diff --git a/0021-OvmfPkg-Sec-fix-stack-switch.patch b/0021-OvmfPkg-Sec-fix-stack-switch.patch deleted file mode 100644 index 806c126..0000000 --- a/0021-OvmfPkg-Sec-fix-stack-switch.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 16974ba9c90984e667f057e13630cea6c27d0ae9 Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann -Date: Tue, 7 Jun 2022 14:24:59 +0200 -Subject: [PATCH 21/21] OvmfPkg/Sec: fix stack switch - -The ebp/rbp register can either be used for the frame pointer or -as general purpose register. With gcc (and clang) this depends -on the -f(no-)omit-frame-pointer switch. - -This patch updates tools_def.template to explicitly set the compiler -option and also add a define to allow conditionally compile code. - -The new define is used to fix stack switching in TemporaryRamMigration. -The ebp/rbp must not be touched when the compiler can use it as general -purpose register. With version 12 gcc starts actually using the -register, so changing it leads to firmware crashes in some -configurations. - -Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3934 -Reported-by: Jiri Slaby -Signed-off-by: Gerd Hoffmann ---- - OvmfPkg/Sec/SecMain.c | 4 ++++ - BaseTools/Conf/tools_def.template | 6 +++--- - 2 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c -index 1167d22a68cc..3ca0dcdfd3dd 100644 ---- a/OvmfPkg/Sec/SecMain.c -+++ b/OvmfPkg/Sec/SecMain.c -@@ -1052,11 +1052,15 @@ TemporaryRamMigration ( - if (SetJump (&JumpBuffer) == 0) { - #if defined (MDE_CPU_IA32) - JumpBuffer.Esp = JumpBuffer.Esp + DebugAgentContext.StackMigrateOffset; -+ #ifndef OMIT_FRAME_POINTER - JumpBuffer.Ebp = JumpBuffer.Ebp + DebugAgentContext.StackMigrateOffset; - #endif -+ #endif - #if defined (MDE_CPU_X64) - JumpBuffer.Rsp = JumpBuffer.Rsp + DebugAgentContext.StackMigrateOffset; -+ #ifndef OMIT_FRAME_POINTER - JumpBuffer.Rbp = JumpBuffer.Rbp + DebugAgentContext.StackMigrateOffset; -+ #endif - #endif - LongJump (&JumpBuffer, (UINTN)-1); - } -diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template -index 5901d9eecb5d..3b5f1f915c96 100755 ---- a/BaseTools/Conf/tools_def.template -+++ b/BaseTools/Conf/tools_def.template -@@ -1849,9 +1849,9 @@ NOOPT_*_*_OBJCOPY_ADDDEBUGFLAG = --add-gnu-debuglink=$(DEBUG_DIR)/$(MODULE_N - *_*_*_DTC_PATH = DEF(DTC_BIN) - - DEFINE GCC_ALL_CC_FLAGS = -g -Os -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Werror -Wno-array-bounds -include AutoGen.h -fno-common --DEFINE GCC_IA32_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -freorder-blocks -freorder-blocks-and-partition -O2 -mno-stack-arg-probe --DEFINE GCC_X64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-address -mno-stack-arg-probe --DEFINE GCC_ARM_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie -+DEFINE GCC_IA32_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -m32 -malign-double -freorder-blocks -freorder-blocks-and-partition -O2 -mno-stack-arg-probe -fno-omit-frame-pointer -+DEFINE GCC_X64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mno-red-zone -Wno-address -mno-stack-arg-probe -fomit-frame-pointer -DOMIT_FRAME_POINTER=1 -+DEFINE GCC_ARM_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -mabi=aapcs -fno-short-enums -funsigned-char -ffunction-sections -fdata-sections -fomit-frame-pointer -DOMIT_FRAME_POINTER=1 -Wno-address -mthumb -mfloat-abi=soft -fno-pic -fno-pie - DEFINE GCC_ARM_CC_XIPFLAGS = -mno-unaligned-access - DEFINE GCC_AARCH64_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -mlittle-endian -fno-short-enums -fverbose-asm -funsigned-char -ffunction-sections -fdata-sections -Wno-address -fno-asynchronous-unwind-tables -fno-unwind-tables -fno-pic -fno-pie -ffixed-x18 - DEFINE GCC_AARCH64_CC_XIPFLAGS = -mstrict-align -mgeneral-regs-only --- -2.36.1 - diff --git a/0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch b/0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch new file mode 100644 index 0000000..797cb08 --- /dev/null +++ b/0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch @@ -0,0 +1,32 @@ +From 46c6d0e6a1d971edef5846e352a81a097f8d51d5 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann +Date: Fri, 10 Jun 2022 07:43:15 +0200 +Subject: [PATCH 21/21] tools_def: add -fno-omit-frame-pointer to + GCC48_{IA32,X64}_CC_FLAGS + +Fixes problems due to code assuming it runs with frame pointers and thus +updates rbp / ebp registers when switching stacks. + +Signed-off-by: Gerd Hoffmann +--- + BaseTools/Conf/tools_def.template | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template +index 5901d9eecb5d..e3aa88fec31f 100755 +--- a/BaseTools/Conf/tools_def.template ++++ b/BaseTools/Conf/tools_def.template +@@ -1884,8 +1884,8 @@ DEFINE GCC_DEPS_FLAGS = -MMD -MF $@.deps + + DEFINE GCC48_ALL_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -ffunction-sections -fdata-sections -DSTRING_ARRAY_NAME=$(BASE_NAME)Strings + DEFINE GCC48_IA32_X64_DLINK_COMMON = -nostdlib -Wl,-n,-q,--gc-sections -z common-page-size=0x20 +-DEFINE GCC48_IA32_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address +-DEFINE GCC48_X64_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m64 -fno-stack-protector "-DEFIAPI=__attribute__((ms_abi))" -maccumulate-outgoing-args -mno-red-zone -Wno-address -mcmodel=small -fpie -fno-asynchronous-unwind-tables -Wno-address ++DEFINE GCC48_IA32_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address -fno-omit-frame-pointer ++DEFINE GCC48_X64_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m64 -fno-stack-protector "-DEFIAPI=__attribute__((ms_abi))" -maccumulate-outgoing-args -mno-red-zone -Wno-address -mcmodel=small -fpie -fno-asynchronous-unwind-tables -Wno-address -fno-omit-frame-pointer + DEFINE GCC48_IA32_X64_ASLDLINK_FLAGS = DEF(GCC48_IA32_X64_DLINK_COMMON) -Wl,--entry,ReferenceAcpiTable -u ReferenceAcpiTable + DEFINE GCC48_IA32_X64_DLINK_FLAGS = DEF(GCC48_IA32_X64_DLINK_COMMON) -Wl,--entry,$(IMAGE_ENTRY_POINT) -u $(IMAGE_ENTRY_POINT) -Wl,-Map,$(DEST_DIR_DEBUG)/$(BASE_NAME).map,--whole-archive + DEFINE GCC48_IA32_DLINK2_FLAGS = -Wl,--defsym=PECOFF_HEADER_SIZE=0x220 DEF(GCC_DLINK2_FLAGS_COMMON) +-- +2.36.1 + diff --git a/edk2.spec b/edk2.spec index b44d97e..9f9711a 100644 --- a/edk2.spec +++ b/edk2.spec @@ -35,7 +35,7 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 2%{?dist} +Release: 3%{?dist} Summary: UEFI firmware for 64-bit virtual machines License: BSD-2-Clause-Patent and OpenSSL and MIT URL: http://www.tianocore.org @@ -85,7 +85,7 @@ Patch0017: 0017-CryptoPkg-OpensslLib-list-RHEL8-specific-OpenSSL-fil.patch Patch0018: 0018-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch Patch0019: 0019-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch Patch0020: 0020-Tweak-the-tools_def-to-support-cross-compiling.patch -Patch0021: 0021-OvmfPkg-Sec-fix-stack-switch.patch +Patch0021: 0021-tools_def-add-fno-omit-frame-pointer-to-GCC48_-IA32-.patch # python3-devel and libuuid-devel are required for building tools. # python3-devel is also needed for varstore template generation and @@ -707,6 +707,9 @@ virt-fw-vars --input Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.secboot.fd \ %changelog +* Fri Jun 10 2022 Gerd Hoffmann - 20220526git16779ede2d36-3 +- swap stack fix patch. + * Wed Jun 08 2022 Gerd Hoffmann - 20220526git16779ede2d36-2 - fix PcdResizeXterm patch. - minor specfile cleanup.