microsoft · os-d · Mar 18, 2026 · Feb 20, 2026 · Feb 20, 2026 · Feb 20, 2026
diff --git a/ArmPkg/Library/DefaultExceptionHandlerLib/AArch64/DefaultExceptionHandler.c b/ArmPkg/Library/DefaultExceptionHandlerLib/AArch64/DefaultExceptionHandler.c
@@ -15,6 +15,7 @@
 #include <Library/PeCoffGetEntryPointLib.h>
 #include <Library/PrintLib.h>
 #include <Library/SerialPortLib.h>
+#include <Library/StackCheckLib.h>  // MU_CHANGE: CLANGPDB Stack Cookies
 #include <Library/UefiBootServicesTableLib.h>
 
 #include <Guid/DebugImageInfoTable.h>
@@ -194,6 +195,10 @@ DefaultExceptionHandler (
   CHAR16  UnicodeBuffer[MAX_PRINT_CHARS];
   UINTN   CharCount;
   INT32   Offset;
+  // MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+  UINT8   Ec;
+  UINT32  Iss;
+  // MU_CHANGE END: CLANGPDB Stack Cookies
 
   if (mRecursiveException) {
     STATIC CHAR8 CONST  Message[] = "\nRecursive exception occurred while dumping the CPU state\n";
@@ -202,8 +207,19 @@ DefaultExceptionHandler (
   }
 
   mRecursiveException = TRUE;
+  // MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+  Ec                  = (SystemContext.SystemContextAArch64->ESR & 0xFC000000) >> 26;
+  Iss                 = SystemContext.SystemContextAArch64->ESR & 0x1FFFFFF;
+
+  // Check if this is a stack cookie violation
+  if ((Ec == 0x15) && (Iss == STACK_CHECK_ERROR_HANDLER_VECTOR)) {
+    // The address that caused the stack check exception is in X0
+    CharCount = AsciiSPrint (Buffer, sizeof (Buffer), "\n\n%a Stack Check Exception at 0x%016lx\n", gExceptionTypeString[ExceptionType], SystemContext.SystemContextAArch64->X0);
+  } else {
+    CharCount = AsciiSPrint (Buffer, sizeof (Buffer), "\n\n%a Exception at 0x%016lx\n", gExceptionTypeString[ExceptionType], SystemContext.SystemContextAArch64->ELR);
+  }
+  // MU_CHANGE END: CLANGPDB Stack Cookies
 
-  CharCount = AsciiSPrint (Buffer, sizeof (Buffer), "\n\n%a Exception at 0x%016lx\n", gExceptionTypeString[ExceptionType], SystemContext.SystemContextAArch64->ELR);
   SerialPortWrite ((UINT8 *)Buffer, CharCount);
 
   // Prepare a unicode buffer for ConOut, if applicable, in case the buffer

diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
@@ -27,7 +27,8 @@
 # 4.02 - Add ARCHCC_FLAGS for GCC AARCH64
 # 4.03 - Clang AARCH64 Keep optional header for NX_COMPAT flag
 # 4.05 - Add CLANGPDB AARCH64 Support
-#!VERSION=4.05
+# 4.06 - Enable Stack Cookies for CLANGPDB  # MU_CHANGE: CLANGPDB Stack Cookies
+#!VERSION=4.06  # MU_CHANGE: CLANGPDB Stack Cookies
 
 IDENTIFIER = Default TOOL_CHAIN_CONF
 
@@ -1674,7 +1675,8 @@ DEFINE CLANGPDB_X64_TARGET           = -target x86_64-pc-windows-msvc
 DEFINE CLANGPDB_AARCH64_TARGET       = -target aarch64-unknown-windows-msvc
 
 DEFINE CLANGPDB_WARNING_OVERRIDES    = -Wno-parentheses-equality -Wno-tautological-compare -Wno-tautological-constant-out-of-range-compare -Wno-empty-body -Wno-unused-const-variable -Wno-varargs -Wno-unknown-warning-option -Wno-unused-but-set-variable -Wno-unused-const-variable -Wno-unaligned-access -Wno-microsoft-enum-forward-reference
-DEFINE CLANGPDB_ALL_CC_FLAGS         = DEF(GCC48_ALL_CC_FLAGS) DEF(CLANGPDB_WARNING_OVERRIDES) -fno-stack-protector -funsigned-char -ftrap-function=undefined_behavior_has_been_optimized_away_by_clang -Wno-address -Wno-shift-negative-value -Wno-unknown-pragmas -Wno-incompatible-library-redeclaration -Wno-null-dereference -mno-implicit-float -mms-bitfields -mno-stack-arg-probe -fno-omit-frame-pointer -U _MSC_VER -D __GNUC__=4 -D __GNUC_MINOR__=2 -D __GNUC_PATCHLEVEL__=1 -D __MINGW32__=1
+# MU_CHANGE: CLANGPDB Stack Cookies
+DEFINE CLANGPDB_ALL_CC_FLAGS         = DEF(GCC48_ALL_CC_FLAGS) DEF(CLANGPDB_WARNING_OVERRIDES) -fstack-protector -funsigned-char -ftrap-function=undefined_behavior_has_been_optimized_away_by_clang -Wno-address -Wno-shift-negative-value -Wno-unknown-pragmas -Wno-incompatible-library-redeclaration -Wno-null-dereference -mno-implicit-float -mms-bitfields -mno-stack-arg-probe -fno-omit-frame-pointer -U _MSC_VER -D __GNUC__=4 -D __GNUC_MINOR__=2 -D __GNUC_PATCHLEVEL__=1 -D __MINGW32__=1
 
 ###########################
 # CLANGPDB IA32 definitions

diff --git a/MdePkg/Include/Library/StackCheckFailureHookLib.h b/MdePkg/Include/Library/StackCheckFailureHookLib.h
diff --git a/MdePkg/Include/Library/StackCheckLib.h b/MdePkg/Include/Library/StackCheckLib.h
@@ -12,6 +12,12 @@
 
 #include <Base.h>
 
+// MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+// The stack cookie error handler vector, in the user defined range for IA32, X64, and AARCH64. This is the
+// exception/interrupt number that is signalled on a stack cookie corruption.
+#define STACK_CHECK_ERROR_HANDLER_VECTOR  0x42
+// MU_CHANGE END: CLANGPDB Stack Cookies
+
 #if defined (__GNUC__) || defined (__clang__)
 
 // The __stack_chk_guard is a random value placed on the stack between the stack variables

diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/AArch64/DynamicCookieGcc.S b/MdePkg/Library/DynamicStackCookieEntryPointLib/AArch64/DynamicCookieGcc.S
@@ -5,7 +5,7 @@
 #
 # Module Name:
 #
-#   DynamicCookie.S
+#   DynamicCookieGcc.S  # MU_CHANGE: CLANGPDB Stack Cookies
 #
 # Abstract:
 #

diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/AArch64/DynamicCookieMsvc.S b/MdePkg/Library/DynamicStackCookieEntryPointLib/AArch64/DynamicCookieMsvc.S
@@ -0,0 +1,58 @@
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies - new file
+#------------------------------------------------------------------------------
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# Module Name:
+#
+#   DynamicCookieMsvc.S
+#
+# Abstract:
+#
+#   Generates random number through the RNDR instruction on a 64-bit AARCH64 platform
+#   to store a random value in the MSVC __security_cookie stack cookie.
+#   The first byte is 0'd to prevent string copy functions from clobbering
+#   the stack cookie.
+#
+# Notes:
+#
+# If RNDR fails, the build time static stack cookie value will be used instead.
+#
+#------------------------------------------------------------------------------
+
+#include <AArch64/AArch64.h>
+
+.text
+.p2align 2
+
+GCC_ASM_IMPORT(__security_cookie)
+GCC_ASM_IMPORT(_CModuleEntryPoint)
+GCC_ASM_EXPORT(_ModuleEntryPoint)
+
+#------------------------------------------------------------------------------
+# VOID
+# EFIAPI
+# _ModuleEntryPoint (
+#   Parameters are passed through.
+# )
+#------------------------------------------------------------------------------
+ASM_PFX(_ModuleEntryPoint):
+  AARCH64_BTI(c)
+
+  mrs x9, ID_AA64ISAR0_EL1          // Read the AArch64 Instruction Set Attribute Register 0
+  ubfx x9, x9, #60, #4              // Extract the RNDR bit field (bits 60-63)
+  cbz x9, c_entry                   // If RNDR is not supported, jump to c_entry
+
+  mrs x9, RNDR                      // Generate a random number
+  b.eq c_entry                      // RNDR sets NZCV to 0b0100 on failure
+                                    // So if the zero flag is set, use the static stack guard
+
+  and x9, x9, #0xFFFFFFFFFFFFFF00   // Zero the first byte of the random value
+
+  adrp x8, ASM_PFX(__security_cookie)             // Load the page address of __security_cookie
+  str x9, [x8, :lo12:ASM_PFX(__security_cookie)]  // Store the random value in __security_cookie
+
+c_entry:
+  b ASM_PFX(_CModuleEntryPoint)     // Jump to the C module entry point
+# MU_CHANGE END: CLANGPDB Stack Cookies
diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/DxeCoreEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/DxeCoreEntryPoint.inf
@@ -25,16 +25,19 @@
 [Sources]
   DxeCore/DxeCoreEntryPoint.c
 
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
 [Sources.IA32]
-  IA32/DynamicCookieGcc.nasm  | GCC
-  IA32/DynamicCookieMsvc.nasm | MSFT
+  IA32/DynamicCookieGcc.nasm  ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  IA32/DynamicCookieMsvc.nasm ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.X64]
-  X64/DynamicCookieGcc.nasm   | GCC
-  X64/DynamicCookieMsvc.nasm  | MSFT
+  X64/DynamicCookieGcc.nasm   ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  X64/DynamicCookieMsvc.nasm  ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.AARCH64]
-  AArch64/DynamicCookieGcc.S | GCC
+  AArch64/DynamicCookieGcc.S ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  AArch64/DynamicCookieMsvc.S ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -43,3 +46,8 @@
   BaseLib
   DebugLib
   StackCheckLib
+
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+[FeaturePcd]
+  gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/StandaloneMmCoreEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/StandaloneMmCoreEntryPoint.inf
@@ -25,9 +25,11 @@
 [Sources.X64]
   StandaloneMmCore/X64/StandaloneMmCoreEntryPoint.c
 
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
 [Sources.X64]
-  X64/DynamicCookieGcc.nasm   | GCC
-  X64/DynamicCookieMsvc.nasm  | MSFT
+  X64/DynamicCookieGcc.nasm   ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  X64/DynamicCookieMsvc.nasm  ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -36,3 +38,8 @@
   BaseLib
   DebugLib
   StackCheckLib
+
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+[FeaturePcd]
+  gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/StandaloneMmDriverEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/StandaloneMmDriverEntryPoint.inf
@@ -29,16 +29,19 @@
 [Sources]
   StandaloneMmDriver/StandaloneMmDriverEntryPoint.c
 
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
 [Sources.IA32]
-  IA32/DynamicCookieGcc.nasm  | GCC
-  IA32/DynamicCookieMsvc.nasm | MSFT
+  IA32/DynamicCookieGcc.nasm  ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  IA32/DynamicCookieMsvc.nasm ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.X64]
-  X64/DynamicCookieGcc.nasm   | GCC
-  X64/DynamicCookieMsvc.nasm  | MSFT
+  X64/DynamicCookieGcc.nasm   ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  X64/DynamicCookieMsvc.nasm  ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.AARCH64]
-  AArch64/DynamicCookieGcc.S | GCC
+  AArch64/DynamicCookieGcc.S ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  AArch64/DynamicCookieMsvc.S ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -51,3 +54,8 @@
 
 [Protocols]
   gEfiLoadedImageProtocolGuid      ## SOMETIMES_CONSUMES
+
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+[FeaturePcd]
+  gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/UefiApplicationEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/UefiApplicationEntryPoint.inf
@@ -24,16 +24,19 @@
 [Sources]
   UefiApplication/ApplicationEntryPoint.c
 
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
 [Sources.IA32]
-  IA32/DynamicCookieGcc.nasm  | GCC
-  IA32/DynamicCookieMsvc.nasm | MSFT
+  IA32/DynamicCookieGcc.nasm  ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  IA32/DynamicCookieMsvc.nasm ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.X64]
-  X64/DynamicCookieGcc.nasm   | GCC
-  X64/DynamicCookieMsvc.nasm  | MSFT
+  X64/DynamicCookieGcc.nasm   ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  X64/DynamicCookieMsvc.nasm  ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.AARCH64]
-  AArch64/DynamicCookieGcc.S | GCC
+  AArch64/DynamicCookieGcc.S  ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  AArch64/DynamicCookieMsvc.S ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -43,3 +46,8 @@
   DebugLib
   BaseLib
   StackCheckLib
+
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+[FeaturePcd]
+  gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
diff --git a/MdePkg/Library/DynamicStackCookieEntryPointLib/UefiDriverEntryPoint.inf b/MdePkg/Library/DynamicStackCookieEntryPointLib/UefiDriverEntryPoint.inf
@@ -29,16 +29,19 @@
 [Packages]
   MdePkg/MdePkg.dec
 
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
 [Sources.IA32]
-  IA32/DynamicCookieGcc.nasm  | GCC
-  IA32/DynamicCookieMsvc.nasm | MSFT
+  IA32/DynamicCookieGcc.nasm  ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  IA32/DynamicCookieMsvc.nasm ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.X64]
-  X64/DynamicCookieGcc.nasm   | GCC
-  X64/DynamicCookieMsvc.nasm  | MSFT
+  X64/DynamicCookieGcc.nasm   ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  X64/DynamicCookieMsvc.nasm  ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
 
 [Sources.AARCH64]
-  AArch64/DynamicCookieGcc.S | GCC
+  AArch64/DynamicCookieGcc.S  ||||!gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+  AArch64/DynamicCookieMsvc.S ||||gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
 
 [LibraryClasses]
   UefiBootServicesTableLib
@@ -66,3 +69,8 @@
   gEfiVariableWriteArchProtocolGuid AND
   gEfiVariableArchProtocolGuid AND
   gEfiWatchdogTimerArchProtocolGuid
+
+# MU_CHANGE BEGIN: CLANGPDB Stack Cookies
+[FeaturePcd]
+  gEfiMdePkgTokenSpaceGuid.PcdEnableMsvcStyleStackChecking
+# MU_CHANGE END: CLANGPDB Stack Cookies
diff --git a/MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHook.c b/MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHook.c
diff --git a/MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf b/MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf