From db582497e086356f6ea287b85e585713b33bdaa3 Mon Sep 17 00:00:00 2001 From: Taylor Beebe Date: Thu, 2 Nov 2023 18:57:26 -0700 Subject: [PATCH] Update all DSC files, update null lib, update comments --- BaseTools/Source/Python/AutoGen/GenC.py | 10 +++-- CryptoPkg/CryptoPkg.dsc | 11 ++--- MdeModulePkg/MdeModulePkg.dsc | 15 ++----- MdeModulePkg/Test/MdeModulePkgHostTest.dsc | 1 - .../IA32/StackCheckFunctionsMsvc.nasm | 18 +++----- .../StackCheckLib/StackCheckFunctionsGcc.nasm | 4 ++ .../X64/StackCheckFunctionsMsvc.nasm | 18 +++----- .../StackCheckFunctionsGcc.nasm | 4 ++ .../StackCheckFunctionsMsvc.asm | 44 ------------------- .../StackCheckFunctionsMsvc.nasm | 30 +++++++++++++ .../StackCheckLibNull/StackCheckLibNull.c | 3 +- .../StackCheckLibNull/StackCheckLibNull.inf | 11 +++-- MdePkg/MdePkg.dec | 10 +++-- MdePkg/MdePkg.dsc | 25 +++++------ NetworkPkg/NetworkPkg.dsc | 10 ++--- .../SharedNetworking/SharedNetworkPkg.dsc | 13 +++--- PcAtChipsetPkg/PcAtChipsetPkg.dsc | 10 ++--- PolicyServicePkg/PolicyServicePkg.dsc | 14 ++---- ShellPkg/ShellPkg.dsc | 14 ++---- StandaloneMmPkg/StandaloneMmPkg.dsc | 14 ++---- UefiCpuPkg/UefiCpuPkg.dsc | 14 +++--- UnitTestFrameworkPkg/UnitTestFrameworkPkg.dsc | 14 ++---- 22 files changed, 127 insertions(+), 180 deletions(-) delete mode 100644 MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.asm create mode 100644 MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.nasm diff --git a/BaseTools/Source/Python/AutoGen/GenC.py b/BaseTools/Source/Python/AutoGen/GenC.py index 496d16445cd..6b4cd3f6d8c 100755 --- a/BaseTools/Source/Python/AutoGen/GenC.py +++ b/BaseTools/Source/Python/AutoGen/GenC.py @@ -712,7 +712,7 @@ ${FunctionCall}${END} } """), - +# MU_CHANGE [BEGIN]: Add StackCookieSupport marker for stack cookie support. 'PEI' : TemplateString(""" ${BEGIN}${FunctionPrototype}${END} @@ -743,7 +743,7 @@ ${FunctionCall}${END} } """), - +# MU_CHANGE [END]: Add StackCookieSupport marker for stack cookie support. 'MM' : TemplateString(""" ${BEGIN}${FunctionPrototype}${END} @@ -1361,13 +1361,14 @@ def CreateLibraryConstructorCode(Info, AutoGenC, AutoGenH): ConstructorCallingList = [] else: ConstructorCallingList = [str(ConstructorCallingString)] - + # MU_CHANGE [BEGIN]: Add StackCookieSupport marker for stack cookie support. Dict = { 'Type' : 'Constructor', 'FunctionPrototype' : ConstructorPrototypeList, 'FunctionCall' : ConstructorCallingList, "StackCookieSupport": "#ifdef __GNUC__\n__attribute__ ((no_stack_protector))\n#else\n__declspec(safebuffers)\n#endif" } + # MU_CHANGE [END]: Add StackCookieSupport marker for stack cookie support. if Info.IsLibrary: AutoGenH.Append("${BEGIN}${FunctionPrototype}${END}", Dict) else: @@ -1425,13 +1426,14 @@ def CreateLibraryDestructorCode(Info, AutoGenC, AutoGenH): DestructorCallingList = [] else: DestructorCallingList = [str(DestructorCallingString)] - + # MU_CHANGE [BEGIN]: Add StackCookieSupport marker for stack cookie support. Dict = { 'Type' : 'Destructor', 'FunctionPrototype' : DestructorPrototypeList, 'FunctionCall' : DestructorCallingList, "StackCookieSupport": "" } + # MU_CHANGE [END]: Add StackCookieSupport marker for stack cookie support. if Info.IsLibrary: AutoGenH.Append("${BEGIN}${FunctionPrototype}${END}", Dict) else: diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index ef7bf4056ec..374fad8c039 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -51,7 +51,6 @@ ##MSCHANGE Begin FltUsedLib|MdePkg/Library/FltUsedLib/FltUsedLib.inf - BaseBinSecurityLibRng|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf UnitTestBootLib|UnitTestFrameworkPkg/Library/UnitTestBootLibNull/UnitTestBootLibNull.inf @@ -78,16 +77,18 @@ [LibraryClasses.IA32] NULL|MdePkg/Library/VsIntrinsicLib/VsIntrinsicLib.inf ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf -[LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf [LibraryClasses.X64.DXE_CORE, LibraryClasses.X64.UEFI_DRIVER, LibraryClasses.X64.DXE_DRIVER, LibraryClasses.X64.UEFI_APPLICATION] # this is currently X64 only because MSVC doesn't support BaseMemoryLibOptDxe for AARCH64 BaseMemoryLib|MdePkg/Library/BaseMemoryLibOptDxe/BaseMemoryLibOptDxe.inf !endif ##MSCHANGE # MU_CHANGE [END] +# MU_CHANGE [BEGIN] - Add Stack Cookie Support +[LibraryClasses.X64] + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support + [LibraryClasses.ARM, LibraryClasses.AARCH64] #ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf ## MU_CHANGE diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 876860f2731..c1a8debda52 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -132,18 +132,11 @@ # MU_CHANGE END -##MSCHANGE Begin -[LibraryClasses.common] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds - RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf -[LibraryClasses.X64] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -##MSCHANGE End + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [LibraryClasses.EBC.PEIM] IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf diff --git a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc index 7b19ef594df..ba4e8d93433 100644 --- a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc +++ b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc @@ -112,7 +112,6 @@ DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf MemoryBinOverrideLib|MdeModulePkg/Library/MemoryBinOverrideLibNull/MemoryBinOverrideLibNull.inf # MU_CHANGE diff --git a/MdePkg/Library/StackCheckLib/IA32/StackCheckFunctionsMsvc.nasm b/MdePkg/Library/StackCheckLib/IA32/StackCheckFunctionsMsvc.nasm index 196d9263019..b5dcb2294c4 100644 --- a/MdePkg/Library/StackCheckLib/IA32/StackCheckFunctionsMsvc.nasm +++ b/MdePkg/Library/StackCheckLib/IA32/StackCheckFunctionsMsvc.nasm @@ -1,5 +1,5 @@ ;------------------------------------------------------------------------------ -; IA32/StackCheckFunctionsMsvc.asm +; IA32/StackCheckFunctionsMsvc.nasm ;------------------------------------------------------------------------------ DEFAULT REL @@ -9,21 +9,15 @@ extern ASM_PFX(__security_cookie) extern ASM_PFX(StackCheckFailure) extern ASM_PFX(CpuDeadLoop) -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __report_rangecheckfailure (VOID); -;------------------------------------------------------------------------------ +; Called when a buffer check fails. This functionality is dependent on MSVC +; C runtime libraries and so is unsupported in UEFI. global ASM_PFX(__report_rangecheckfailure) ASM_PFX(__report_rangecheckfailure): call ASM_PFX(CpuDeadLoop) ret -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __GSHandlerCheck (VOID); -;------------------------------------------------------------------------------ +; The GS handler is for checking the stack cookie during SEH or +; EH exceptions and is unsupported in UEFI. global ASM_PFX(__GSHandlerCheck) ASM_PFX(__GSHandlerCheck): call ASM_PFX(CpuDeadLoop) @@ -32,7 +26,7 @@ ASM_PFX(__GSHandlerCheck): ;------------------------------------------------------------------------------ ; Checks the stack cookie value against __security_cookie and calls the ; stack cookie failure handler if there is a mismatch. -;------------------------------------------------------------------------------ +; ; VOID ; EFIAPI ; __security_check_cookie ( diff --git a/MdePkg/Library/StackCheckLib/StackCheckFunctionsGcc.nasm b/MdePkg/Library/StackCheckLib/StackCheckFunctionsGcc.nasm index 5007b4115e7..bafbd5c75bf 100644 --- a/MdePkg/Library/StackCheckLib/StackCheckFunctionsGcc.nasm +++ b/MdePkg/Library/StackCheckLib/StackCheckFunctionsGcc.nasm @@ -1,8 +1,12 @@ +;------------------------------------------------------------------------------ +; StackCheckFunctionsGcc.nasm +;------------------------------------------------------------------------------ DEFAULT REL SECTION .text extern ASM_PFX(StackCheckFailure) +; Called when a stack cookie check fails. global ASM_PFX(__stack_chk_fail) ASM_PFX(__stack_chk_fail): call StackCheckFailure diff --git a/MdePkg/Library/StackCheckLib/X64/StackCheckFunctionsMsvc.nasm b/MdePkg/Library/StackCheckLib/X64/StackCheckFunctionsMsvc.nasm index 7a7ae02d66c..3ad51292fbc 100644 --- a/MdePkg/Library/StackCheckLib/X64/StackCheckFunctionsMsvc.nasm +++ b/MdePkg/Library/StackCheckLib/X64/StackCheckFunctionsMsvc.nasm @@ -1,5 +1,5 @@ ;------------------------------------------------------------------------------ -; X64/StackCheckFunctionsMsvc.asm +; X64/StackCheckFunctionsMsvc.nasm ;------------------------------------------------------------------------------ DEFAULT REL @@ -9,21 +9,15 @@ extern ASM_PFX(StackCheckFailure) extern ASM_PFX(__security_cookie) extern ASM_PFX(CpuDeadLoop) -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __report_rangecheckfailure (VOID); -;------------------------------------------------------------------------------ +; Called when a buffer check fails. This functionality is dependent on MSVC +; C runtime libraries and so is unsupported in UEFI. global ASM_PFX(__report_rangecheckfailure) ASM_PFX(__report_rangecheckfailure): call ASM_PFX(CpuDeadLoop) ret -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __GSHandlerCheck (VOID); -;------------------------------------------------------------------------------ +; The GS handler is for checking the stack cookie during SEH or +; EH exceptions and is unsupported in UEFI. global ASM_PFX(__GSHandlerCheck) ASM_PFX(__GSHandlerCheck): call ASM_PFX(CpuDeadLoop) @@ -33,7 +27,7 @@ ASM_PFX(__GSHandlerCheck): ;------------------------------------------------------------------------------ ; Checks the stack cookie value against __security_cookie and calls the ; stack cookie failure handler if there is a mismatch. -;------------------------------------------------------------------------------ +; ; VOID ; EFIAPI ; __security_check_cookie ( diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsGcc.nasm b/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsGcc.nasm index a902cb91ecd..8cc817b6db6 100644 --- a/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsGcc.nasm +++ b/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsGcc.nasm @@ -1,6 +1,10 @@ +;------------------------------------------------------------------------------ +; StackCheckFunctionsGcc.nasm +;------------------------------------------------------------------------------ DEFAULT REL SECTION .text +; Called when a stack cookie check fails. global ASM_PFX(__stack_chk_fail) ASM_PFX(__stack_chk_fail): ret diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.asm b/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.asm deleted file mode 100644 index 368c72317d2..00000000000 --- a/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.asm +++ /dev/null @@ -1,44 +0,0 @@ -;------------------------------------------------------------------------------ -; StackCheckFunctionsVs.asm -;------------------------------------------------------------------------------ - .code - -;------------------------------------------------------------------------------ -; Called when a buffer check fails. This functionality is dependent on MSVC -; C runtime libraries and so is unsupported in UEFI. -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __report_rangecheckfailure (VOID); -;------------------------------------------------------------------------------ - -__report_rangecheckfailure PROC PUBLIC - ret -__report_rangecheckfailure ENDP - -;------------------------------------------------------------------------------ -; The GS handler is for checking the stack cookie during SEH or -; EH exceptions and is unsupported in UEFI. -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __GSHandlerCheck (VOID); -;------------------------------------------------------------------------------ -__GSHandlerCheck PROC PUBLIC - ret -__GSHandlerCheck ENDP - -;------------------------------------------------------------------------------ -; Checks the stack cookie value against __security_cookie and calls the -; stack cookie failure handler if there is a mismatch. -;------------------------------------------------------------------------------ -; VOID -; EFIAPI -; __security_check_cookie ( -; IN UINTN CheckValue); -;------------------------------------------------------------------------------ -__security_check_cookie PROC PUBLIC - ret -__security_check_cookie ENDP - - END diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.nasm b/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.nasm new file mode 100644 index 00000000000..ba9c62f675d --- /dev/null +++ b/MdePkg/Library/StackCheckLibNull/StackCheckFunctionsMsvc.nasm @@ -0,0 +1,30 @@ +;------------------------------------------------------------------------------ +; StackCheckFunctionsMsvc.nasm +;------------------------------------------------------------------------------ + DEFAULT REL + SECTION .text + +; Called when a buffer check fails. This functionality is dependent on MSVC +; C runtime libraries and so is unsupported in UEFI. +global ASM_PFX(__report_rangecheckfailure) +ASM_PFX(__report_rangecheckfailure): + ret + +; The GS handler is for checking the stack cookie during SEH or +; EH exceptions and is unsupported in UEFI. +global ASM_PFX(__GSHandlerCheck) +ASM_PFX(__GSHandlerCheck): + ret + +;------------------------------------------------------------------------------ +; Checks the stack cookie value against __security_cookie and calls the +; stack cookie failure handler if there is a mismatch. +; +; VOID +; EFIAPI +; __security_check_cookie ( +; IN UINTN CheckValue); +;------------------------------------------------------------------------------ +global ASM_PFX(__security_check_cookie) +ASM_PFX(__security_check_cookie): + ret diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.c b/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.c index 9f05991b5d6..c5ffca440fc 100644 --- a/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.c +++ b/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.c @@ -1,6 +1,5 @@ /** @file - Provides the required functionality for initializing and - checking the stack cookie. + Defines the stack cookie variable for GCC, Clang and MSVC compilers. Copyright (c) Microsoft Corporation. All rights reserved. SPDX-License-Identifier: BSD-2-Clause-Patent diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf b/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf index b73cf42378b..ebcd173de10 100644 --- a/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf +++ b/MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf @@ -1,6 +1,7 @@ ## @file -# Provides the required functionality for initializing and -# checking the stack cookie. +# Null library instance for StackCheckLib which can be included +# when a build needs to include stack check functions but does +# not want to generate stack check failures. # # Copyright (c) Microsoft Corporation. All rights reserved. # SPDX-License-Identifier: BSD-2-Clause-Patent @@ -17,7 +18,11 @@ [Sources] StackCheckLibNull.c StackCheckFunctionsGcc.nasm | GCC - StackCheckFunctionsVs.asm | MSFT + StackCheckFunctionsMsvc.nasm | MSFT [Packages] MdePkg/MdePkg.dec + +[BuildOptions] + GCC:*_*_*_CC_FLAGS = -fno-lto + MSFT:*_*_*_CC_FLAGS = /GL- diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index ead4c7dd028..b0cdc85874d 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -101,10 +101,12 @@ # All combinations of Unicode and ASCII strings are supported. ## PrintLib|Include/Library/PrintLib.h -## MSCHANGE BEGIN - ## @libraryclass Provides and interface to initialize security cookies - BaseBinSecurityLib|Include/Library/BaseBinSecurityLib.h -## MSCHANGE END + +## MU_CHANGE [BEGIN] + ## @libraryclass Provides a hook called when a stack cookie check fails. + StackCheckFailureLib|Include/Library/StackCheckFailureLib.h +## MU_CHANGE [END] + ## @libraryclass Provides an ordered collection data structure. OrderedCollectionLib|Include/Library/OrderedCollectionLib.h diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index 31e8330f471..0d935d9ff09 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -34,16 +34,13 @@ [LibraryClasses] SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - # MU_CHANGE START - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 + +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -# MU_CHANGE END + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [Components] MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf @@ -190,18 +187,18 @@ MdePkg/Library/BaseS3StallLib/BaseS3StallLib.inf MdePkg/Library/SmmMemLib/SmmMemLib.inf MdePkg/Library/SmmIoLib/SmmIoLib.inf - ##MSCHANGE Begin -!if $(TOOL_CHAIN_TAG) == VS2017 or $(TOOL_CHAIN_TAG) == VS2015 or $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 - MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf - MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif - ##MSCHANGE End MdePkg/Library/SmmPciExpressLib/SmmPciExpressLib.inf MdePkg/Library/SmiHandlerProfileLibNull/SmiHandlerProfileLibNull.inf MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf MdePkg/Library/TdxLib/TdxLib.inf +# MU_CHANGE [BEGIN] - Stack Cookie Support +[Components.X64] + MdePkg/Library/StackCheckLib/StackCheckLib.inf + MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support + # MS_CHANGE Begin diff --git a/NetworkPkg/NetworkPkg.dsc b/NetworkPkg/NetworkPkg.dsc index 6628ad0c03a..0cb849ab141 100644 --- a/NetworkPkg/NetworkPkg.dsc +++ b/NetworkPkg/NetworkPkg.dsc @@ -67,14 +67,12 @@ SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf -##MSCHANGE Begin -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -##MSCHANGE End + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [LibraryClasses.common.UEFI_DRIVER] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf diff --git a/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc b/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc index 62b6c4a0712..2167b83b9f5 100644 --- a/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc +++ b/NetworkPkg/SharedNetworking/SharedNetworkPkg.dsc @@ -61,7 +61,6 @@ DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - BaseBinSecurityLibRng|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf @@ -83,14 +82,12 @@ BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf TlsLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf -##MSCHANGE Begin -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -##MSCHANGE End + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support + [LibraryClasses.DXE_RUNTIME_DRIVER, LibraryClasses.DXE_CORE] DebugLib|MdePkg/Library/UefiDebugLibDebugPortProtocol/UefiDebugLibDebugPortProtocol.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf diff --git a/PcAtChipsetPkg/PcAtChipsetPkg.dsc b/PcAtChipsetPkg/PcAtChipsetPkg.dsc index a9ee3b17062..ec26d48c451 100644 --- a/PcAtChipsetPkg/PcAtChipsetPkg.dsc +++ b/PcAtChipsetPkg/PcAtChipsetPkg.dsc @@ -46,14 +46,12 @@ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf # MU_CHANGE -## MS_CHANGE Begin +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -## MS_CHANGE End + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [Components] PcAtChipsetPkg/HpetTimerDxe/HpetTimerDxe.inf diff --git a/PolicyServicePkg/PolicyServicePkg.dsc b/PolicyServicePkg/PolicyServicePkg.dsc index 32b284517c7..5db47220c71 100644 --- a/PolicyServicePkg/PolicyServicePkg.dsc +++ b/PolicyServicePkg/PolicyServicePkg.dsc @@ -34,18 +34,12 @@ UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultReportLib/UnitTestResultReportLibDebugLib.inf - ## MU_CHANGE START -[LibraryClasses.common] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf -[LibraryClasses.X64] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif - ## MU_CHANGE END + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [LibraryClasses.ARM, LibraryClasses.AARCH64] NULL|MdePkg/Library/CompilerIntrinsicsLib/ArmCompilerIntrinsicsLib.inf diff --git a/ShellPkg/ShellPkg.dsc b/ShellPkg/ShellPkg.dsc index 7df5de0e335..d2268c7c244 100644 --- a/ShellPkg/ShellPkg.dsc +++ b/ShellPkg/ShellPkg.dsc @@ -69,18 +69,12 @@ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf # MU_CHANGE - CodeQL change -## MU_CHANGE Begin -[LibraryClasses.common] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf -[LibraryClasses.X64] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -## MU_CHANGE End + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [LibraryClasses.ARM,LibraryClasses.AARCH64] # diff --git a/StandaloneMmPkg/StandaloneMmPkg.dsc b/StandaloneMmPkg/StandaloneMmPkg.dsc index 69aa6e1c541..3e39e9a9ad8 100644 --- a/StandaloneMmPkg/StandaloneMmPkg.dsc +++ b/StandaloneMmPkg/StandaloneMmPkg.dsc @@ -70,18 +70,12 @@ VariableMmDependency|StandaloneMmPkg/Library/VariableMmDependency/VariableMmDependency.inf MmuLib|MdePkg/Library/BaseMmuLibNull/BaseMmuLibNull.inf # MU_CHANGE - ## MU_CHANGE START -[LibraryClasses.common] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf -[LibraryClasses.X64] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif - ## MU_CHANGE END + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [LibraryClasses.X64] # MU_CHANGE StandaloneMmCoreEntryPoint|StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf # MU_CHANGE diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index 4d895a794b6..766981001c8 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -85,17 +85,15 @@ DxeMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf MmMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf DeviceStateLib|MdeModulePkg/Library/DeviceStateLib/DeviceStateLib.inf - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -[LibraryClasses.X64, LibraryClasses.IA32] HwResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +##MSCHANGE End + +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif -##MSCHANGE End + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [LibraryClasses.common.SEC] PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf diff --git a/UnitTestFrameworkPkg/UnitTestFrameworkPkg.dsc b/UnitTestFrameworkPkg/UnitTestFrameworkPkg.dsc index 772906b6f3a..9a2517eb6f0 100644 --- a/UnitTestFrameworkPkg/UnitTestFrameworkPkg.dsc +++ b/UnitTestFrameworkPkg/UnitTestFrameworkPkg.dsc @@ -25,18 +25,12 @@ [PcdsPatchableInModule] gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 - ## MU_CHANGE START -[LibraryClasses.common] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf -!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022 +# MU_CHANGE [BEGIN] - Add Stack Cookie Support [LibraryClasses.X64] - # Provide StackCookie support lib so that we can link to /GS exports for VS builds RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf -[LibraryClasses.X64] - BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf - NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf -!endif - ## MU_CHANGE END + NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf +# MU_CHANGE [END] - Add Stack Cookie Support [Components] UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf