Skip to content

Commit

Permalink
Use New Stack Cookie Library (#204)
Browse files Browse the repository at this point in the history 
## Description

Update one DSC file to use the new stack cookie library, and
MdePkg/MdeLibs.dsc.inc contains the definitions for the new stack cookie
libraries for the remaining DSC files.

- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [x] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
    in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
    a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
  - **Tests** - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
    outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
    on an a separate Web page, ...

## How This Was Tested

Tested on Q35 GCC and MSVC builds

## Integration Instructions

N/A
  • Loading branch information
@TaylorBeebe @kenlautner
TaylorBeebe authored and kenlautner committed Dec 18, 2023
1 parent ce29bbd commit 6b863e1
Show file tree
Hide file tree
Showing 6 changed files with 5 additions and 64 deletions.
13 changes: 1 addition & 12 deletions EmbeddedPkg/EmbeddedPkg.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,18 +107,7 @@
DtPlatformDtbLoaderLib|EmbeddedPkg/Library/DxeDtPlatformDtbLoaderLibDefault/DxeDtPlatformDtbLoaderLibDefault.inf

TimeBaseLib|EmbeddedPkg/Library/TimeBaseLib/TimeBaseLib.inf

## MU_CHANGE START
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf
SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf # MU_CHANGE - CodeQL change
[LibraryClasses.X64]
!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
# Provide StackCookie support lib so that we can link to /GS exports for VS builds
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
!endif
## MU_CHANGE END
SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf # MU_CHANGE - CodeQL change

[LibraryClasses.common.DXE_DRIVER]
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
Expand Down
12 changes: 0 additions & 12 deletions FatPkg/FatPkg.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,18 +50,6 @@
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf

## MU_CHANGE Begin
[LibraryClasses.common]
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf
!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
[LibraryClasses.X64]
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
# Provide StackCookie support lib so that we can link to /GS exports for VS builds
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
!endif
## MU_CHANGE End

[LibraryClasses.common.PEIM]
PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
Expand Down
12 changes: 0 additions & 12 deletions FmpDevicePkg/FmpDevicePkg.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,18 +72,6 @@
FmpDependencyDeviceLib|FmpDevicePkg/Library/FmpDependencyDeviceLibNull/FmpDependencyDeviceLibNull.inf
TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf

## MU_CHANGE Begin
[LibraryClasses.common]
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf
!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
[LibraryClasses.X64]
# Provide StackCookie support lib so that we can link to /GS exports for VS builds
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
!endif
## MU_CHANGE End

[LibraryClasses.ARM, LibraryClasses.AARCH64]
#
# It is not possible to prevent the ARM compiler for generic intrinsic functions.
Expand Down
12 changes: 4 additions & 8 deletions PrmPkg/PrmPkg.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,17 +38,13 @@
UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf

## MU_CHANGE START
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf
# MU_CHANGE [BEGIN] - Add Stack Cookie Support
SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf # MU_CHANGE - CodeQL change
[LibraryClasses.X64]
!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
# Provide StackCookie support lib so that we can link to /GS exports for VS builds
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
!endif
## MU_CHANGE END
NULL|MdePkg/Library/StackCheckLib/StackCheckLib.inf
StackCheckFailureLib|MdePkg/Library/StackCheckFailureLibNull/StackCheckFailureLibNull.inf
# MU_CHANGE [END] - Add Stack Cookie Support

[LibraryClasses.IA32, LibraryClasses.X64]
MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
Expand Down
9 changes: 0 additions & 9 deletions SecurityPkg/SecurityPkg.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,15 +88,6 @@
## NOTE: This is a temporary shim to resolve a build error while a more permanent solution is tested!
Tcg2PreUefiEventLogLib|SecurityPkg/Library/TempPreUefiEventLogLib/TempPreUefiEventLogLib.inf

## MU_CHANGE [BEGIN]
[LibraryClasses.X64]
!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
# Provide StackCookie support lib so that we can link to /GS exports for VS builds
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
!endif
## MU_CHANGE [END]

[LibraryClasses.ARM, LibraryClasses.AARCH64]
#
# It is not possible to prevent the ARM compiler for generic intrinsic functions.
Expand Down
11 changes: 0 additions & 11 deletions SourceLevelDebugPkg/SourceLevelDebugPkg.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,17 +56,6 @@
!endif
!endif

##MSCHANGE Begin
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibNull/BaseBinSecurityLibNull.inf
[LibraryClasses.X64]
!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
# Provide StackCookie support lib so that we can link to /GS exports for VS builds
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
BaseBinSecurityLib|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
NULL|MdePkg/Library/BaseBinSecurityLibRng/BaseBinSecurityLibRng.inf
!endif
##MSCHANGE End

[LibraryClasses.common.PEIM]
PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
Expand Down

0 comments on commit 6b863e1

Please sign in to comment.