swap stack fix patch

2022-06-10 15:28:30 +02:00 · 2022-06-10 15:28:30 +02:00 · 3a213ee2a1
commit 3a213ee2a1
parent 729059caf6
3 changed files with 37 additions and 68 deletions
--- a/0021-OvmfPkg-Sec-fix-stack-switch.patch
+++ b/0021-OvmfPkg-Sec-fix-stack-switch.patch
@ -1,66 +0,0 @@
 From 16974ba9c90984e667f057e13630cea6c27d0ae9 Mon Sep 17 00:00:00 2001
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Tue, 7 Jun 2022 14:24:59 +0200
 Subject: [PATCH 21/21] OvmfPkg/Sec: fix stack switch
 The ebp/rbp register can either be used for the frame pointer or
 as general purpose register.  With gcc (and clang) this depends
 on the -f(no-)omit-frame-pointer switch.
 This patch updates tools_def.template to explicitly set the compiler
 option and also add a define to allow conditionally compile code.
 The new define is used to fix stack switching in TemporaryRamMigration.
 The ebp/rbp must not be touched when the compiler can use it as general
 purpose register.  With version 12 gcc starts actually using the
 register, so changing it leads to firmware crashes in some
 configurations.
 Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3934
 Reported-by: Jiri Slaby <jirislaby@kernel.org>
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 ---
 OvmfPkg/Sec/SecMain.c             | 4 ++++
 BaseTools/Conf/tools_def.template | 6 +++---
 2 files changed, 7 insertions(+), 3 deletions(-)
 diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
 index 1167d22a68cc..3ca0dcdfd3dd 100644
 --- a/OvmfPkg/Sec/SecMain.c
 +++ b/OvmfPkg/Sec/SecMain.c
@@ -1052,11 +1052,15 @@ TemporaryRamMigration (
   if (SetJump (&JumpBuffer) == 0) {
  #if defined (MDE_CPU_IA32)
     JumpBuffer.Esp = JumpBuffer.Esp + DebugAgentContext.StackMigrateOffset;
 + #ifndef OMIT_FRAME_POINTER
     JumpBuffer.Ebp = JumpBuffer.Ebp + DebugAgentContext.StackMigrateOffset;
  #endif
 + #endif
  #if defined (MDE_CPU_X64)
     JumpBuffer.Rsp = JumpBuffer.Rsp + DebugAgentContext.StackMigrateOffset;
 + #ifndef OMIT_FRAME_POINTER
     JumpBuffer.Rbp = JumpBuffer.Rbp + DebugAgentContext.StackMigrateOffset;
 + #endif
  #endif
     LongJump (&JumpBuffer, (UINTN)-1);
   }
 diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
 index 5901d9eecb5d..3b5f1f915c96 100755
 --- a/BaseTools/Conf/tools_def.template
 +++ b/BaseTools/Conf/tools_def.template
@@ -1849,9 +1849,9 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG     = --add-gnu-debuglink=$(DEBUG_DIR)/$(MODULE_N
 *_*_*_DTC_PATH                     = DEF(DTC_BIN)
 DEFINE GCC_ALL_CC_FLAGS            = -g -Os -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h -fno-common
 -DEFINE GCC_IA32_CC_FLAGS           = DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -freorder-blocks -freorder-blocks-and-partition -O2 -mno-stack-arg-probe
 -DEFINE GCC_X64_CC_FLAGS            = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-address -mno-stack-arg-probe
 -DEFINE GCC_ARM_CC_FLAGS            = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie
 +DEFINE GCC_IA32_CC_FLAGS           = DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -freorder-blocks -freorder-blocks-and-partition -O2 -mno-stack-arg-probe -fno-omit-frame-pointer
 +DEFINE GCC_X64_CC_FLAGS            = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-address -mno-stack-arg-probe -fomit-frame-pointer -DOMIT_FRAME_POINTER=1
 +DEFINE GCC_ARM_CC_FLAGS            = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -DOMIT_FRAME_POINTER=1 -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie
 DEFINE GCC_ARM_CC_XIPFLAGS         = -mno-unaligned-access
 DEFINE GCC_AARCH64_CC_FLAGS        = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -fno-short-enums -fverbose-asm -funsigned-char  -ffunction-sections -fdata-sections -Wno-address -fno-asynchronous-unwind-tables -fno-unwind-tables -fno-pic -fno-pie -ffixed-x18
 DEFINE GCC_AARCH64_CC_XIPFLAGS     = -mstrict-align -mgeneral-regs-only
 -- 
 2.36.1
--- a/0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch
+++ b/0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch
@ -0,0 +1,32 @@
 From 46c6d0e6a1d971edef5846e352a81a097f8d51d5 Mon Sep 17 00:00:00 2001
 From: Gerd Hoffmann <kraxel@redhat.com>
 Date: Fri, 10 Jun 2022 07:43:15 +0200
 Subject: [PATCH 21/21] tools_def: add -fno-omit-frame-pointer to
 GCC48_{IA32,X64}_CC_FLAGS
 Fixes problems due to code assuming it runs with frame pointers and thus
 updates rbp / ebp registers when switching stacks.
 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 ---
 BaseTools/Conf/tools_def.template | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
 index 5901d9eecb5d..e3aa88fec31f 100755
 --- a/BaseTools/Conf/tools_def.template
 +++ b/BaseTools/Conf/tools_def.template
@@ -1884,8 +1884,8 @@ DEFINE GCC_DEPS_FLAGS              = -MMD -MF $@.deps
 DEFINE GCC48_ALL_CC_FLAGS            = DEF(GCC_ALL_CC_FLAGS) -ffunction-sections -fdata-sections -DSTRING_ARRAY_NAME=$(BASE_NAME)Strings
 DEFINE GCC48_IA32_X64_DLINK_COMMON   = -nostdlib -Wl,-n,-q,--gc-sections -z common-page-size=0x20
 -DEFINE GCC48_IA32_CC_FLAGS           = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address
 -DEFINE GCC48_X64_CC_FLAGS            = DEF(GCC48_ALL_CC_FLAGS) -m64 -fno-stack-protector "-DEFIAPI=__attribute__((ms_abi))" -maccumulate-outgoing-args -mno-red-zone -Wno-address -mcmodel=small -fpie -fno-asynchronous-unwind-tables -Wno-address
 +DEFINE GCC48_IA32_CC_FLAGS           = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address -fno-omit-frame-pointer
 +DEFINE GCC48_X64_CC_FLAGS            = DEF(GCC48_ALL_CC_FLAGS) -m64 -fno-stack-protector "-DEFIAPI=__attribute__((ms_abi))" -maccumulate-outgoing-args -mno-red-zone -Wno-address -mcmodel=small -fpie -fno-asynchronous-unwind-tables -Wno-address  -fno-omit-frame-pointer
 DEFINE GCC48_IA32_X64_ASLDLINK_FLAGS = DEF(GCC48_IA32_X64_DLINK_COMMON) -Wl,--entry,ReferenceAcpiTable -u ReferenceAcpiTable
 DEFINE GCC48_IA32_X64_DLINK_FLAGS    = DEF(GCC48_IA32_X64_DLINK_COMMON) -Wl,--entry,$(IMAGE_ENTRY_POINT) -u $(IMAGE_ENTRY_POINT) -Wl,-Map,$(DEST_DIR_DEBUG)/$(BASE_NAME).map,--whole-archive
 DEFINE GCC48_IA32_DLINK2_FLAGS       = -Wl,--defsym=PECOFF_HEADER_SIZE=0x220 DEF(GCC_DLINK2_FLAGS_COMMON)
 -- 
 2.36.1
--- a/edk2.spec
+++ b/edk2.spec
@ -35,7 +35,7 @@ ExclusiveArch: x86_64 aarch64
 Name:       edk2
 Version:    %{GITDATE}git%{GITCOMMIT}
-Release:    2%{?dist}
+Release:    3%{?dist}
 Summary:    UEFI firmware for 64-bit virtual machines
 License:    BSD-2-Clause-Patent and OpenSSL and MIT
 URL:        http://www.tianocore.org
@ -85,7 +85,7 @@ Patch0017: 0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch
 Patch0018: 0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch
 Patch0019: 0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch
 Patch0020: 0020-Tweak-the-tools_def-to-support-cross-compiling.patch
-Patch0021: 0021-OvmfPkg-Sec-fix-stack-switch.patch
+Patch0021: 0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch
 # python3-devel and libuuid-devel are required for building tools.
 # python3-devel is also needed for varstore template generation and
@ -707,6 +707,9 @@ virt-fw-vars --input Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd \
 %changelog
 * Fri Jun 10 2022 Gerd Hoffmann <kraxel@redhat.com> - 20220526git16779ede2d36-3
 - swap stack fix patch.
 * Wed Jun 08 2022 Gerd Hoffmann <kraxel@redhat.com> - 20220526git16779ede2d36-2
 - fix PcdResizeXterm patch.
 - minor specfile cleanup.