Stack guard feature makes use of paging mechanism to monitor if there's a stack overflow occurred during boot. A new PCD PcdCpuStackGuard is added to enable/disable this feature. PCD PcdCpuStackSwitchExceptionList and PcdCpuKnownGoodStackSize are introduced to configure the required exceptions and stack size.
If this feature is enabled, DxeIpl will setup page tables and set page where the stack bottom is at to be NON-PRESENT. If stack overflow occurs, Page Fault exception will be triggered. In order to make sure exception handler works normally even when the stack is corrupted, stack switching is implemented in exception library. Due to the mechanism behind Stack Guard, this feature is only avaiable for UEFI drivers (memory avaiable). That also means it doesn't support NT32 emulated platform (paging not supported). Validation works include: a. OVMF emulated platform: boot to shell (IA32/X64) b. Intel real platform: boot to shell (IA32/X64) Jian J Wang (8): MdeModulePkg/metafile: Add PCD PcdCpuStackGuard MdeModulePkg/CpuExceptionHandlerLib.h: Add a new API MdePkg/BaseLib: Add stack switch related definitions for IA32 MdeModulePkg/DxeIpl: Enable paging for Stack Guard UefiCpuPkg/UefiCpuPkg.dec: Add two new PCDs for stack switch UefiCpuPkg/MpLib: Add GDTR, IDTR and TR in saved AP data UefiCpuPkg/CpuExceptionHandlerLib: Add stack switch support UefiCpuPkg/CpuDxe: Initialize stack switch for MP MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +- MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 4 + MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 1 + MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 51 ++- .../Include/Library/CpuExceptionHandlerLib.h | 18 + MdeModulePkg/MdeModulePkg.dec | 7 + MdeModulePkg/MdeModulePkg.uni | 7 + MdePkg/Include/Library/BaseLib.h | 115 ++++++ MdePkg/Library/BaseLib/BaseLib.inf | 3 + MdePkg/Library/BaseLib/Ia32/WriteTr.nasm | 36 ++ MdePkg/Library/BaseLib/X64/WriteTr.nasm | 37 ++ UefiCpuPkg/CpuDxe/CpuDxe.inf | 3 + UefiCpuPkg/CpuDxe/CpuMp.c | 168 +++++++++ UefiCpuPkg/CpuDxe/CpuMp.h | 12 + .../CpuExceptionHandlerLib/CpuExceptionCommon.h | 50 +++ .../DxeCpuExceptionHandlerLib.inf | 6 + .../Library/CpuExceptionHandlerLib/DxeException.c | 53 ++- .../Ia32/ArchExceptionHandler.c | 167 +++++++++ .../Ia32/ArchInterruptDefs.h | 8 + .../Ia32/ExceptionTssEntryAsm.nasm | 398 +++++++++++++++++++++ .../PeiCpuExceptionHandlerLib.inf | 1 + .../SecPeiCpuExceptionHandlerLib.inf | 1 + .../SmmCpuExceptionHandlerLib.inf | 1 + .../X64/ArchExceptionHandler.c | 133 +++++++ .../CpuExceptionHandlerLib/X64/ArchInterruptDefs.h | 3 + UefiCpuPkg/Library/MpInitLib/MpLib.c | 17 + UefiCpuPkg/Library/MpInitLib/MpLib.h | 3 + UefiCpuPkg/UefiCpuPkg.dec | 12 + 28 files changed, 1304 insertions(+), 16 deletions(-) create mode 100644 MdePkg/Library/BaseLib/Ia32/WriteTr.nasm create mode 100644 MdePkg/Library/BaseLib/X64/WriteTr.nasm create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ExceptionTssEntryAsm.nasm -- 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
