From: Jian J Wang <jian.j.wang@intel.com>
To: edk2-devel@lists.01.org
Subject: [PATCH v2 0/8] Implement stack guard feature
Date: Wed, 22 Nov 2017 16:45:40 +0800 [thread overview]
Message-ID: <20171122084548.6564-1-jian.j.wang@intel.com> (raw)
Stack guard feature makes use of paging mechanism to monitor if there's a
stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added to
enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and
PcdCpuKnownGoodStackSize are introduced to configure the required exceptions
and stack size.
If this feature is enabled, DxeIpl will setup page tables and set page where
the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page
Fault exception will be triggered.
In order to make sure exception handler works normally even when the stack
is corrupted, stack switching is implemented in exception library.
Due to the mechanism behind Stack Guard, this feature is only avaiable for
UEFI drivers (memory avaiable). That also means it doesn't support NT32
emulated platform (paging not supported).
Validation works include:
a. OVMF emulated platform: boot to shell (IA32/X64)
b. Intel real platform: boot to shell (IA32/X64)
Jian J Wang (8):
MdeModulePkg/metafile: Add PCD PcdCpuStackGuard
MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API
MdePkg/BaseLib: Add stack switch related definitions for IA32
MdeModulePkg/DxeIpl: Enable paging for Stack Guard
UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch
UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data
UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support
UefiCpuPkg/CpuDxe: Initialize stack switch for MP
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +-
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 +
MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 +
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++-
.../Include/Library/CpuExceptionHandlerLib.h | 18 +
MdeModulePkg/MdeModulePkg.dec | 7 +
MdeModulePkg/MdeModulePkg.uni | 7 +
MdePkg/Include/Library/BaseLib.h | 115 ++++++
MdePkg/Library/BaseLib/BaseLib.inf | 3 +
MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++
MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++
UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 +
UefiCpuPkg/CpuDxe/CpuMp.c | 168 +++++++++
UefiCpuPkg/CpuDxe/CpuMp.h | 12 +
.../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++
.../DxeCpuExceptionHandlerLib.inf | 6 +
.../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++-
.../Ia32/ArchExceptionHandler.c | 167 +++++++++
.../Ia32/ArchInterruptDefs.h | 8 +
.../Ia32/ExceptionTssEntryAsm.nasm | 398 +++++++++++++++++++++
.../PeiCpuExceptionHandlerLib.inf | 1 +
.../SecPeiCpuExceptionHandlerLib.inf | 1 +
.../SmmCpuExceptionHandlerLib.inf | 1 +
.../X64/ArchExceptionHandler.c | 133 +++++++
.../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 +
UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 +
UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 +
UefiCpuPkg/UefiCpuPkg.dec | 12 +
28 files changed, 1304 insertions(+), 16 deletions(-)
create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm
create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm
create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm
--
2.14.1.windows.1
next reply other threads:[~2017-11-22 8:41 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-22 8:45 Jian J Wang [this message]
2017-11-22 8:45 ` [PATCH v2 1/8] MdeModulePkg/metafile: Add PCD PcdCpuStackGuard Jian J Wang
2017-11-22 8:45 ` [PATCH v2 2/8] MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API Jian J Wang
2017-11-23 4:07 ` Yao, Jiewen
2017-11-23 5:06 ` Wang, Jian J
2017-11-25 13:17 ` 答复: " Fan Jeff
2017-11-27 2:20 ` Wang, Jian J
2017-11-22 8:45 ` [PATCH v2 3/8] MdePkg/BaseLib: Add stack switch related definitions for IA32 Jian J Wang
2017-11-22 8:45 ` [PATCH v2 4/8] MdeModulePkg/DxeIpl: Enable paging for Stack Guard Jian J Wang
2017-11-22 8:45 ` [PATCH v2 5/8] UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch Jian J Wang
2017-11-22 8:45 ` [PATCH v2 6/8] UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data Jian J Wang
2017-11-22 8:45 ` [PATCH v2 7/8] UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support Jian J Wang
2017-11-23 5:50 ` Yao, Jiewen
2017-11-23 5:59 ` Yao, Jiewen
2017-11-23 6:09 ` Wang, Jian J
2017-11-23 6:25 ` Yao, Jiewen
2017-11-23 7:54 ` Wang, Jian J
2017-11-23 6:05 ` Wang, Jian J
2017-11-23 6:16 ` Yao, Jiewen
2017-11-23 6:43 ` Wang, Jian J
2017-11-25 13:27 ` 答复: " Fan Jeff
2017-11-27 2:21 ` Wang, Jian J
2017-11-28 1:38 ` Wang, Jian J
2017-11-28 2:06 ` Yao, Jiewen
2017-11-25 13:35 ` 答复: " Fan Jeff
2017-11-22 8:45 ` [PATCH v2 8/8] UefiCpuPkg/CpuDxe: Initialize stack switch for MP Jian J Wang
2017-11-23 4:13 ` Yao, Jiewen
2017-11-23 5:03 ` Wang, Jian J
2017-11-23 5:19 ` Wang, Jian J
2017-11-23 5:39 ` Yao, Jiewen
2017-11-23 3:47 ` [PATCH v2 0/8] Implement stack guard feature Yao, Jiewen
2017-11-23 5:09 ` Wang, Jian J
2017-11-23 5:40 ` Yao, Jiewen
2017-11-25 13:44 ` 答复: " Fan Jeff
2017-11-25 13:55 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171122084548.6564-1-jian.j.wang@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox