[REBASE && FF] Update Stack Cookie Libraries #610
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
language:python
TaylorBeebe
force-pushed
the
stash_stack_cookie_changes_2
branch
from
db58249 to
5ceab74
Compare
TaylorBeebe
changed the title
TaylorBeebe
force-pushed
the
stash_stack_cookie_changes_2
branch
5 times, most recently
from
8918428 to
694ba6a
Compare
kuqin12
reviewed
Nov 6, 2023
kuqin12
approved these changes
Nov 6, 2023
MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf
Outdated
Show resolved
Hide resolved
TaylorBeebe
force-pushed
the
stash_stack_cookie_changes_2
branch
from
694ba6a to
11b5c5f
Compare
|
Do the other entry point libraries that need the NO_STACK_COOKIE statement added as well? MdePkg\Library\PeimEntryPoint\PeimEntryPoint.inf Also, for completeness, do the Include/*EntryPoint.h files also need to have NO_STACK_COOKIE statements added as well? |
Yes, they should be there as well. However, I just looked into it a bit more and it seems like because ProcessLibraryConstructorList() is defined within every module that it's not necessary to put the attributes in the header files at all. We may be able to save a bunch of MU_CHANGEs if that's the case. I'm having a hard time finding a definite ruling on this, though. Do you know off hand? |
apop5
approved these changes
Nov 8, 2023
|
FYI: I'm going to delay wrapping up this PR until the week of 11/20 because every other repo will also need an update to use this new stack cookie library. |
TaylorBeebe
force-pushed
the
stash_stack_cookie_changes_2
branch
from
11b5c5f to
ee65ab9
Compare
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## release/202302 #610 +/- ##
===============================================
Coverage 1.87% 1.87%
===============================================
Files 1340 1341 +1
Lines 286506 286427 -79
Branches 5756 5754 -2
===============================================
Hits 5359 5359
+ Misses 281097 281018 -79
Partials 50 50
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
TaylorBeebe
force-pushed
the
stash_stack_cookie_changes_2
branch
from
ee65ab9 to
85e8212
Compare
Description
StackCheckLib provides the stack cookie globals for both GCC and MSVC
builds. StackCheckFailureLib provides a function to call when a stack
cookie check fails to give platforms a hook to perform actions
before an interrupt is called. After StackCheckFailure() is called,
an interrupt will be generated at the vector specified by
PcdStackCookieExceptionVector.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on GCC and VS builds of Q35
Integration Instructions
N/A
Description
This patch transitions the core to use the new stack cookie libraries.
The stack cookie value no longer needs to be initialized before
image execution and can instead be initialized in the library
constructor. This update also allows the cookie value to be
randomized for GCC buids which was previously not possible because
GCC does not use the cookie value from the image PE/COFF header.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [x] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [x] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on GCC and VS builds of Q35
Integration Instructions
StackCheckLib will need to be linked to every module built with /GS
for MSVC and -fstack-protector for GCC. An instance of
StackCheckFailureLib will need to be added to all platform DSC
files which utilize StackCheckLib.
```
[LibraryClasses.X64]
NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf
StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf
```
Description
Now that a cross-compiler implementation of stack cookies is available,
stack cookies can be enabled for GCC5 builds.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [x] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [x] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on GCC and VS builds of Q35
Integration Instructions
Platforms building with GCC5 and utilize the MdeModulePkg
tools_def.template will need to include a StackCheckLib instance
in their build.
```
[LibraryClasses.X64]
NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf
StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf
```
Description
Delete the old stack cookie logic.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on GCC and VS builds of Q35
Integration Instructions
N/A
TaylorBeebe
force-pushed
the
stash_stack_cookie_changes_2
branch
from
85e8212 to
ab03f95
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
StackCheckLib provides the stack cookie globals for both GCC and MSVC
builds. StackCheckFailureLib provides a function to call when a stack
cookie check fails to give platforms a hook to perform actions
before an interrupt is called. After StackCheckFailure() is called,
an interrupt will be generated at the vector specified by
PcdStackCookieExceptionVector.
This series transitions the core to use the new stack cookie libraries.
The stack cookie value no longer needs to be initialized before
image execution and can instead be initialized in the library
constructor. This update also allows the cookie value to be
randomized for GCC buids which was previously not possible because
GCC does not use the cookie value from the image PE/COFF header.
Because a cross-compiler implementation of stack cookies is available,
stack cookies can be enabled for GCC5 builds.
This implementation is also a net reduction in our EDK2 diff footprint.
flow, or firmware?
validation improvement, ...
in build or boot behavior?
a function in a new library class in a pre-existing module, ...
outside direct code modifications (and comments)?
on an a separate Web page, ...
How This Was Tested
Tested on GCC and VS builds of Q35
Integration Instructions
StackCheckLib will need to be linked to every module built with /GS for MSVC and -fstack-protector for GCC. An instance of StackCheckFailureLib will need to be added to all platform DSC files which utilize StackCheckLib.