From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.115; helo=mga14.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 075952035D0FF for ; Tue, 31 Oct 2017 07:22:03 -0700 (PDT) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 Oct 2017 07:25:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.44,324,1505804400"; d="scan'208";a="170043564" Received: from jwang36-mobl2.ccr.corp.intel.com ([10.254.212.126]) by fmsmga006.fm.intel.com with ESMTP; 31 Oct 2017 07:25:54 -0700 From: Jian J Wang To: edk2-devel@lists.01.org Date: Tue, 31 Oct 2017 22:24:09 +0800 Message-Id: <20171031142412.21680-1-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 Subject: [PATCH 0/3] Implement stack guard feature X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Oct 2017 14:22:04 -0000 Stack guard feature makes use of paging mechanism to monitor if there's a stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added to enable/disable this feature. If this feature is enabled, DxeIpl will setup page tables and set page where the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page Fault exception will be triggered. In order to make sure exception handler works normally even when the stack is corrupted, stack switching is implemented for exception library. Due to the mechanism behind Stack Guard, this feature is only avaiable for UEFI drivers. That also means it doesn't support NT32 emulated platform. Validation works include: a. OVMF emulated platform: boot to shell (IA32/X64) b. Intel real platform: boot to shell (IA32/X64) Jian J Wang (3): MdeModulePkg/metafile: Add PCD PcdCpuStackGuard MdeModulePkg/DxeIpl: Enable paging for stack guard UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 + MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 35 +- MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- MdeModulePkg/MdeModulePkg.dec | 7 + MdeModulePkg/MdeModulePkg.uni | 7 + .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 22 ++ .../DxeCpuExceptionHandlerLib.inf | 5 + .../Library/CpuExceptionHandlerLib/DxeException.c | 19 + .../Ia32/ArchExceptionHandler.c | 135 +++++++ .../Ia32/ArchInterruptDefs.h | 136 +++++++ .../Ia32/ExceptionTssEntryAsm.nasm | 398 +++++++++++++++++++++ .../PeiCpuExceptionHandlerLib.inf | 1 + .../SecPeiCpuExceptionHandlerLib.inf | 3 + .../SmmCpuExceptionHandlerLib.inf | 1 + .../X64/ArchExceptionHandler.c | 108 ++++++ .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 40 +++ .../X64/ExceptionHandlerAsm.S | 12 + .../X64/ExceptionHandlerAsm.asm | 12 + .../X64/ExceptionHandlerAsm.nasm | 12 + 20 files changed, 989 insertions(+), 17 deletions(-) create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm -- 2.14.1.windows.1