From 96cf70951f53f16853fdd42129b73940e71bab2d Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Sat, 8 Feb 2025 11:25:19 +0100 Subject: MdePkg/DynamicStackCookieEntryPointLib: Drop execute-in-place versions SEC, PEI_CORE and PEIM type modules generally execute in place from memory that is not writable. This means that it is not generally possible to use an entrypoint implementation that stores a dynamically generated stack cookie into a global variable. For PEIMs in particular, there may be other options, such as a DEPEX on the permanent memory PPI, but the current dynamic implementations of the stack checking library entrypoints for PEI_CORE and PEIM modules must not be used as-is. So remove them, and update the readme accordingly. Signed-off-by: Ard Biesheuvel --- .../PeiCore/PeiCoreEntryPoint.c | 93 ---------------------- .../PeiCore/PeiCoreEntryPoint.uni | 16 ---- .../PeiCoreEntryPoint.inf | 44 ---------- .../Peim/PeimEntryPoint.c | 72 ----------------- .../Peim/PeimEntryPoint.uni | 16 ---- .../PeimEntryPoint.inf | 43 ---------- MdePkg/Library/StackCheckLib/Readme.md | 17 ++-- MdePkg/MdePkg.dsc | 2 - 8 files changed, 6 insertions(+), 297 deletions(-) delete mode 100644 MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.c delete mode 100644 MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.uni delete mode 100644 MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCoreEntryPoint.inf delete mode 100644 MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.c delete mode 100644 MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.uni delete mode 100644 MdePkg/Library/DynamicStackCookieEntryPointLib/PeimEntryPoint.inf diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.c b/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.c deleted file mode 100644 index bcc9c2ce35..0000000000 --- a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.c +++ /dev/null @@ -1,93 +0,0 @@ -/** @file - Entry point to a the PEI Core. - -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include - -// -// The Library classes this module produced -// -#include -#include -#include - -/** - The entry point of PE/COFF Image for the PEI Core. - - This function is the entry point for the PEI Foundation, which allows the SEC phase - to pass information about the stack, temporary RAM and the Boot Firmware Volume. - In addition, it also allows the SEC phase to pass services and data forward for use - during the PEI phase in the form of one or more PPIs. - There is no limit to the number of additional PPIs that can be passed from SEC into - the PEI Foundation. As part of its initialization phase, the PEI Foundation will add - these SEC-hosted PPIs to its PPI database such that both the PEI Foundation and any - modules can leverage the associated service calls and/or code in these early PPIs. - This function is required to call ProcessModuleEntryPointList() with the Context - parameter set to NULL. ProcessModuleEntryPoint() is never expected to return. - The PEI Core is responsible for calling ProcessLibraryConstructorList() as soon as - the PEI Services Table and the file handle for the PEI Core itself have been established. - If ProcessModuleEntryPointList() returns, then ASSERT() and halt the system. - - @param SecCoreData Points to a data structure containing information about the - PEI core's operating environment, such as the size and - location of temporary RAM, the stack location and the BFV - location. - - @param PpiList Points to a list of one or more PPI descriptors to be - installed initially by the PEI core. An empty PPI list - consists of a single descriptor with the end-tag - EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST. - As part of its initialization phase, the PEI Foundation will - add these SEC-hosted PPIs to its PPI database, such that both - the PEI Foundation and any modules can leverage the associated - service calls and/or code in these early PPIs. - -**/ -VOID -EFIAPI -_CModuleEntryPoint ( - IN CONST EFI_SEC_PEI_HAND_OFF *SecCoreData, - IN CONST EFI_PEI_PPI_DESCRIPTOR *PpiList - ) -{ - ProcessModuleEntryPointList (SecCoreData, PpiList, NULL); - - // - // Should never return - // - ASSERT (FALSE); - CpuDeadLoop (); -} - -/** - Required by the EBC compiler and identical in functionality to _ModuleEntryPoint(). - - This function is required to call _CModuleEntryPoint() passing in SecCoreData and PpiList. - - @param SecCoreData Points to a data structure containing information about the PEI core's - operating environment, such as the size and location of temporary RAM, - the stack location and the BFV location. - - @param PpiList Points to a list of one or more PPI descriptors to be installed - initially by the PEI core. An empty PPI list consists of - a single descriptor with the end-tag - EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST. - As part of its initialization phase, the PEI Foundation will - add these SEC-hosted PPIs to its PPI database, such that both - the PEI Foundationand any modules can leverage the associated - service calls and/or code in these early PPIs. - -**/ -VOID -EFIAPI -EfiMain ( - IN CONST EFI_SEC_PEI_HAND_OFF *SecCoreData, - IN CONST EFI_PEI_PPI_DESCRIPTOR *PpiList - ) -{ - _CModuleEntryPoint (SecCoreData, PpiList); -} diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.uni b/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.uni deleted file mode 100644 index f4c12c0e60..0000000000 --- a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCore/PeiCoreEntryPoint.uni +++ /dev/null @@ -1,16 +0,0 @@ -// /** @file -// Module entry point library for PEI core. -// -// Module entry point library for PEI core. -// -// Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.
-// -// SPDX-License-Identifier: BSD-2-Clause-Patent -// -// **/ - - -#string STR_MODULE_ABSTRACT #language en-US "Module entry point library for PEI core" - -#string STR_MODULE_DESCRIPTION #language en-US "Module entry point library for PEI core." - diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCoreEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCoreEntryPoint.inf deleted file mode 100644 index 9ac20b8659..0000000000 --- a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCoreEntryPoint.inf +++ /dev/null @@ -1,44 +0,0 @@ -## @file -# Module entry point library for PEI core that dynamically updates the stack cookie. -# -# Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.
-# -# SPDX-License-Identifier: BSD-2-Clause-Patent -# -# -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = PeiCoreEntryPointDynamicInit - MODULE_UNI_FILE = PeiCore/PeiCoreEntryPoint.uni - FILE_GUID = 2627DFCD-054D-403E-B812-E67034865D29 - MODULE_TYPE = PEI_CORE - VERSION_STRING = 1.0 - LIBRARY_CLASS = PeiCoreEntryPoint|PEI_CORE - -# -# VALID_ARCHITECTURES = IA32 X64 AARCH64 -# - -[Sources] - PeiCore/PeiCoreEntryPoint.c - -[Sources.IA32] - IA32/DynamicCookieGcc.nasm | GCC - IA32/DynamicCookieMsvc.nasm | MSFT - -[Sources.X64] - X64/DynamicCookieGcc.nasm | GCC - X64/DynamicCookieMsvc.nasm | MSFT - -[Sources.AARCH64] - AArch64/DynamicCookieGcc.S | GCC - -[Packages] - MdePkg/MdePkg.dec - -[LibraryClasses] - BaseLib - DebugLib - StackCheckLib diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.c b/MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.c deleted file mode 100644 index da03d61dac..0000000000 --- a/MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.c +++ /dev/null @@ -1,72 +0,0 @@ -/** @file - Entry point to a PEIM. - -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include - -#include -#include - -/** - The entry point of PE/COFF Image for a PEIM. - - This function is the entry point for a PEIM. This function must call ProcessLibraryConstructorList() - and ProcessModuleEntryPointList(). The return value from ProcessModuleEntryPointList() is returned. - If _gPeimRevision is not zero and PeiServices->Hdr.Revision is less than _gPeimRevison, then ASSERT(). - - @param FileHandle Handle of the file being invoked. - @param PeiServices Describes the list of possible PEI Services. - - @retval EFI_SUCCESS The PEIM executed normally. - @retval !EFI_SUCCESS The PEIM failed to execute normally. -**/ -EFI_STATUS -EFIAPI -_CModuleEntryPoint ( - IN EFI_PEI_FILE_HANDLE FileHandle, - IN CONST EFI_PEI_SERVICES **PeiServices - ) -{ - if (_gPeimRevision != 0) { - // - // Make sure that the PEI spec revision of the platform is >= PEI spec revision of the driver - // - ASSERT ((*PeiServices)->Hdr.Revision >= _gPeimRevision); - } - - // - // Call constructor for all libraries - // - ProcessLibraryConstructorList (FileHandle, PeiServices); - - // - // Call the driver entry point - // - return ProcessModuleEntryPointList (FileHandle, PeiServices); -} - -/** - Required by the EBC compiler and identical in functionality to _ModuleEntryPoint(). - - This function is required to call _ModuleEntryPoint() passing in FileHandle and PeiServices. - - @param FileHandle Handle of the file being invoked. - @param PeiServices Describes the list of possible PEI Services. - - @retval EFI_SUCCESS The PEIM executed normally. - @retval !EFI_SUCCESS The PEIM failed to execute normally. - -**/ -EFI_STATUS -EFIAPI -EfiMain ( - IN EFI_PEI_FILE_HANDLE FileHandle, - IN CONST EFI_PEI_SERVICES **PeiServices - ) -{ - return _CModuleEntryPoint (FileHandle, PeiServices); -} diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.uni b/MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.uni deleted file mode 100644 index bae3abaeb2..0000000000 --- a/MdePkg/Library/DynamicStackCookieEntryPointLib/Peim/PeimEntryPoint.uni +++ /dev/null @@ -1,16 +0,0 @@ -// /** @file -// Module entry point library for PEIM. -// -// Module entry point library for PEIM. -// -// Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.
-// -// SPDX-License-Identifier: BSD-2-Clause-Patent -// -// **/ - - -#string STR_MODULE_ABSTRACT #language en-US "Module entry point library for PEIM" - -#string STR_MODULE_DESCRIPTION #language en-US "Module entry point library for PEIM." - diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeimEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/PeimEntryPoint.inf deleted file mode 100644 index b6b8f0a94f..0000000000 --- a/MdePkg/Library/DynamicStackCookieEntryPointLib/PeimEntryPoint.inf +++ /dev/null @@ -1,43 +0,0 @@ -## @file -# Module entry point library for PEIM that dynamically updates the stack cookie. -# -# Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.
-# -# SPDX-License-Identifier: BSD-2-Clause-Patent -# -# -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = PeimEntryPointDynamicInit - MODULE_UNI_FILE = Peim/PeimEntryPoint.uni - FILE_GUID = 0E53AFCB-7FDD-461E-B8CE-6DA9F3F9014C - MODULE_TYPE = PEIM - VERSION_STRING = 1.0 - LIBRARY_CLASS = PeimEntryPoint|PEIM - -# -# VALID_ARCHITECTURES = IA32 X64 AARCH64 -# - -[Sources] - Peim/PeimEntryPoint.c - -[Sources.IA32] - IA32/DynamicCookieGcc.nasm | GCC - IA32/DynamicCookieMsvc.nasm | MSFT - -[Sources.X64] - X64/DynamicCookieGcc.nasm | GCC - X64/DynamicCookieMsvc.nasm | MSFT - -[Sources.AARCH64] - AArch64/DynamicCookieGcc.S | GCC - -[Packages] - MdePkg/MdePkg.dec - -[LibraryClasses] - DebugLib - StackCheckLib diff --git a/MdePkg/Library/StackCheckLib/Readme.md b/MdePkg/Library/StackCheckLib/Readme.md index 2d9bb6fbda..fe16084bd3 100644 --- a/MdePkg/Library/StackCheckLib/Readme.md +++ b/MdePkg/Library/StackCheckLib/Readme.md @@ -195,17 +195,12 @@ This will cause `MdeLibs.dsc.inc` to not link `StackCheckLibNull` and instead li stack cookie updating versions of `DxeCoreEntryPoint`, `StandaloneMmDriverEntryPoint`, `UefiApplicationEntryPoint`, and `UefiDriverEntryPoint`. -Because edk2 does not implement exception handling for `SEC` and `PEI_CORE`, `MdeLibs.dsc.inc` -uses `StackCheckLibNull` for these phases always. As a result, dynamic stack cookies are also -not set for `PEI_CORE`. There is no standard `SEC` entrypoint, so it is not supported generically -to apply dynamic stack cookies there. If a platform wishes to use `StackCheckLib` and dynamic stack -cookies for these phases, it should override this in its DSC, e.g.: - -```inf -[LibraryClasses.common.SEC, LibraryClasses.common.PEI_CORE] - StackCheckLib|MdePkg/Library/StackCheckLib/StackCheckLib.inf - PeiCoreEntryPoint|MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCoreEntryPoint.inf -``` +Because edk2 does not implement exception handling for `SEC` and `PEI_CORE`, +`MdeLibs.dsc.inc` uses `StackCheckLibNull` for these phases always. If a +platform wishes to use `StackCheckLib` for these phases, it can enable static +stack cookie checking, as documented in the previous section. Due to the fact +that writable global variables are not supported in the `SEC` or `PEI` phases +of execution, dynamic stack cookie checking is not supported here. It is recommended that a platform only do this for debugging or if they have implemented exception handlers for these phases. diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc index 12a1b8f13c..84730b09d4 100644 --- a/MdePkg/MdePkg.dsc +++ b/MdePkg/MdePkg.dsc @@ -144,8 +144,6 @@ MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf MdePkg/Library/StackCheckLib/StackCheckLib.inf MdePkg/Library/DynamicStackCookieEntryPointLib/DxeCoreEntryPoint.inf - MdePkg/Library/DynamicStackCookieEntryPointLib/PeiCoreEntryPoint.inf - MdePkg/Library/DynamicStackCookieEntryPointLib/PeimEntryPoint.inf MdePkg/Library/DynamicStackCookieEntryPointLib/StandaloneMmDriverEntryPoint.inf MdePkg/Library/DynamicStackCookieEntryPointLib/UefiApplicationEntryPoint.inf MdePkg/Library/DynamicStackCookieEntryPointLib/UefiDriverEntryPoint.inf -- cgit