdePkg/Library/TdxLib/TdxLib.inf -# MU_CHANGE [BEGIN] - Stack Cookie Support -[Components.X64] - MdePkg/Library/StackCheckLib/StackCheckLib.inf - MdePkg/Library/StackCheckFailureLib/StackCheckFailureLib.inf - MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf -# MU_CHANGE [END] - Add Stack Cookie Support - - - # MS_CHANGE Begin !if $(TOOLCHAIN) == VS2017 or $(TOOLCHAIN) == VS2019 or $(TOOLCHAIN) == VS2022 [Components.IA32] @@ -208,7 +204,7 @@ [Components.ARM, Components.AARCH64] MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicArmVirt.inf - MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf #MU_CHANGE - Add moved module [Components.RISCV64] diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index dcb18421131..55cf058051d 100644 --- a/NetworkPkg/NetworkPkg.dsc +++ b/NetworkPkg/NetworkPkg.dsc @@ -22,10 +22,6 @@ DEFINE NETWORK_ISCSI_ENABLE = TRUE !include MdePkg/MdeLibs.dsc.inc -## MU_CHANGE Begin -[LibraryClasses.ARM, LibraryClasses.AARCH64] - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf -## MU_CHANGE End [LibraryClasses] DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf @@ -58,6 +54,7 @@ FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.common.UEFI_DRIVER] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf @@ -80,7 +77,7 @@ NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf !endif # MU_CHANGE End - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib #ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf # MU_CHANGE [LibraryClasses.ARM] diff --git a/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc b/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc index 5fd929b11d5..1881a501e7b 100644 --- a/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc +++ b/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc @@ -30,12 +30,6 @@ NETWORK_SNP_ENABLE = TRUE !include NetworkPkg/NetworkDefines.dsc.inc - -## MU_CHANGE Begin -[LibraryClasses.ARM, LibraryClasses.AARCH64] - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf -## MU_CHANGE End - [LibraryClasses] !include NetworkPkg/NetworkLibs.dsc.inc DebugLib|MdePkg/Library/UefiDebugLibDebugPortProtocol/UefiDebugLibDebugPortProtocol.inf @@ -66,6 +60,7 @@ FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.common.DXE_CORE, LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.DXE_RUNTIME_DRIVER, LibraryClasses.common.UEFI_DRIVER] # Common\MU_TIANO\CryptoPkg\Library\BaseCryptLibOnProtocolPpi\DxeCryptLib.inf @@ -80,12 +75,6 @@ BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf -# MU_CHANGE [BEGIN] - Add Stack Cookie Support -[LibraryClasses.X64] - NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureLib|MdePkg/Library/StackCheckFailureLib/StackCheckFailureLib.inf -# MU_CHANGE [END] - Add Stack Cookie Support - [LibraryClasses.DXE_RUNTIME_DRIVER, LibraryClasses.DXE_CORE] DebugLib|MdePkg/Library/UefiDebugLibDebugPortProtocol/UefiDebugLibDebugPortProtocol.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf @@ -126,7 +115,7 @@ NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf # MU_CHANGE BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf # while building with MSVC, we can't process the s files !endif - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib # ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf # MU_CHANGE diff --git a/PcAtChipsetPkg/PcAtChipsetPkg.dsc b/PcAtChipsetPkg/PcAtChipsetPkg.dsc index c3e52bbea3c..587e3135c95 100644 --- a/PcAtChipsetPkg/PcAtChipsetPkg.dsc +++ b/PcAtChipsetPkg/PcAtChipsetPkg.dsc @@ -45,6 +45,7 @@ ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf # MU_CHANGE + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [Components] PcAtChipsetPkg/HpetTimerDxe/HpetTimerDxe.inf diff --git a/PolicyServicePkg/PolicyServicePkg.dsc b/PolicyServicePkg/PolicyServicePkg.dsc index 7cbc4f6b4d0..25ef6cc4ed6 100644 --- a/PolicyServicePkg/PolicyServicePkg.dsc +++ b/PolicyServicePkg/PolicyServicePkg.dsc @@ -34,16 +34,11 @@ UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultReportLib/UnitTestResultReportLibDebugLib.inf -# MU_CHANGE [BEGIN] - Add Stack Cookie Support -[LibraryClasses.X64] - RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureLib|MdePkg/Library/StackCheckFailureLib/StackCheckFailureLib.inf -# MU_CHANGE [END] - Add Stack Cookie Support + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.ARM, LibraryClasses.AARCH64] NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib [LibraryClasses.common.PEIM] MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf diff --git a/ShellPkg/ShellPkg.dsc b/ShellPkg/ShellPkg.dsc index ccd16155fd3..32b8851ea32 100644 --- a/ShellPkg/ShellPkg.dsc +++ b/ShellPkg/ShellPkg.dsc @@ -68,6 +68,7 @@ ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf # MU_CHANGE - CodeQL change + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.ARM,LibraryClasses.AARCH64] # @@ -79,7 +80,7 @@ NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf # MU_CHANGE # Add support for GCC stack protector - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib [PcdsFixedAtBuild] gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0xFF diff --git a/StandaloneMmPkg/StandaloneMmPkg.dsc b/StandaloneMmPkg/StandaloneMmPkg.dsc index 55c769b82fe..5c657d65db4 100644 --- a/StandaloneMmPkg/StandaloneMmPkg.dsc +++ b/StandaloneMmPkg/StandaloneMmPkg.dsc @@ -69,6 +69,7 @@ StandaloneMmDriverEntryPoint|MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf VariableMmDependency|StandaloneMmPkg/Library/VariableMmDependency/VariableMmDependency.inf MmuLib|MdePkg/Library/BaseMmuLibNull/BaseMmuLibNull.inf # MU_CHANGE + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.X64] # MU_CHANGE StandaloneMmCoreEntryPoint|StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf # MU_CHANGE @@ -86,7 +87,7 @@ #NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf # MU_CHANGE [END] - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib [LibraryClasses.common.MM_CORE_STANDALONE] HobLib|StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index ef74b57aeb2..f5a49bceb45 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -34,7 +34,7 @@ # #NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib ## MU_CHANGE End [LibraryClasses] @@ -87,6 +87,7 @@ DeviceStateLib|MdeModulePkg/Library/DeviceStateLib/DeviceStateLib.inf PanicLib|MdePkg/Library/BasePanicLibNull/BasePanicLibNull.inf # MU_CHANGE + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.X64, LibraryClasses.IA32] HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf ##MSCHANGE End diff --git a/UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc b/UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc index 5a92e9f25ab..0f479d96f96 100644 --- a/UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc +++ b/UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc @@ -27,12 +27,7 @@ UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf -# MU_CHANGE [BEGIN] - Add Stack Cookie Support -[LibraryClasses.X64] - RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureLib|MdePkg/Library/StackCheckFailureLib/StackCheckFailureLib.inf -# MU_CHANGE [END] - Add Stack Cookie Support + NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf # MU_CHANGE: /GS and -fstack-protector support [LibraryClasses.ARM, LibraryClasses.AARCH64] # @@ -49,7 +44,7 @@ # Since software stack checking may be heuristically enabled by the compiler # include BaseStackCheckLib unconditionally. # - NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf + # NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf # MU_CHANGE: Use Project Mu StackCheckLib [LibraryClasses.common.PEIM] HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf