From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2EF8E2035689B for ; Wed, 22 Nov 2017 00:41:39 -0800 (PST) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Nov 2017 00:45:55 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.44,436,1505804400"; d="scan'208";a="176479112" Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.71]) by orsmga005.jf.intel.com with ESMTP; 22 Nov 2017 00:45:53 -0800 From: Jian J Wang To: edk2-devel@lists.01.org Cc: Star Zeng , Eric Dong Date: Wed, 22 Nov 2017 16:45:41 +0800 Message-Id: <20171122084548.6564-2-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 In-Reply-To: <20171122084548.6564-1-jian.j.wang@intel.com> References: <20171122084548.6564-1-jian.j.wang@intel.com> Subject: [PATCH v2 1/8] MdeModulePkg/metafile: Add PCD PcdCpuStackGuard X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Nov 2017 08:41:39 -0000 PcdCpuStackGuard is introduced to enable/disable Stack Guard feature. Its value is FALSE by default. Cc: Star Zeng Cc: Eric Dong Suggested-by: Ayellet Wolman Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang --- MdeModulePkg/MdeModulePkg.dec | 7 +++++++ MdeModulePkg/MdeModulePkg.uni | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 856d67aceb..b3831a21ad 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -949,6 +949,13 @@ # @Prompt The Heap Guard feature mask gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask|0x0|UINT8|0x30001054 + ## Indicates if UEFI Stack Guard will be enabled. + # If enabled, stack overflow in UEFI can be caught, preventing chaotic consequences.

+ # TRUE - UEFI Stack Guard will be enabled.
+ # FALSE - UEFI Stack Guard will be disabled.
+ # @Prompt Enable UEFI Stack Guard. + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|FALSE|BOOLEAN|0x30001055 + [PcdsFixedAtBuild, PcdsPatchableInModule] ## Dynamic type PCD can be registered callback function for Pcd setting action. # PcdMaxPeiPcdCallBackNumberPerPcdEntry indicates the maximum number of callback function diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index 588905a9a1..43dd5103be 100644 --- a/MdeModulePkg/MdeModulePkg.uni +++ b/MdeModulePkg/MdeModulePkg.uni @@ -1204,3 +1204,10 @@ " 0 - The returned pool is adjacent to the bottom guard page.
\n" " 1 - The returned pool is adjacent to the top guard page.
" +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_PROMPT #language en-US "Enable UEFI Stack Guard" + +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_HELP #language en-US "Indicates if UEFI Stack Guard will be enabled.\n" + " If enabled, stack overflow in UEFI can be caught, preventing chaotic consequences.

\n" + " TRUE - UEFI Stack Guard will be enabled.
\n" + " FALSE - UEFI Stack Guard will be disabled.
" + -- 2.14.1.windows.1