diff options
-rw-r--r-- | MdePkg/Library/BaseStackCheckLib/BaseStackCheckGcc.c | 55 | ||||
-rw-r--r-- | MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf | 42 |
2 files changed, 97 insertions, 0 deletions
diff --git a/MdePkg/Library/BaseStackCheckLib/BaseStackCheckGcc.c b/MdePkg/Library/BaseStackCheckLib/BaseStackCheckGcc.c new file mode 100644 index 0000000000..ecf77f0739 --- /dev/null +++ b/MdePkg/Library/BaseStackCheckLib/BaseStackCheckGcc.c @@ -0,0 +1,55 @@ +/** @file
+ Base Stack Check library for GCC/clang.
+
+ Use -fstack-protector-all compiler flag to make the compiler insert the
+ __stack_chk_guard "canary" value into the stack and check the value prior
+ to exiting the function. If the "canary" is overwritten __stack_chk_fail()
+ is called. This is GCC specific code.
+
+ Copyright (c) 2012, Apple Inc. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php.
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Base.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+
+/// "canary" value that is inserted by the compiler into the stack frame.
+VOID *__stack_chk_guard = (VOID*)FixedPcdGet64 (PcdBaseStackCanary);
+
+// If ASLR was enabled we could use
+//void (*__stack_chk_guard)(void) = __stack_chk_fail;
+
+/**
+ Error path for compiler generated stack "canary" value check code. If the
+ stack canary has been overwritten this function gets called on exit of the
+ function.
+**/
+VOID
+__stack_chk_fail (
+ VOID
+ )
+{
+ UINT8 DebugPropertyMask;
+
+ DEBUG ((DEBUG_ERROR, "STACK FAULT: Buffer Overflow in function %a.\n", __builtin_return_address(0)));
+
+ //
+ // Generate a Breakpoint, DeadLoop, or NOP based on PCD settings even if
+ // BaseDebugLibNull is in use.
+ //
+ DebugPropertyMask = PcdGet8 (PcdDebugPropertyMask);
+ if ((DebugPropertyMask & DEBUG_PROPERTY_ASSERT_BREAKPOINT_ENABLED) != 0) {
+ CpuBreakpoint ();
+ } else if ((DebugPropertyMask & DEBUG_PROPERTY_ASSERT_DEADLOOP_ENABLED) != 0) {
+ CpuDeadLoop ();
+ }
+}
diff --git a/MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf b/MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf new file mode 100644 index 0000000000..3304284ecb --- /dev/null +++ b/MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf @@ -0,0 +1,42 @@ +## @file
+# Stack Check Library
+#
+# Copyright (c) 2014, ARM Ltd. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = BaseStackCheckLib
+ FILE_GUID = 5f6579f7-b648-4fdb-9f19-4c17e27e8eff
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = NULL
+
+
+#
+# VALID_ARCHITECTURES = ARM AARCH64
+#
+
+[Sources]
+ BaseStackCheckGcc.c | GCC
+ BaseStackCheckGcc.c | RVCT
+
+[Packages]
+ MdePkg/MdePkg.dec
+
+[LibraryClasses]
+ BaseLib
+ DebugLib
+
+[FixedPcd]
+ gEfiMdePkgTokenSpaceGuid.PcdBaseStackCanary
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask
|