remove old code

microsoft · Nov 3, 2023 · 7ddeddc · 7ddeddc
1 parent 9b46cb8
commit 7ddeddc
Show file tree

Hide file tree

Showing 10 changed files with 1 addition and 248 deletions.
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h
@@ -87,8 +87,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/DxeServicesLib.h>
 #include <Library/DebugAgentLib.h>
 #include <Library/CpuExceptionHandlerLib.h>
-// #include <Library/StackCheckLib.h>
-// #include <Library/BaseBinSecurityLib.h>          // MS_CHANGE_?
 #include <Library/DxeMemoryProtectionHobLib.h>   // MU_CHANGE
 
 //

diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -96,8 +96,6 @@
   DebugAgentLib
   CpuExceptionHandlerLib
   PcdLib
-  # StackCheckLib
-  # BaseBinSecurityLib         ## MS_CHANGE_?
   DxeMemoryProtectionHobLib        ## MU_CHANGE
   MemoryBinOverrideLib      ## MU_CHANGE
 

diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -605,7 +605,6 @@ CoreLoadPeImage (
   EFI_STATUS  Status;
   BOOLEAN     DstBufAlocated;
   UINTN       Size;
-  // UINT64      *SecurityCookieAddress; // MU_CHANGE: Stack Cookie Support
 
   ZeroMem (&Image->ImageContext, sizeof (Image->ImageContext));
 
@@ -923,16 +922,6 @@ CoreLoadPeImage (
   // DEBUG_CODE_END ();
   // END
 
-  // MU_CHANGE [BEGIN]: Stack Cookie Support. Set the security cookie value for the EFI prior
-  // to execution of the image.
-  // Status = PeCoffLoaderGetSecurityCookieAddress (&Image->ImageContext, &SecurityCookieAddress);
-  // if (!EFI_ERROR (Status)) {
-  //   InitializeSecurityCookie (SecurityCookieAddress);
-  //   DEBUG ((DEBUG_VERBOSE | DEBUG_LOAD, "SecurityCookie set to %lld\n", (*SecurityCookieAddress)));
-  // }
-
-  // MU_CHANGE [END]
-
   return EFI_SUCCESS;
 
 Done:
@@ -1763,7 +1752,7 @@ CoreStartImage (
     // Call the image's entry point
     //
     Image->Started = TRUE;
-    Image->Status = Image->EntryPoint (ImageHandle, Image->Info.SystemTable);
+    Image->Status  = Image->EntryPoint (ImageHandle, Image->Info.SystemTable);
 
     //
     // If the image returns, exit it through Exit()

diff --git a/MdeModulePkg/Core/Dxe/UnitTest/MemoryProtectionUnitTestHost.inf b/MdeModulePkg/Core/Dxe/UnitTest/MemoryProtectionUnitTestHost.inf
@@ -96,7 +96,6 @@
   DebugAgentLib
   CpuExceptionHandlerLib
   PcdLib
-  # StackCheckLib
   DxeMemoryProtectionHobLib
   MemoryBinOverrideLib
 

diff --git a/MdeModulePkg/Core/PiSmmCore/Dispatcher.c b/MdeModulePkg/Core/PiSmmCore/Dispatcher.c
@@ -326,8 +326,6 @@ SmmLoadImage (
   EFI_FIRMWARE_VOLUME2_PROTOCOL  *Fv;
   PE_COFF_LOADER_IMAGE_CONTEXT   ImageContext;
 
-  // UINT64  *SecurityCookieAddress;                           // MS_CHANGE_?
-
   PERF_LOAD_IMAGE_BEGIN (DriverEntry->ImageHandle);
 
   Buffer   = NULL;
@@ -729,20 +727,6 @@ SmmLoadImage (
 
   DEBUG ((DEBUG_ERROR | DEBUG_LOAD, "\n"));                                                                    // MS_CHANGE_304324
 
-  // MS_CHANGE_304324
-  // DEBUG_CODE_END ();
-  // END
-
-  // MU_CHANGE [BEGIN]: Stack Cookie Support. Set the security cookie value for the EFI prior
-  // to execution of the image.
-  // Status = PeCoffLoaderGetSecurityCookieAddress (&ImageContext, &SecurityCookieAddress);
-  // if (!EFI_ERROR (Status)) {
-  //   InitializeSecurityCookie (SecurityCookieAddress);
-  //   DEBUG ((DEBUG_VERBOSE | DEBUG_LOAD, "SMM SecurityCookie set to %lld\n", (*SecurityCookieAddress)));
-  // }
-
-  // MU_CHANGE [END]
-
   //
   // Free buffer allocated by Fv->ReadSection.
   //

diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
@@ -55,7 +55,6 @@
 #include <Library/HobLib.h>
 #include <Library/SmmMemLib.h>
 #include <Library/SafeIntLib.h>
-// #include <Library/BaseBinSecurityLib.h>       // MS_CHANGE_?
 #include <Library/MmMemoryProtectionHobLib.h> // MU_CHANGE
 
 #include "PiSmmCorePrivateData.h"

diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
@@ -61,7 +61,6 @@
   HobLib
   SmmMemLib
   SafeIntLib
-  # BaseBinSecurityLib  ## MS_CHANGE_?
   MmMemoryProtectionHobLib ## MU_CHANGE
 
 [Protocols]

diff --git a/MdePkg/Include/IndustryStandard/PeImage.h b/MdePkg/Include/IndustryStandard/PeImage.h
@@ -134,35 +134,6 @@ typedef struct {
   UINT32    Size;
 } EFI_IMAGE_DATA_DIRECTORY;
 
-// MU_CHANGE [BEGIN]: Used to find the security cookie address within
-// a PE/COFF image header.
-//
-// Load Config Directory from PE/COFF
-//
-typedef struct {
-  UINTN    Size;
-  UINTN    TimeDateStamp;
-  UINT8    MajorVersion;
-  UINT8    MinorVersion;
-  UINTN    GlobalFlagsClear;
-  UINTN    GlobalFlagsSet;
-  UINTN    CriticalSectionDefaultTimeout;
-  UINTN    DeCommitFreeBlockThreshold;
-  UINTN    DeCommitTotalFreeThreshold;
-  UINTN    LockPrefixTable;                 // VA
-  UINTN    MaximumAllocationSize;
-  UINTN    VirtualMemoryThreshold;
-  UINTN    ProcessHeapFlags;
-  UINTN    ProcessAffinityMask;
-  UINT8    CSDVersion;
-  UINT8    Reserved1;
-  UINTN    EditList;                        // VA
-  UINTN    SecurityCookie;
-  VOID     **SEHandlerTable;
-  UINTN    SEHandlerCount;
-} EFI_IMAGE_LOAD_CONFIG_DIRECTORY;
-// MU_CHANGE [END]
-
 //
 // Directory Entries
 //

diff --git a/MdePkg/Include/Library/PeCoffLib.h b/MdePkg/Include/Library/PeCoffLib.h
@@ -230,36 +230,6 @@ PeCoffLoaderGetImageInfo (
   IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
   );
 
-// MU_CHANGE [BEGIN]: Stack Cookie Support
-
-/**
-  Retrieves the address of the SecurityCookie from the PE/COFF image.
-
-  This function locations the EFI_IMAGE_LOAD_CONFIG_DIRECTORY in the PE/COFF image
-  and gets the SecurityCookie field from this structure. This structure will only
-  exist in binaries built with MSVC tools if /GS- flag is NOT used. Because custom
-  entry points are used for EFI modules, the security cookie value must be manually
-  initialized before calling the image entry point.
-
-  @param[in, out]  ImageContext             The pointer to the image context structure that
-                                            describes the PE/COFF image that needs to be
-                                            examined by this function.
-  @param[in]      SecurityCookieAddress     The pointer that receives the address of the
-                                            security cookie upon successful execution of this function
-
-  @retval RETURN_SUCCESS                    The information on the PE/COFF image was collected.
-  @retval RETURN_INVALID_PARAMETER          ImageContext is NULL.
-  @retval RETURN_UNSUPPORTED                The PE/COFF image is not supported.
-**/
-RETURN_STATUS
-EFIAPI
-PeCoffLoaderGetSecurityCookieAddress (
-  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext,
-  OUT    UINT64                        **SecurityCookieAddress
-  );
-
-// MU_CHANGE [END]
-
 /**
   Applies relocation fixups to a PE/COFF image that was loaded with PeCoffLoaderLoadImage().
 

diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
@@ -42,40 +42,6 @@ PeCoffLoaderAdjustOffsetForTeImage (
   SectionHeader->PointerToRawData -= TeStrippedOffset;
 }
 
-// MU_CHANGE [BEGIN] - Keep this function while it's used for the stack cookies.
-
-/**
-  Retrieves the magic value from the PE/COFF header.
-
-  @param  Hdr             The buffer in which to return the PE32, PE32+, or TE header.
-
-  @return EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC - Image is PE32
-  @return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC - Image is PE32+
-
-**/
-UINT16
-PeCoffLoaderGetPeHeaderMagicValue (
-  IN  EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION  Hdr
-  )
-{
-  //
-  // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
-  //       in the PE/COFF Header.  If the MachineType is Itanium(IA64) and the
-  //       Magic value in the OptionalHeader is  EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
-  //       then override the returned value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
-  //
-  if ((Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64) && (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC)) {
-    return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
-  }
-
-  //
-  // Return the magic value from the PC/COFF Optional Header
-  //
-  return Hdr.Pe32->OptionalHeader.Magic;
-}
-
-// MU_CHANGE [END] - Keep this function while it's used for the stack cookies.
-
 /**
   Retrieves the PE or TE Header from a PE/COFF or TE image.
 
@@ -930,126 +896,6 @@ PeCoffLoaderImageAddress (
   return (CHAR8 *)((UINTN)ImageContext->ImageAddress + Address - TeStrippedOffset);
 }
 
-// MU_CHANGE [BEGIN]: Stack Cookie Support
-
-/**
-  Retrieves the address of the SecurityCookie from the PE/COFF image.
-
-  This function locations the EFI_IMAGE_LOAD_CONFIG_DIRECTORY in the PE/COFF image
-  and gets the SecurityCookie field from this structure. This structure will only
-  exist in binaries built with MSVC tools if /GS- flag is NOT used. Because custom
-  entry points are used for EFI modules, the security cookie value must be manually
-  initialized before calling the image entry point.
-
-  @param[in, out]  ImageContext             The pointer to the image context structure that
-                                            describes the PE/COFF image that needs to be
-                                            examined by this function.
-  @param[in]      SecurityCookieAddress     The pointer that receives the address of the
-                                            security cookie upon successful execution of this function
-
-  @retval RETURN_SUCCESS                    The information on the PE/COFF image was collected.
-  @retval RETURN_INVALID_PARAMETER          ImageContext is NULL.
-  @retval RETURN_UNSUPPORTED                The PE/COFF image is not supported.
-**/
-RETURN_STATUS
-EFIAPI
-PeCoffLoaderGetSecurityCookieAddress (
-  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext,
-  OUT    UINT64                        **SecurityCookieAddress
-  )
-{
-  EFI_IMAGE_LOAD_CONFIG_DIRECTORY      *LoadConfigDataDirectory;
-  EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION  Hdr;
-  EFI_IMAGE_DATA_DIRECTORY             *DataDirectory;
-  UINT64                               Adjust;
-  PHYSICAL_ADDRESS                     BaseAddress;
-  UINT32                               NumberOfRvaAndSizes;
-  UINT16                               Magic;
-
-  *SecurityCookieAddress = NULL;
-
-  if (ImageContext == NULL) {
-    return RETURN_INVALID_PARAMETER;
-  }
-
-  //
-  // If the destination address is not 0, use that rather than the
-  // image address as the relocation target.
-  //
-  if (ImageContext->DestinationAddress != 0) {
-    BaseAddress = ImageContext->DestinationAddress;
-  } else {
-    BaseAddress = ImageContext->ImageAddress;
-  }
-
-  if ((ImageContext->Machine != IMAGE_FILE_MACHINE_X64) || ImageContext->IsTeImage) {
-    //        DEBUG((DEBUG_INFO | DEBUG_LOAD, "SecurityCookie is only supported on X64 binaries\n"));
-  } else {
-    Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINTN)ImageContext->ImageAddress + ImageContext->PeCoffHeaderOffset);
-    Magic    = PeCoffLoaderGetPeHeaderMagicValue (Hdr);
-
-    if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
-      //
-      // Use PE32 offset
-      //
-      Adjust = (UINT64)BaseAddress - Hdr.Pe32->OptionalHeader.ImageBase;
-      if (Adjust != 0) {
-        Hdr.Pe32->OptionalHeader.ImageBase = (UINT32)BaseAddress;
-      }
-
-      NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;
-      DataDirectory       = &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG];
-    } else {
-      //
-      // Use PE32+ offset
-      //
-      Adjust = (UINT64)BaseAddress - Hdr.Pe32Plus->OptionalHeader.ImageBase;
-      if (Adjust != 0) {
-        Hdr.Pe32Plus->OptionalHeader.ImageBase = (UINT64)BaseAddress;
-      }
-
-      NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
-      DataDirectory       = &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG];
-    }
-
-    //
-    // Find the relocation block
-    // Per the PE/COFF spec, you can't assume that a given data directory
-    // is present in the image. You have to check the NumberOfRvaAndSizes in
-    // the optional header to verify a desired directory entry is there.
-    //
-    if ((NumberOfRvaAndSizes < EFI_IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG)) {
-      DataDirectory = NULL;
-    }
-
-    if (DataDirectory != NULL) {
-      if (DataDirectory->Size == sizeof (EFI_IMAGE_LOAD_CONFIG_DIRECTORY)) {
-        LoadConfigDataDirectory = (EFI_IMAGE_LOAD_CONFIG_DIRECTORY *)PeCoffLoaderImageAddress (ImageContext, DataDirectory->VirtualAddress, 0);
-        if (LoadConfigDataDirectory != NULL) {
-          if ((LoadConfigDataDirectory->SecurityCookie > BaseAddress) &&
-              (LoadConfigDataDirectory->SecurityCookie + sizeof (UINT64) < BaseAddress + ImageContext->ImageSize))
-          {
-            *SecurityCookieAddress = (UINT64 *)LoadConfigDataDirectory->SecurityCookie;
-            return RETURN_SUCCESS;
-          } else {
-            DEBUG ((DEBUG_INFO | DEBUG_LOAD, "SecurityCookieAddress is invalid\n"));
-          }
-        } else {
-          DEBUG ((DEBUG_INFO | DEBUG_LOAD, "LoadConfigDataDirectory is NULL\n"));
-        }
-      } else {
-        DEBUG ((DEBUG_INFO | DEBUG_LOAD, "DataDirectory->Size != sizeof(EFI_IMAGE_LOAD_CONFIG_DIRECTORY)\n"));
-      }
-    } else {
-      DEBUG ((DEBUG_INFO | DEBUG_LOAD, "DataDirectory is NULL\n"));
-    }
-  }
-
-  return RETURN_UNSUPPORTED;
-}
-
-// MU_CHANGE [END]
-
 /**
   Applies relocation fixups to a PE/COFF image that was loaded with PeCoffLoaderLoadImage().