REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1521
V2: Fix emulation platform issue. The NT32 platform cannot access CR4 register. So we add a global PCD to choose disable CR4 access in SetJump/LongJump. gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask ===================== This patch series implement add CET ShadowStack support for SMM. The CET document can be found at: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf Patch 1 adds SSP (ShadowStackPointer) to JUMP_BUFFER. Patch 2 adds Control Protection exception (CP#) dump info. Patch 3 adds CET ShadowStack support in SMM. For more detail please refer to each patch. I also post all update to https://github.com/jyao1/edk2/tree/CET_V2 Cc: Michael D Kinney <michael.d.kin...@intel.com> Cc: Liming Gao <liming....@intel.com> Cc: Eric Dong <eric.d...@intel.com> Cc: Ray Ni <ray...@intel.com> Cc: Laszlo Ersek <ler...@redhat.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Yao Jiewen <jiewen....@intel.com> Jiewen Yao (3): MdePkg/BaseLib: Add Shadow Stack Support for X86. UefiCpuPkg/ExceptionLib: Add CET support. UefiCpuPkg/PiSmmCpu: Add Shadow Stack Support for X86 SMM. MdePkg/Include/Library/BaseLib.h | 2 + MdePkg/Library/BaseLib/BaseLib.inf | 3 +- MdePkg/Library/BaseLib/Ia32/LongJump.c | 28 ++++- MdePkg/Library/BaseLib/Ia32/LongJump.nasm | 23 +++- MdePkg/Library/BaseLib/Ia32/SetJump.c | 28 ++++- MdePkg/Library/BaseLib/Ia32/SetJump.nasm | 21 +++- MdePkg/Library/BaseLib/X64/LongJump.nasm | 25 +++- MdePkg/Library/BaseLib/X64/SetJump.nasm | 21 +++- MdePkg/MdePkg.dec | 7 ++ .../Include/Library/SmmCpuFeaturesLib.h | 23 +++- .../CpuExceptionCommon.c | 7 +- .../CpuExceptionCommon.h | 3 +- .../Ia32/ArchExceptionHandler.c | 5 +- .../X64/ArchExceptionHandler.c | 5 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm | 37 ++++++ UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 38 +++++- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmiEntry.nasm | 98 ++++++++++++++- .../PiSmmCpuDxeSmm/Ia32/SmiException.nasm | 6 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c | 57 ++++++++- UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 12 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 97 ++++++++++++-- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 103 ++++++++++++++- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 6 +- .../PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 85 ++++++++++++- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 18 ++- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h | 4 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmramSaveState.c | 4 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm | 38 ++++++ UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 39 +++++- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmiEntry.nasm | 119 +++++++++++++++++- UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 58 ++++++++- UefiCpuPkg/UefiCpuPkg.dec | 6 +- 32 files changed, 964 insertions(+), 62 deletions(-) create mode 100644 UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/Cet.nasm create mode 100644 UefiCpuPkg/PiSmmCpuDxeSmm/X64/Cet.nasm -- 2.19.2.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
