MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- .../Include/Library/CpuExceptionHandlerLib.h | 18 + MdeModulePkg/MdeModulePkg.dec | 7 + MdeModulePkg/MdeModulePkg.uni | 7 + MdePkg/Include/Library/BaseLib.h | 115 ++++++ MdePkg/Library/BaseLib/BaseLib.inf | 3 + MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + UefiCpuPkg/CpuDxe/CpuMp.c | 168 +++++++++ UefiCpuPkg/CpuDxe/CpuMp.h | 12 + .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ .../DxeCpuExceptionHandlerLib.inf | 6 + .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- .../Ia32/ArchExceptionHandler.c | 167 +++++++++ .../Ia32/ArchInterruptDefs.h | 8 + .../Ia32/ExceptionTssEntryAsm.nasm | 398 +++++++++++++++++++++ .../PeiCpuExceptionHandlerLib.inf | 1 + .../SecPeiCpuExceptionHandlerLib.inf | 1 + .../SmmCpuExceptionHandlerLib.inf | 1 + .../X64/ArchExceptionHandler.c | 133 +++++++ .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + UefiCpuPkg/UefiCpuPkg.dec | 12 + 28 files changed, 1304 insertions(+), 16 deletions(-) create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
Stack guard feature makes use of paging mechanism to monitor if there's a stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added to enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and PcdCpuKnownGoodStackSize are introduced to configure the required exceptions and stack size. If this feature is enabled, DxeIpl will setup page tables and set page where the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page Fault exception will be triggered. In order to make sure exception handler works normally even when the stack is corrupted, stack switching is implemented in exception library. Due to the mechanism behind Stack Guard, this feature is only avaiable for UEFI drivers (memory avaiable). That also means it doesn't support NT32 emulated platform (paging not supported). Validation works include: a. OVMF emulated platform: boot to shell (IA32/X64) b. Intel real platform: boot to shell (IA32/X64) Jian J Wang (8): MdeModulePkg/metafile: Add PCD PcdCpuStackGuard MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API MdePkg/BaseLib: Add stack switch related definitions for IA32 MdeModulePkg/DxeIpl: Enable paging for Stack Guard UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support UefiCpuPkg/CpuDxe: Initialize stack switch for MP MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- .../Include/Library/CpuExceptionHandlerLib.h | 18 + MdeModulePkg/MdeModulePkg.dec | 7 + MdeModulePkg/MdeModulePkg.uni | 7 + MdePkg/Include/Library/BaseLib.h | 115 ++++++ MdePkg/Library/BaseLib/BaseLib.inf | 3 + MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + UefiCpuPkg/CpuDxe/CpuMp.c | 168 +++++++++ UefiCpuPkg/CpuDxe/CpuMp.h | 12 + .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ .../DxeCpuExceptionHandlerLib.inf | 6 + .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- .../Ia32/ArchExceptionHandler.c | 167 +++++++++ .../Ia32/ArchInterruptDefs.h | 8 + .../Ia32/ExceptionTssEntryAsm.nasm | 398 +++++++++++++++++++++ .../PeiCpuExceptionHandlerLib.inf | 1 + .../SecPeiCpuExceptionHandlerLib.inf | 1 + .../SmmCpuExceptionHandlerLib.inf | 1 + .../X64/ArchExceptionHandler.c | 133 +++++++ .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + UefiCpuPkg/UefiCpuPkg.dec | 12 + 28 files changed, 1304 insertions(+), 16 deletions(-) create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm -- 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
For test, can we test boot OS (windows/Linux) with PcdCpuStackGuard enabled? Thank you Yao Jiewen > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian J > Wang > Sent: Wednesday, November 22, 2017 4:46 PM > To: edk2-devel@lists.01.org > Subject: [edk2] [PATCH v2 0/8] Implement stack guard feature > > Stack guard feature makes use of paging mechanism to monitor if there's a > stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added to > enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and > PcdCpuKnownGoodStackSize are introduced to configure the required > exceptions > and stack size. > > If this feature is enabled, DxeIpl will setup page tables and set page where > the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page > Fault exception will be triggered. > > In order to make sure exception handler works normally even when the stack > is corrupted, stack switching is implemented in exception library. > > Due to the mechanism behind Stack Guard, this feature is only avaiable for > UEFI drivers (memory avaiable). That also means it doesn't support NT32 > emulated platform (paging not supported). > > Validation works include: > a. OVMF emulated platform: boot to shell (IA32/X64) > b. Intel real platform: boot to shell (IA32/X64) > > Jian J Wang (8): > MdeModulePkg/metafile: Add PCD PcdCpuStackGuard > MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API > MdePkg/BaseLib: Add stack switch related definitions for IA32 > MdeModulePkg/DxeIpl: Enable paging for Stack Guard > UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch > UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data > UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support > UefiCpuPkg/CpuDxe: Initialize stack switch for MP > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + > MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- > .../Include/Library/CpuExceptionHandlerLib.h | 18 + > MdeModulePkg/MdeModulePkg.dec | 7 + > MdeModulePkg/MdeModulePkg.uni | 7 + > MdePkg/Include/Library/BaseLib.h | 115 ++++++ > MdePkg/Library/BaseLib/BaseLib.inf | 3 + > MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ > MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ > UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + > UefiCpuPkg/CpuDxe/CpuMp.c | 168 +++++++++ > UefiCpuPkg/CpuDxe/CpuMp.h | 12 + > .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ > .../DxeCpuExceptionHandlerLib.inf | 6 + > .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- > .../Ia32/ArchExceptionHandler.c | 167 +++++++++ > .../Ia32/ArchInterruptDefs.h | 8 + > .../Ia32/ExceptionTssEntryAsm.nasm | 398 > +++++++++++++++++++++ > .../PeiCpuExceptionHandlerLib.inf | 1 + > .../SecPeiCpuExceptionHandlerLib.inf | 1 + > .../SmmCpuExceptionHandlerLib.inf | 1 + > .../X64/ArchExceptionHandler.c | 133 +++++++ > .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + > UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + > UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + > UefiCpuPkg/UefiCpuPkg.dec | 12 + > 28 files changed, 1304 insertions(+), 16 deletions(-) > create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm > create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm > create mode 100644 > UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm > > -- > 2.14.1.windows.1 > > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
I did test it with disabled. I'll try it enabled. Do you think this feature should be enabled by default or not, just like the PcdCpuSmmStackGuard? > -----Original Message----- > From: Yao, Jiewen > Sent: Thursday, November 23, 2017 11:48 AM > To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org > Subject: RE: [edk2] [PATCH v2 0/8] Implement stack guard feature > > For test, can we test boot OS (windows/Linux) with PcdCpuStackGuard enabled? > > Thank you > Yao Jiewen > > > -----Original Message----- > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian > J > > Wang > > Sent: Wednesday, November 22, 2017 4:46 PM > > To: edk2-devel@lists.01.org > > Subject: [edk2] [PATCH v2 0/8] Implement stack guard feature > > > > Stack guard feature makes use of paging mechanism to monitor if there's a > > stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added > to > > enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and > > PcdCpuKnownGoodStackSize are introduced to configure the required > > exceptions > > and stack size. > > > > If this feature is enabled, DxeIpl will setup page tables and set page where > > the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page > > Fault exception will be triggered. > > > > In order to make sure exception handler works normally even when the stack > > is corrupted, stack switching is implemented in exception library. > > > > Due to the mechanism behind Stack Guard, this feature is only avaiable for > > UEFI drivers (memory avaiable). That also means it doesn't support NT32 > > emulated platform (paging not supported). > > > > Validation works include: > > a. OVMF emulated platform: boot to shell (IA32/X64) > > b. Intel real platform: boot to shell (IA32/X64) > > > > Jian J Wang (8): > > MdeModulePkg/metafile: Add PCD PcdCpuStackGuard > > MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API > > MdePkg/BaseLib: Add stack switch related definitions for IA32 > > MdeModulePkg/DxeIpl: Enable paging for Stack Guard > > UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch > > UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data > > UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support > > UefiCpuPkg/CpuDxe: Initialize stack switch for MP > > > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- > > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + > > MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + > > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- > > .../Include/Library/CpuExceptionHandlerLib.h | 18 + > > MdeModulePkg/MdeModulePkg.dec | 7 + > > MdeModulePkg/MdeModulePkg.uni | 7 + > > MdePkg/Include/Library/BaseLib.h | 115 ++++++ > > MdePkg/Library/BaseLib/BaseLib.inf | 3 + > > MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ > > MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ > > UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + > > UefiCpuPkg/CpuDxe/CpuMp.c | 168 +++++++++ > > UefiCpuPkg/CpuDxe/CpuMp.h | 12 + > > .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ > > .../DxeCpuExceptionHandlerLib.inf | 6 + > > .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- > > .../Ia32/ArchExceptionHandler.c | 167 +++++++++ > > .../Ia32/ArchInterruptDefs.h | 8 + > > .../Ia32/ExceptionTssEntryAsm.nasm | 398 > > +++++++++++++++++++++ > > .../PeiCpuExceptionHandlerLib.inf | 1 + > > .../SecPeiCpuExceptionHandlerLib.inf | 1 + > > .../SmmCpuExceptionHandlerLib.inf | 1 + > > .../X64/ArchExceptionHandler.c | 133 +++++++ > > .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + > > UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + > > UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + > > UefiCpuPkg/UefiCpuPkg.dec | 12 + > > 28 files changed, 1304 insertions(+), 16 deletions(-) > > create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm > > create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm > > create mode 100644 > > > UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm > > > > -- > > 2.14.1.windows.1 > > > > _______________________________________________ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
If we do not see any compatibility problem with Linux or Windows, we can enable it by default. Or we have to disable it by default. It is always good to have a try. Let's see. Thank you Yao Jiewen > -----Original Message----- > From: Wang, Jian J > Sent: Thursday, November 23, 2017 1:09 PM > To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org > Subject: RE: [edk2] [PATCH v2 0/8] Implement stack guard feature > > I did test it with disabled. I'll try it enabled. Do you think this feature should be > enabled > by default or not, just like the PcdCpuSmmStackGuard? > > > -----Original Message----- > > From: Yao, Jiewen > > Sent: Thursday, November 23, 2017 11:48 AM > > To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org > > Subject: RE: [edk2] [PATCH v2 0/8] Implement stack guard feature > > > > For test, can we test boot OS (windows/Linux) with PcdCpuStackGuard > enabled? > > > > Thank you > > Yao Jiewen > > > > > -----Original Message----- > > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > Jian > > J > > > Wang > > > Sent: Wednesday, November 22, 2017 4:46 PM > > > To: edk2-devel@lists.01.org > > > Subject: [edk2] [PATCH v2 0/8] Implement stack guard feature > > > > > > Stack guard feature makes use of paging mechanism to monitor if there's a > > > stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added > > to > > > enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and > > > PcdCpuKnownGoodStackSize are introduced to configure the required > > > exceptions > > > and stack size. > > > > > > If this feature is enabled, DxeIpl will setup page tables and set page where > > > the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page > > > Fault exception will be triggered. > > > > > > In order to make sure exception handler works normally even when the stack > > > is corrupted, stack switching is implemented in exception library. > > > > > > Due to the mechanism behind Stack Guard, this feature is only avaiable for > > > UEFI drivers (memory avaiable). That also means it doesn't support NT32 > > > emulated platform (paging not supported). > > > > > > Validation works include: > > > a. OVMF emulated platform: boot to shell (IA32/X64) > > > b. Intel real platform: boot to shell (IA32/X64) > > > > > > Jian J Wang (8): > > > MdeModulePkg/metafile: Add PCD PcdCpuStackGuard > > > MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API > > > MdePkg/BaseLib: Add stack switch related definitions for IA32 > > > MdeModulePkg/DxeIpl: Enable paging for Stack Guard > > > UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch > > > UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data > > > UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support > > > UefiCpuPkg/CpuDxe: Initialize stack switch for MP > > > > > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- > > > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + > > > MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + > > > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- > > > .../Include/Library/CpuExceptionHandlerLib.h | 18 + > > > MdeModulePkg/MdeModulePkg.dec | 7 + > > > MdeModulePkg/MdeModulePkg.uni | 7 + > > > MdePkg/Include/Library/BaseLib.h | 115 ++++++ > > > MdePkg/Library/BaseLib/BaseLib.inf | 3 + > > > MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ > > > MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ > > > UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + > > > UefiCpuPkg/CpuDxe/CpuMp.c | 168 > +++++++++ > > > UefiCpuPkg/CpuDxe/CpuMp.h | 12 + > > > .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ > > > .../DxeCpuExceptionHandlerLib.inf | 6 + > > > .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- > > > .../Ia32/ArchExceptionHandler.c | 167 +++++++++ > > > .../Ia32/ArchInterruptDefs.h | 8 + > > > .../Ia32/ExceptionTssEntryAsm.nasm | 398 > > > +++++++++++++++++++++ > > > .../PeiCpuExceptionHandlerLib.inf | 1 + > > > .../SecPeiCpuExceptionHandlerLib.inf | 1 + > > > .../SmmCpuExceptionHandlerLib.inf | 1 + > > > .../X64/ArchExceptionHandler.c | 133 +++++++ > > > .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + > > > UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + > > > UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + > > > UefiCpuPkg/UefiCpuPkg.dec | 12 + > > > 28 files changed, 1304 insertions(+), 16 deletions(-) > > > create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm > > > create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm > > > create mode 100644 > > > > > > UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm > > > > > > -- > > > 2.14.1.windows.1 > > > > > > _______________________________________________ > > > edk2-devel mailing list > > > edk2-devel@lists.01.org > > > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Jian, I reviewed your patches and sent my minimal comments in other separate mail. They should not impact the functionality. I am ok if you push the v2 patches now and do the updating based on my comments in separate patches later. Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com> Thanks! Jeff > > > -----Original Message----- > > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > Jian > > J > > > Wang > > > Sent: Wednesday, November 22, 2017 4:46 PM > > > To: edk2-devel@lists.01.org > > > Subject: [edk2] [PATCH v2 0/8] Implement stack guard feature > > > > > > Stack guard feature makes use of paging mechanism to monitor if there's a > > > stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added > > to > > > enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and > > > PcdCpuKnownGoodStackSize are introduced to configure the required > > > exceptions > > > and stack size. > > > > > > If this feature is enabled, DxeIpl will setup page tables and set page where > > > the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page > > > Fault exception will be triggered. > > > > > > In order to make sure exception handler works normally even when the stack > > > is corrupted, stack switching is implemented in exception library. > > > > > > Due to the mechanism behind Stack Guard, this feature is only avaiable for > > > UEFI drivers (memory avaiable). That also means it doesn't support NT32 > > > emulated platform (paging not supported). > > > > > > Validation works include: > > > a. OVMF emulated platform: boot to shell (IA32/X64) > > > b. Intel real platform: boot to shell (IA32/X64) > > > > > > Jian J Wang (8): > > > MdeModulePkg/metafile: Add PCD PcdCpuStackGuard > > > MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API > > > MdePkg/BaseLib: Add stack switch related definitions for IA32 > > > MdeModulePkg/DxeIpl: Enable paging for Stack Guard > > > UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch > > > UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data > > > UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support > > > UefiCpuPkg/CpuDxe: Initialize stack switch for MP > > > > > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- > > > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + > > > MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + > > > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- > > > .../Include/Library/CpuExceptionHandlerLib.h | 18 + > > > MdeModulePkg/MdeModulePkg.dec | 7 + > > > MdeModulePkg/MdeModulePkg.uni | 7 + > > > MdePkg/Include/Library/BaseLib.h | 115 ++++++ > > > MdePkg/Library/BaseLib/BaseLib.inf | 3 + > > > MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ > > > MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ > > > UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + > > > UefiCpuPkg/CpuDxe/CpuMp.c | 168 > +++++++++ > > > UefiCpuPkg/CpuDxe/CpuMp.h | 12 + > > > .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ > > > .../DxeCpuExceptionHandlerLib.inf | 6 + > > > .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- > > > .../Ia32/ArchExceptionHandler.c | 167 +++++++++ > > > .../Ia32/ArchInterruptDefs.h | 8 + > > > .../Ia32/ExceptionTssEntryAsm.nasm | 398 > > > +++++++++++++++++++++ > > > .../PeiCpuExceptionHandlerLib.inf | 1 + > > > .../SecPeiCpuExceptionHandlerLib.inf | 1 + > > > .../SmmCpuExceptionHandlerLib.inf | 1 + > > > .../X64/ArchExceptionHandler.c | 133 +++++++ > > > .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + > > > UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + > > > UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + > > > UefiCpuPkg/UefiCpuPkg.dec | 12 + > > > 28 files changed, 1304 insertions(+), 16 deletions(-) > > > create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm > > > create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm > > > create mode 100644 > > > > > > UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm > > > > > > -- > > > 2.14.1.windows.1 > > > > > > _______________________________________________ > > > edk2-devel mailing list > > > edk2-devel@lists.01.org > > > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
I do not think it is a good idea to push it now. I think we need more thought on API design especially for pei/smm in the future. (My comment for 1.2/1.3/1.4) thank you! Yao, Jiewen > 在 2017年11月25日,下午9:44,Fan Jeff <vanjeff_919@hotmail.com> 写道: > > Jian, > > I reviewed your patches and sent my minimal comments in other separate mail. They should not impact the functionality. > > I am ok if you push the v2 patches now and do the updating based on my comments in separate patches later. > > Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com> > > Thanks! > Jeff > >>>> -----Original Message----- >>>> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of >> Jian >>> J >>>> Wang >>>> Sent: Wednesday, November 22, 2017 4:46 PM >>>> To: edk2-devel@lists.01.org >>>> Subject: [edk2] [PATCH v2 0/8] Implement stack guard feature >>>> >>>> Stack guard feature makes use of paging mechanism to monitor if there's a >>>> stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added >>> to >>>> enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and >>>> PcdCpuKnownGoodStackSize are introduced to configure the required >>>> exceptions >>>> and stack size. >>>> >>>> If this feature is enabled, DxeIpl will setup page tables and set page where >>>> the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page >>>> Fault exception will be triggered. >>>> >>>> In order to make sure exception handler works normally even when the stack >>>> is corrupted, stack switching is implemented in exception library. >>>> >>>> Due to the mechanism behind Stack Guard, this feature is only avaiable for >>>> UEFI drivers (memory avaiable). That also means it doesn't support NT32 >>>> emulated platform (paging not supported). >>>> >>>> Validation works include: >>>> a. OVMF emulated platform: boot to shell (IA32/X64) >>>> b. Intel real platform: boot to shell (IA32/X64) >>>> >>>> Jian J Wang (8): >>>> MdeModulePkg/metafile: Add PCD PcdCpuStackGuard >>>> MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API >>>> MdePkg/BaseLib: Add stack switch related definitions for IA32 >>>> MdeModulePkg/DxeIpl: Enable paging for Stack Guard >>>> UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch >>>> UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data >>>> UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support >>>> UefiCpuPkg/CpuDxe: Initialize stack switch for MP >>>> >>>> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- >>>> MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + >>>> MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + >>>> MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- >>>> .../Include/Library/CpuExceptionHandlerLib.h | 18 + >>>> MdeModulePkg/MdeModulePkg.dec | 7 + >>>> MdeModulePkg/MdeModulePkg.uni | 7 + >>>> MdePkg/Include/Library/BaseLib.h | 115 ++++++ >>>> MdePkg/Library/BaseLib/BaseLib.inf | 3 + >>>> MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ >>>> MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ >>>> UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + >>>> UefiCpuPkg/CpuDxe/CpuMp.c | 168 >> +++++++++ >>>> UefiCpuPkg/CpuDxe/CpuMp.h | 12 + >>>> .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ >>>> .../DxeCpuExceptionHandlerLib.inf | 6 + >>>> .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- >>>> .../Ia32/ArchExceptionHandler.c | 167 +++++++++ >>>> .../Ia32/ArchInterruptDefs.h | 8 + >>>> .../Ia32/ExceptionTssEntryAsm.nasm | 398 >>>> +++++++++++++++++++++ >>>> .../PeiCpuExceptionHandlerLib.inf | 1 + >>>> .../SecPeiCpuExceptionHandlerLib.inf | 1 + >>>> .../SmmCpuExceptionHandlerLib.inf | 1 + >>>> .../X64/ArchExceptionHandler.c | 133 +++++++ >>>> .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + >>>> UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + >>>> UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + >>>> UefiCpuPkg/UefiCpuPkg.dec | 12 + >>>> 28 files changed, 1304 insertions(+), 16 deletions(-) >>>> create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm >>>> create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm >>>> create mode 100644 >>>> >>> >> UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm >>>> >>>> -- >>>> 2.14.1.windows.1 >>>> >>>> _______________________________________________ >>>> edk2-devel mailing list >>>> edk2-devel@lists.01.org >>>> https://lists.01.org/mailman/listinfo/edk2-devel > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel > > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2024 Red Hat, Inc.