[REBASE & FF] Bring Stack Cookies to CLANGPDB#1723
Open
os-d wants to merge 9 commits intomicrosoft:release/202511from
Open
[REBASE & FF] Bring Stack Cookies to CLANGPDB#1723os-d wants to merge 9 commits intomicrosoft:release/202511from
os-d wants to merge 9 commits intomicrosoft:release/202511from
Conversation
This adds a comprehensivce theory of operations for the stack cookie feature. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
…tion Currently, StackCheckLib prints the stack check violation address via DebugLib and then fires a contextless exception for the default exception handlers to handle. However, this has two flaws: - When porting to CLANGPDB, we have to remove all dependencies from StackCheckLib or linking will fail because of the timing CLANGPDB attempts to do it, not all symbols in DebugLib/BaseLib are available due to LTO. We therefore cannot have library dependencies in StackCheckLib. This commit sets up removing DebugLib. - The default exception handlers print that an unknown exception occurred when in fact we know exactly what exception occurred. To fix this, StackCheckLib will now pass through the stack check violation address across the exception to be handled by the exception handlers gracefully (in a subsequent commit). One other outcome of this is that we don't need a PCD for which exception vector we are going to use. We'll claim 0x42, which has been the default PCD value. This allows both the exception handlers and any platform interrupt handlers to use a well known exception vector. X64 and IA32 can no longer share the same interrupt file because IA32 passes args on the stack and X64 passes the first arg in RCX. As such, they are split apart. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Now that StackCheckLib passes the context of what address caused the violation and has a well known exception vector, handle this gracefully and print out useful information. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Now that StackCheckLib passes the context of what address caused the violation and has a well known exception vector, handle this gracefully and print out useful information. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Now we that have a path to report the stack check violation address, remove DebugLib references in StackCheckLib. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Stack cookies are not supported on MSVC AArch64 and are not planned to be. This commit drops a file that was left in the tree when support was dropped. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
This enables stack cookie checking for IA32, X64, and AARCH64 CLANGPDB (the only supported archs). Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Update the StackCheckLib Theory of Operations to account for recent changes. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
This adds a GoogleTest for StackCheckLib. Currently, the only easily testable environment is GCC on Linux, because it has stack cookies enabled and produces binaries that can run on Linux. edk2 does not link a C runtime on Linux that provides stack cookie functionality, so we can test our own. edk2 on Windows does link a C runtime that provides stack cookie checking and cannot be removed without dropping the entire CRT. Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## release/202511 #1723 +/- ##
=================================================
Coverage ? 1.59%
=================================================
Files ? 1004
Lines ? 338364
Branches ? 0
=================================================
Hits ? 5411
Misses ? 332953
Partials ? 0
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This is a cherry-pick of tianocore/edk2#12182. It is being brought into Mu in parallel per request to unblock platforms desiring this feature. Note that the edk2 review process may bring additional changes to how this is structured, which may be breaking changes to consumers.
How This Was Tested
Tested on physical and virtual HW for AARCH64 CLANGPDB and virtual only for X64 CLANGPDB.
Integration Instructions
Follow the README instructions.