diff options
| author | Oliver Smith-Denny <osde@microsoft.com> | 2025-01-29 10:48:49 -0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2025-02-07 02:23:11 +0000 |
| commit | e63cdeebb829683a9b30bf60a616d5476a07e1a5 (patch) | |
| tree | d5886c47efa7d258e8fc4267037f10b4f7ab462c | |
| parent | d9715c133f45b6eee239f4aa58e9112b7497de4b (diff) | |
| download | edk2-e63cdeebb829683a9b30bf60a616d5476a07e1a5.tar.gz | |
MdePkg: Add StackCheckLib Library Class
StackCheckLib defines the interface between a compiler
and the stack checking code. It is being converted from
a NULL library class to an actual library class to make
it easier to use for a platform and be easier to define
the expected interface with a compiler, so if there is
a compiler change it can be tracked and caught.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
| -rw-r--r-- | MdePkg/Include/Library/StackCheckLib.h | 78 | ||||
| -rw-r--r-- | MdePkg/Library/StackCheckLib/StackCheckLibCommonGcc.c | 2 | ||||
| -rw-r--r-- | MdePkg/Library/StackCheckLib/StackCheckLibCommonMsvc.c | 1 | ||||
| -rw-r--r-- | MdePkg/Library/StackCheckLibNull/StackCheckLibNullGcc.c | 1 | ||||
| -rw-r--r-- | MdePkg/Library/StackCheckLibNull/StackCheckLibNullMsvc.c | 1 | ||||
| -rw-r--r-- | MdePkg/MdePkg.dec | 4 |
6 files changed, 87 insertions, 0 deletions
diff --git a/MdePkg/Include/Library/StackCheckLib.h b/MdePkg/Include/Library/StackCheckLib.h new file mode 100644 index 0000000000..5773caafa5 --- /dev/null +++ b/MdePkg/Include/Library/StackCheckLib.h @@ -0,0 +1,78 @@ +/** @file
+ This library provides stack cookie checking functions for symbols inserted by the compiler. This header
+ is not intended to be used directly by modules, but rather defines the expected interfaces to each supported
+ compiler, so that if the compiler interface is updated it is easier to track.
+
+ Copyright (c) Microsoft Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef STACK_CHECK_LIB_H_
+#define STACK_CHECK_LIB_H_
+
+#include <Base.h>
+
+#if defined (__GNUC__) || defined (__clang__)
+
+// The __stack_chk_guard is a random value placed on the stack between the stack variables
+// and the return address so that continuously writing past the stack variables will cause
+// the stack cookie to be overwritten. Before the function returns, the stack cookie value
+// will be checked and if there is a mismatch then StackCheckLib handles the failure.
+extern VOID *__stack_chk_guard;
+
+/**
+ Called when a stack cookie check fails. The return address is the failing address.
+
+**/
+VOID
+EFIAPI
+__stack_chk_fail (
+ VOID
+ );
+
+#elif defined (_MSC_VER)
+
+// The __security_cookie is a random value placed on the stack between the stack variables
+// and the return address so that continuously writing past the stack variables will cause
+// the stack cookie to be overwritten. Before the function returns, the stack cookie value
+// will be checked and if there is a mismatch then StackCheckLib handles the failure.
+extern VOID *__security_cookie;
+
+/**
+ Called when a buffer check fails. This functionality is dependent on MSVC
+ C runtime libraries and so is unsupported in UEFI.
+
+**/
+VOID
+EFIAPI
+__report_rangecheckfailure (
+ VOID
+ );
+
+/**
+ The GS handler is for checking the stack cookie during SEH or
+ EH exceptions and is unsupported in UEFI.
+
+**/
+VOID
+EFIAPI
+__GSHandlerCheck (
+ VOID
+ );
+
+/**
+ Checks the stack cookie value against __security_cookie and calls the
+ stack cookie failure handler if there is a mismatch.
+
+ @param UINTN CheckValue The value to check against __security_cookie
+
+**/
+VOID
+EFIAPI
+__security_check_cookie (
+ UINTN CheckValue
+ );
+
+#endif // Compiler type
+
+#endif // STACK_CHECK_LIB_H_
diff --git a/MdePkg/Library/StackCheckLib/StackCheckLibCommonGcc.c b/MdePkg/Library/StackCheckLib/StackCheckLibCommonGcc.c index 4146012b90..7157e0dfe7 100644 --- a/MdePkg/Library/StackCheckLib/StackCheckLibCommonGcc.c +++ b/MdePkg/Library/StackCheckLib/StackCheckLibCommonGcc.c @@ -10,6 +10,7 @@ #include <Library/DebugLib.h>
#include <Library/BaseLib.h>
+#include <Library/StackCheckLib.h>
#include <Library/StackCheckFailureHookLib.h>
/**
@@ -28,6 +29,7 @@ VOID *__stack_chk_guard = (VOID *)(UINTN)STACK_COOKIE_VALUE; **/
VOID
+EFIAPI
__stack_chk_fail (
VOID
)
diff --git a/MdePkg/Library/StackCheckLib/StackCheckLibCommonMsvc.c b/MdePkg/Library/StackCheckLib/StackCheckLibCommonMsvc.c index 406b2d0116..d9018ed09e 100644 --- a/MdePkg/Library/StackCheckLib/StackCheckLibCommonMsvc.c +++ b/MdePkg/Library/StackCheckLib/StackCheckLibCommonMsvc.c @@ -10,6 +10,7 @@ #include <Library/DebugLib.h>
#include <Library/BaseLib.h>
+#include <Library/StackCheckLib.h>
#include <Library/StackCheckFailureHookLib.h>
/**
diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckLibNullGcc.c b/MdePkg/Library/StackCheckLibNull/StackCheckLibNullGcc.c index cc30632761..ed2bc410e5 100644 --- a/MdePkg/Library/StackCheckLibNull/StackCheckLibNullGcc.c +++ b/MdePkg/Library/StackCheckLibNull/StackCheckLibNullGcc.c @@ -6,6 +6,7 @@ **/
#include <Uefi.h>
+#include <Library/StackCheckLib.h>
VOID *__stack_chk_guard = (VOID *)(UINTN)0x0;
diff --git a/MdePkg/Library/StackCheckLibNull/StackCheckLibNullMsvc.c b/MdePkg/Library/StackCheckLibNull/StackCheckLibNullMsvc.c index ba9a4e6f3c..ebc2ba21d3 100644 --- a/MdePkg/Library/StackCheckLibNull/StackCheckLibNullMsvc.c +++ b/MdePkg/Library/StackCheckLibNull/StackCheckLibNullMsvc.c @@ -6,5 +6,6 @@ **/
#include <Uefi.h>
+#include <Library/StackCheckLib.h>
VOID *__security_cookie = (VOID *)(UINTN)0x0;
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index fc53cf5f1e..0694b87275 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -308,6 +308,10 @@ #
StackCheckFailureHookLib|Include/Library/StackCheckFailureHookLib.h
+ ## @libraryclass Provides stack cookie checking functionality
+ #
+ StackCheckLib|Include/Library/StackCheckLib.h
+
[LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64]
## @libraryclass Provides services to generate random number.
#
|