GetSize routines should return zero size when checking Token existence
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Reviewed-by: Vitaly Cheptsov <vit9696@protonmail.com>
SEC, PEI_CORE and PEIM type modules generally execute in place from
memory that is not writable. This means that it is not generally
possible to use an entrypoint implementation that stores a dynamically
generated stack cookie into a global variable. For PEIMs in particular,
there may be other options, such as a DEPEX on the permanent memory PPI,
but the current dynamic implementations of the stack checking library
entrypoints for PEI_CORE and PEIM modules must not be used as-is.
So remove them, and update the readme accordingly.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Remove some source files that were part of an earlier incarnation of
DynamicStackCookieEntryPointLib but are no longer actually in use.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Adds dynamic stack cookies in the form of copies of the entry
point libraries that use shared logic to update stack cookies
at runtime.
This relies on RDRAND on IA32/X64 and RNDR on AARCH64 to get a
random number to apply to the stack cookie on module entry point.
This simplifies the logic a platform must do to include stack
check functionality.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
This commit oves StackCheckLib from a NULL lib to an instance of
StackCheckLib. This requires every entry point to add a library
dependency on StackCheckLib. It also requires every SEC module
to have a dependency on StackCheckLib because there is no
standard SEC entry point.
It allows for greater flexibility for a platform to apply stack
cookies and simplifies DSC logic.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
Moves StandaloneMmCoreEntryPoint for X64 to MdePkg to live with
the other entry point libs. It does not move the ARM64 version,
as this was just moved to ArmPkg due to its heavy coupling with
ArmPkg code. This will need to be revisited when dynamic stack
cookie support is added to ARM64 StMM.
This commit just adds the library in MdePkg, a separate commit
will remove it from StandaloneMmPkg to make it easier to consume.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
StackCheckLib defines the interface between a compiler
and the stack checking code. It is being converted from
a NULL library class to an actual library class to make
it easier to use for a platform and be easier to define
the expected interface with a compiler, so if there is
a compiler change it can be tracked and caught.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
RNDR is a standard register defined in the ARM ARM for
AARCH64. Move the definition from BaseRngLib to AArch64.h.
Furthermore, move the inclusion of this register definition
to the ARM specific header file.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
REF:https://github.com/tianocore/edk2/issues/10529
Adds a new PEI library instance for RngLib that uses the RNG services
provided by the RNG PPI.
This library instance will add a DEPEX on gEfiRngPpiGuid on modules
it links against. It can be used to allow PEIMs to get RNG support
over a dynamic interface.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
gcc 15 switched to use the new ISO C23 standard by default.
'bool', 'true' and 'false' are keywords in C23, so do not
try to define them.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
PeCoffLoaderRelocateImageForRuntime() executes after boot services, and
so it should not use DEBUG() prints at all, given that these may rely on
MMIO mappings or other boot time facilities that are no longer
available.
So revert the changes in aedcaa3df8a2 ("MdePkg: Fix overflow issue in
PeCoffLoaderRelocateImageForRuntime") that replaced code comments with
DBEUG() statements.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
RelocDir->Size is a UINT32 value, and RelocDir->VirtualAddress is
also a UINT32 value. The current code in
PeCoffLoaderRelocateImageForRuntime does not check for overflow when
adding RelocDir->Size to RelocDir->VirtualAddress. This patch uses
SafeIntLib to ensure that the addition does not overflow.
Signed-off-by: Sachin Ganesh <sachinganesh@ami.com>
