diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2016-06-01 19:23:20 +0200 |
|---|---|---|
| committer | Laszlo Ersek <lersek@redhat.com> | 2016-06-06 10:58:24 +0200 |
| commit | 509f8425b75dd0b0698b159db71379f49c36b2fc (patch) | |
| tree | 96f3a5912adb86d0635b6bff00dc0e4269309b69 /MdePkg/MdePkgExtra.uni | |
| parent | d2970bbc1d88dbde480e7eef57f3ddcedd39ad08 (diff) | |
| download | edk2-platforms-509f8425b75dd0b0698b159db71379f49c36b2fc.tar.xz | |
UefiCpuPkg: change PcdCpuSmmStackGuard default to TRUE
This Feature PCD causes PiSmmCpuDxe to catch SMM stack overflow at
runtime, logging a clear error message, and entering a CPU dead loop.
Compared to the chaotic and catastrophic consequences of the stack leaking
into, and corrupting, the SMM page table, a stack guard that is enabled by
default is vastly superior.
We should not require sane platforms to explicitly opt in to this
safeguard; instead, we should require platforms that prefer to live
dangerously to opt out of it.
Stack overflow in SMM might even give rise to security vulnerabilities.
Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/12864
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1341733
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Diffstat (limited to 'MdePkg/MdePkgExtra.uni')
0 files changed, 0 insertions, 0 deletions