diff options
author | Yao, Jiewen <jiewen.yao@intel.com> | 2019-02-22 21:30:34 +0800 |
---|---|---|
committer | Liming Gao <liming.gao@intel.com> | 2019-02-28 09:39:47 +0800 |
commit | 0aac2f777a688a146050bed47753e2dcf801d3c7 (patch) | |
tree | f8b7e0a818354fecd0a41d4fecf3be88db88b8b5 /MdePkg/MdePkg.dec | |
parent | 68edd7dbad77d7170ee0e1c5dbefae93ea9997b1 (diff) | |
download | edk2-0aac2f777a688a146050bed47753e2dcf801d3c7.tar.gz edk2-0aac2f777a688a146050bed47753e2dcf801d3c7.tar.bz2 edk2-0aac2f777a688a146050bed47753e2dcf801d3c7.zip |
MdePkg/BaseLib: Add Shadow Stack Support for X86.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1521
This patch adds SSP - shadow stack pointer to JumpBuffer.
It will be used for the platform that enabled CET/ShadowStack.
We add gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask
to control the global enable/disable.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Diffstat (limited to 'MdePkg/MdePkg.dec')
-rw-r--r-- | MdePkg/MdePkg.dec | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index c859b4a511..69a9575a04 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -2087,6 +2087,13 @@ # @Prompt Fixed Debug Message Print Level.
gEfiMdePkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0xFFFFFFFF|UINT32|0x30001016
+ ## Indicates the control flow enforcement enabling state.
+ # If enabled, it uses control flow enforcement technology to prevent ROP or JOP.<BR><BR>
+ # BIT0 - SMM CET Shadow Stack is enabled.<BR>
+ # Other - reserved
+ # @Prompt Enable control flow enforcement.
+ gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask|0x0|UINT32|0x30001017
+
[PcdsFixedAtBuild,PcdsPatchableInModule]
## Indicates the maximum length of unicode string used in the following
# BaseLib functions: StrLen(), StrSize(), StrCmp(), StrnCmp(), StrCpy(), StrnCpy()<BR><BR>
|