mirror of https://github.com/acidanthera/audk.git
02f7fd158e
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1093 Return Stack Buffer (RSB) is used to predict the target of RET instructions. When the RSB underflows, some processors may fall back to using branch predictors. This might impact software using the retpoline mitigation strategy on those processors. This commit will add RSB stuffing logic before returning from SMM (the RSM instruction) to avoid interfering with non-SMM usage of the retpoline technique. After the stuffing, RSB entries will contain a trap like: @SpecTrap: pause lfence jmp @SpecTrap A more detailed explanation of the purpose of commit is under the 'Branch target injection mitigation' section of the below link: https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation Please note that this commit requires further actions (BZ 1091) to remove the duplicated 'StuffRsb.inc' files and merge them into one under a UefiCpuPkg package-level directory (such as UefiCpuPkg/Include/). REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1091 Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Eric Dong <eric.dong@intel.com> |
||
|---|---|---|
| AppPkg | ||
| ArmPkg | ||
| ArmPlatformPkg | ||
| ArmVirtPkg | ||
| BaseTools | ||
| BeagleBoardPkg | ||
| Conf | ||
| CorebootModulePkg | ||
| CorebootPayloadPkg | ||
| CryptoPkg | ||
| DuetPkg | ||
| EdkCompatibilityPkg | ||
| EdkShellBinPkg | ||
| EdkShellPkg | ||
| EmbeddedPkg | ||
| EmulatorPkg | ||
| FatBinPkg | ||
| FatPkg | ||
| FmpDevicePkg | ||
| IntelFrameworkModulePkg | ||
| IntelFrameworkPkg | ||
| IntelFsp2Pkg | ||
| IntelFsp2WrapperPkg | ||
| IntelFspPkg | ||
| IntelFspWrapperPkg | ||
| IntelSiliconPkg | ||
| MdeModulePkg | ||
| MdePkg | ||
| NetworkPkg | ||
| Nt32Pkg | ||
| Omap35xxPkg | ||
| OptionRomPkg | ||
| OvmfPkg | ||
| PcAtChipsetPkg | ||
| QuarkPlatformPkg | ||
| QuarkSocPkg | ||
| SecurityPkg | ||
| ShellBinPkg | ||
| ShellPkg | ||
| SignedCapsulePkg | ||
| SourceLevelDebugPkg | ||
| StandaloneMmPkg | ||
| StdLib | ||
| StdLibPrivateInternalFiles | ||
| UefiCpuPkg | ||
| UnixPkg | ||
| Vlv2DeviceRefCodePkg | ||
| Vlv2TbltDevicePkg | ||
| .gitignore | ||
| .gitmodules | ||
| BuildNotes2.txt | ||
| Contributions.txt | ||
| License.txt | ||
| Maintainers.txt | ||
| Readme.md | ||
| edksetup.bat | ||
| edksetup.sh | ||
Readme.md
EDK II Project
A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications from www.uefi.org.
Contributions to the EDK II open source project are covered by the TianoCore Contribution Agreement 1.1
The majority of the content in the EDK II open source project uses a BSD 2-Clause License. The EDK II open source project contains the following components that are covered by additional licenses:
- AppPkg/Applications/Python/Python-2.7.2/Tools/pybench
- AppPkg/Applications/Python/Python-2.7.2
- AppPkg/Applications/Python/Python-2.7.10
- BaseTools/Source/C/BrotliCompress
- MdeModulePkg/Library/BrotliCustomDecompressLib
- OvmfPkg
- CryptoPkg/Library/OpensslLib/openssl
The EDK II Project is composed of packages. The maintainers for each package are listed in Maintainers.txt.