From nobody Sat Apr 27 10:15:41 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1505294724054314.10170276984775; Wed, 13 Sep 2017 02:25:24 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 5F56521D492E9; Wed, 13 Sep 2017 02:22:25 -0700 (PDT) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 36E7021E8796F for ; Wed, 13 Sep 2017 02:22:24 -0700 (PDT) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP; 13 Sep 2017 02:25:21 -0700 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.50]) by fmsmga005.fm.intel.com with ESMTP; 13 Sep 2017 02:25:19 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,387,1500966000"; d="scan'208";a="150787223" From: "Wang, Jian J" To: edk2-devel@lists.01.org Date: Wed, 13 Sep 2017 17:25:04 +0800 Message-Id: <20170913092507.12504-2-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 In-Reply-To: <20170913092507.12504-1-jian.j.wang@intel.com> References: <20170913092507.12504-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 1/4] MdeModulePkg/Core: Implement NULL pointer detection in EDK-II Core. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Justen@ml01.01.org, Eric Dong , Kinney@ml01.01.org, Jordan L , Wolman@ml01.01.org, Jiewen Yao , Ayellet , Michael D , Laszlo Ersek , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The mechanism behind is to trigger a page fault exception at address 0. Thi= s can be made by disabling page 0 (0-4095) during page table setup. So this= feature can only be available on platform with paging enabled. Once this f= eature is enabled, any code, like CSM, which has to access memory in page 0= needs to enable this page temporarily in advance and disable it afterwards= . PcdNullPointerDetectionPropertyMask is used to control and elaborate the = use cases. Cc: Jiewen Yao Cc: Eric Dong Cc: Star Zeng Cc: Laszlo Ersek Cc: Justen, Jordan L Cc: Kinney, Michael D Cc: Wolman, Ayellet Suggested-by: Wolman, Ayellet Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wang, Jian J Reviewed-by: Brian J. Johnson --- MdeModulePkg/Core/Dxe/DxeMain.inf | 3 +- MdeModulePkg/Core/Dxe/Mem/Page.c | 21 ++++++---- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 47 +++++++++++++++++++++ MdeModulePkg/Core/DxeIplPeim/DxeIpl.h | 15 +++++++ MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 3 +- MdeModulePkg/Core/DxeIplPeim/DxeLoad.c | 53 ++++++++++++++++++++= ++++ MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 8 +++- MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 2 + MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 23 ++++++---- MdeModulePkg/MdeModulePkg.dec | 12 ++++++ 10 files changed, 167 insertions(+), 20 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 30d5984f7c..273b8b7c0e 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -179,7 +179,7 @@ gEfiWatchdogTimerArchProtocolGuid ## CONSUMES =20 [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFrameworkCompatibilitySupport ## CO= NSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFrameworkCompatibilitySupport = ## CONSUMES =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdLoadFixAddressBootTimeCodePageNumber = ## SOMETIMES_CONSUMES @@ -192,6 +192,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask = ## CONSUMES =20 # [Hob] # RESOURCE_DESCRIPTOR ## CONSUMES diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index a142c79ee2..2e0b72f864 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -170,6 +170,7 @@ CoreAddRange ( { LIST_ENTRY *Link; MEMORY_MAP *Entry; + EFI_STATUS Status; =20 ASSERT ((Start & EFI_PAGE_MASK) =3D=3D 0); ASSERT (End > Start) ; @@ -188,7 +189,17 @@ CoreAddRange ( // used for other purposes. // =20 if (Type =3D=3D EfiConventionalMemory && Start =3D=3D 0 && (End >=3D EFI= _PAGE_SIZE - 1)) { - SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); + if ((PcdGet8(PcdNullPointerDetectionPropertyMask) & BIT0) =3D=3D 0) { + SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); + } else if (gCpu !=3D NULL) { + Status =3D gCpu->SetMemoryAttributes(gCpu, 0, EFI_PAGE_SIZE, 0); + ASSERT_EFI_ERROR(Status); + + SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); + + Status =3D gCpu->SetMemoryAttributes(gCpu, 0, EFI_PAGE_SIZE, EFI_MEM= ORY_RP); + ASSERT_EFI_ERROR(Status); + } } =20 // @@ -1972,11 +1983,3 @@ Done: return Status; } =20 - - - - - - - - diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index a73c4ccd64..2367d674e1 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -995,6 +995,36 @@ MemoryProtectionExitBootServicesCallback ( } } =20 +/** + Disable NULL pointer detection after EndOfDxe. This is a workaround reso= rt in=20 + order to skip unfixable NULL pointer access issues detected in OptionROM= or=20 + boot loaders. + + @param[in] Event The Event this notify function registered to. + @param[in] Context Pointer to the context data registered to the Even= t. +**/ +VOID +EFIAPI +DisableNullDetectionAtTheEndOfDxe ( + EFI_EVENT Event, + VOID *Context + ) +{ + EFI_STATUS Status; + + DEBUG((DEBUG_INFO, "DisableNullDetectionAtTheEndOfDxe(): start\r\n")); + // + // Disable NULL pointer detection by enabling first 4K page + // + Status =3D gCpu->SetMemoryAttributes(gCpu, 0, EFI_PAGE_SIZE, 0); + ASSERT_EFI_ERROR(Status); + + CoreCloseEvent (Event); + DEBUG((DEBUG_INFO, "DisableNullDetectionAtTheEndOfDxe(): end\r\n")); + + return; +} + /** Initialize Memory Protection support. **/ @@ -1006,6 +1036,7 @@ CoreInitializeMemoryProtection ( { EFI_STATUS Status; EFI_EVENT Event; + EFI_EVENT EndOfDxeEvent; VOID *Registration; =20 mImageProtectionPolicy =3D PcdGet32(PcdImageProtectionPolicy); @@ -1044,6 +1075,22 @@ CoreInitializeMemoryProtection ( ); ASSERT_EFI_ERROR(Status); } + + // + // Register a callback to disable NULL pointer detection at EndOfDxe + // + if ((PcdGet8(PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7)) =3D=3D = (BIT0|BIT7)) { + Status =3D CoreCreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + DisableNullDetectionAtTheEndOfDxe, + NULL, + &gEfiEndOfDxeEventGroupGuid, + &EndOfDxeEvent + ); + ASSERT_EFI_ERROR (Status); + } + return ; } =20 diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h b/MdeModulePkg/Core/DxeI= plPeim/DxeIpl.h index 72d2532f50..104599156c 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h @@ -52,6 +52,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #define STACK_SIZE 0x20000 #define BSP_STORE_SIZE 0x4000 =20 +#define NULL_DETECTION_ENABLED ((PcdGet8(PcdNullPointerDetectionPropertyM= ask) & BIT0) !=3D 0) =20 // // This PPI is installed to indicate the end of the PEI usage of memory @@ -240,4 +241,18 @@ Decompress ( OUT UINTN *OutputSize ); =20 +/** + Clear legacy memory located at the first 4K-page. + + This function traverses the whole HOB list to check if memory from 0 to= 4095=20 + exists and has not been allocated, and then clear it if so. + + @param HoStart The start of HobList passed to DxeCore. + +**/ +VOID +ClearLegacyMemory( + IN VOID *HobStart + ); + #endif diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/Dx= eIplPeim/DxeIpl.inf index c54afe4aa6..fde70f94bb 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf @@ -110,11 +110,12 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplBuildPageTables ## CONSUMES =20 [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress ##= CONSUMES =20 [Pcd.IA32,Pcd.X64] gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##= SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES =20 [Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64] gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIM= ES_CONSUMES diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c b/MdeModulePkg/Core/Dxe= IplPeim/DxeLoad.c index 50b5440d15..b5f9d92f5b 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c +++ b/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c @@ -825,3 +825,56 @@ UpdateStackHob ( Hob.Raw =3D GET_NEXT_HOB (Hob); } } + +/** + Clear legacy memory located at the first 4K-page, if available. + + This function traverses the whole HOB list to check if memory from 0 to= 4095=20 + exists and has not been allocated, and then clear it if so. + + @param HoStart The start of HobList passed to DxeCore. + +**/ +VOID +ClearLegacyMemory( + IN VOID *HobStart + ) +{ + EFI_PEI_HOB_POINTERS RscDescHob; + EFI_PEI_HOB_POINTERS MemAllocHob; + BOOLEAN DoClear; + + RscDescHob.Raw =3D HobStart; + MemAllocHob.Raw =3D HobStart; + DoClear =3D FALSE; + + // + // Check if page 0 exists and free + // + while ((RscDescHob.Raw =3D GetNextHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR,= RscDescHob.Raw)) !=3D NULL) { + if (RscDescHob.ResourceDescriptor->ResourceType =3D=3D EFI_RESOURCE_SY= STEM_MEMORY &&=20 + RscDescHob.ResourceDescriptor->PhysicalStart =3D=3D 0) { + DoClear =3D TRUE; + //=20 + // Make sure memory at 0-4095 has not been allocated. + // + while ((MemAllocHob.Raw =3D GetNextHob (EFI_HOB_TYPE_MEMORY_ALLOCATI= ON, MemAllocHob.Raw)) !=3D NULL) { + if (MemAllocHob.MemoryAllocation->AllocDescriptor.MemoryBaseAddres= s < EFI_PAGE_SIZE) { + DoClear =3D FALSE; + break; + } + MemAllocHob.Raw =3D GET_NEXT_HOB (MemAllocHob); + } + break; + } + RscDescHob.Raw =3D GET_NEXT_HOB (RscDescHob); + } + + if (DoClear) { + DEBUG((DEBUG_INFO, "Clearing first 4K-page!\r\n")); + SetMem(NULL, EFI_PAGE_SIZE, 0); + } + + return; +} + diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg= /Core/DxeIplPeim/Ia32/DxeLoadFunc.c index 1957326caf..a8aa0d5d1b 100644 --- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c +++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c @@ -123,7 +123,8 @@ Create4GPageTablesIa32Pae ( PageDirectoryPointerEntry->Bits.Present =3D 1; =20 for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries < = 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress += =3D SIZE_2MB) { - if ((PhysicalAddress < StackBase + StackSize) && ((PhysicalAddress += SIZE_2MB) > StackBase)) { + if ((NULL_DETECTION_ENABLED && PhysicalAddress =3D=3D 0) + || ((PhysicalAddress < StackBase + StackSize) && ((PhysicalAddre= ss + SIZE_2MB) > StackBase))) { // // Need to split this 2M page that covers stack range. // @@ -240,6 +241,8 @@ HandOffToDxeCore ( EFI_PEI_VECTOR_HANDOFF_INFO_PPI *VectorHandoffInfoPpi; BOOLEAN BuildPageTablesIa32Pae; =20 + ClearLegacyMemory(HobList.Raw); + Status =3D PeiServicesAllocatePages (EfiBootServicesData, EFI_SIZE_TO_PA= GES (STACK_SIZE), &BaseOfStack); ASSERT_EFI_ERROR (Status); =20 @@ -379,7 +382,8 @@ HandOffToDxeCore ( TopOfStack =3D (EFI_PHYSICAL_ADDRESS) (UINTN) ALIGN_POINTER (TopOfStac= k, CPU_STACK_ALIGNMENT); =20 PageTables =3D 0; - BuildPageTablesIa32Pae =3D (BOOLEAN) (PcdGetBool (PcdSetNxForStack) &&= IsIa32PaeSupport () && IsExecuteDisableBitAvailable ()); + BuildPageTablesIa32Pae =3D (BOOLEAN) (IsIa32PaeSupport () && IsExecute= DisableBitAvailable () + && (PcdGetBool (PcdSetNxForStack) = || NULL_DETECTION_ENABLED)); if (BuildPageTablesIa32Pae) { PageTables =3D Create4GPageTablesIa32Pae (BaseOfStack, STACK_SIZE); EnableExecuteDisableBit (); diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c b/MdeModulePkg/= Core/DxeIplPeim/X64/DxeLoadFunc.c index 6488880eab..50a8d77a5b 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c @@ -42,6 +42,8 @@ HandOffToDxeCore ( EFI_VECTOR_HANDOFF_INFO *VectorInfo; EFI_PEI_VECTOR_HANDOFF_INFO_PPI *VectorHandoffInfoPpi; =20 + ClearLegacyMemory(HobList.Raw); + // // Get Vector Hand-off Info PPI and build Guided HOB // diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePk= g/Core/DxeIplPeim/X64/VirtualMemory.c index 48150be4e1..ccd6e10cb2 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c @@ -90,8 +90,14 @@ Split2MPageTo4K ( // PageTableEntry->Uint64 =3D (UINT64) PhysicalAddress4K | AddressEncMask; PageTableEntry->Bits.ReadWrite =3D 1; - PageTableEntry->Bits.Present =3D 1; - if ((PhysicalAddress4K >=3D StackBase) && (PhysicalAddress4K < StackBa= se + StackSize)) { + + if (NULL_DETECTION_ENABLED && PhysicalAddress4K =3D=3D 0) { + PageTableEntry->Bits.Present =3D 0; + } else { + PageTableEntry->Bits.Present =3D 1; + } + + if (PcdGetBool (PcdSetNxForStack) && (PhysicalAddress4K >=3D StackBase= ) && (PhysicalAddress4K < StackBase + StackSize)) { // // Set Nx bit for stack. // @@ -137,9 +143,10 @@ Split1GPageTo2M ( =20 PhysicalAddress2M =3D PhysicalAddress; for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries < 51= 2; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M += =3D SIZE_2MB) { - if ((PhysicalAddress2M < StackBase + StackSize) && ((PhysicalAddress2M= + SIZE_2MB) > StackBase)) { + if ((NULL_DETECTION_ENABLED && PhysicalAddress2M =3D=3D 0) + || (PcdGetBool (PcdSetNxForStack) && (PhysicalAddress2M < StackBas= e + StackSize) && ((PhysicalAddress2M + SIZE_2MB) > StackBase))) { // - // Need to split this 2M page that covers stack range. + // Need to split this 2M page that covers NULL or stack range. // Split2MPageTo4K (PhysicalAddress2M, (UINT64 *) PageDirectoryEntry, S= tackBase, StackSize); } else { @@ -279,7 +286,8 @@ CreateIdentityMappingPageTables ( PageDirectory1GEntry =3D (VOID *) PageDirectoryPointerEntry; =20 for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries = < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += =3D SIZE_1GB) { - if (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBase + St= ackSize) && ((PageAddress + SIZE_1GB) > StackBase)) { + if ((NULL_DETECTION_ENABLED && PageAddress =3D=3D 0) + || (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBase = + StackSize) && ((PageAddress + SIZE_1GB) > StackBase))) { Split1GPageTo2M (PageAddress, (UINT64 *) PageDirectory1GEntry, S= tackBase, StackSize); } else { // @@ -308,9 +316,10 @@ CreateIdentityMappingPageTables ( PageDirectoryPointerEntry->Bits.Present =3D 1; =20 for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntrie= s < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += =3D SIZE_2MB) { - if (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBase + = StackSize) && ((PageAddress + SIZE_2MB) > StackBase)) { + if ((NULL_DETECTION_ENABLED && PageAddress =3D=3D 0) + || (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBas= e + StackSize) && ((PageAddress + SIZE_2MB) > StackBase))) { // - // Need to split this 2M page that covers stack range. + // Need to split this 2M page that covers NULL or stack range. // Split2MPageTo4K (PageAddress, (UINT64 *) PageDirectoryEntry, S= tackBase, StackSize); } else { diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 593bff357a..1cc84894af 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -860,6 +860,18 @@ # @ValidList 0x80000006 | 0x03058002 gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable|0x03058002|UINT32= |0x30001040 =20 + ## Mask to control the NULL address detection in code for different phas= es. + # If enabled, accessing NULL address in UEFI or SMM code can be caught.=

+ # BIT0 - Enable NULL pointer detection for UEFI.
+ # BIT1 - Enable NULL pointer detection for SMM.
+ # BIT2..6 - Reserved for future uses.
+ # BIT7 - Disable NULL pointer detection just after EndOfDxe.
+ # This is a workaround for those unsolvable NULL access iss= ues in OptionROM, boot loader, etc. + # It can also help to avoid unnecessary exception caused by= legacy memory (0-4095) access after=20 + # EndOfDxe, such as Windows 7 boot on Qemu.
+ # @Prompt Enable NULL address detection. + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask|0x0|U= INT8|0x30001050 + [PcdsFixedAtBuild, PcdsPatchableInModule] ## Dynamic type PCD can be registered callback function for Pcd setting = action. # PcdMaxPeiPcdCallBackNumberPerPcdEntry indicates the maximum number of= callback function --=20 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Sat Apr 27 10:15:41 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 150529472733620.781913133537046; Wed, 13 Sep 2017 02:25:27 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 9B7CA21D492F0; Wed, 13 Sep 2017 02:22:28 -0700 (PDT) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CDAB921E8796F for ; Wed, 13 Sep 2017 02:22:27 -0700 (PDT) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP; 13 Sep 2017 02:25:24 -0700 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.50]) by fmsmga005.fm.intel.com with ESMTP; 13 Sep 2017 02:25:22 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,387,1500966000"; d="scan'208";a="150787236" From: "Wang, Jian J" To: edk2-devel@lists.01.org Date: Wed, 13 Sep 2017 17:25:05 +0800 Message-Id: <20170913092507.12504-3-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 In-Reply-To: <20170913092507.12504-1-jian.j.wang@intel.com> References: <20170913092507.12504-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 2/4] UefiCpuPkg/PiSmmCpuDxeSmm: Implement NULL pointer detection for SMM mode code. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Justen@ml01.01.org, Eric Dong , Kinney@ml01.01.org, Jordan L , Wolman@ml01.01.org, Jiewen Yao , Ayellet , Michael D , Laszlo Ersek , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The mechanism behind is the same as NULL pointer detection enabled in EDK-I= I core. SMM has its own page table and we have to disable page 0 again in S= MM mode. Cc: Jiewen Yao Cc: Eric Dong Cc: Star Zeng Cc: Laszlo Ersek Cc: Justen, Jordan L Cc: Kinney, Michael D Cc: Wolman, Ayellet Suggested-by: Wolman, Ayellet Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wang, Jian J --- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 11 +++++++++++ UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 25 ++++++++++++++++++++++++- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 2 ++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 17 +++++++++-------- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 11 +++++++++++ 5 files changed, 57 insertions(+), 9 deletions(-) diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/PageTbl.c index f295c2ebf2..d423958783 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -155,6 +155,17 @@ SmiPFHandler ( } } =20 + // + // If NULL pointer was just accessed + // + if (NULL_DETECTION_ENABLED && (PFAddress >=3D 0 && PFAddress < EFI_PAGE_= SIZE)) { + DEBUG ((DEBUG_ERROR, "!!! NULL pointer access !!!\n")); + DEBUG_CODE ( + DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextIa32->Rip); + ); + CpuDeadLoop (); + } + if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { SmmProfilePFHandler ( SystemContext.SystemContextIa32->Eip, diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxe= Smm/MpService.c index f086b97c30..81c5ac9d11 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c @@ -855,10 +855,10 @@ Gen4GPageTable ( Pte[Index] =3D (Index << 21) | mAddressEncMask | IA32_PG_PS | PAGE_ATT= RIBUTE_BITS; } =20 + Pdpte =3D (UINT64*)PageTable; if (FeaturePcdGet (PcdCpuSmmStackGuard)) { Pages =3D (UINTN)PageTable + EFI_PAGES_TO_SIZE (5); GuardPage =3D mSmmStackArrayBase + EFI_PAGE_SIZE; - Pdpte =3D (UINT64*)PageTable; for (PageIndex =3D Low2MBoundary; PageIndex <=3D High2MBoundary; PageI= ndex +=3D SIZE_2MB) { Pte =3D (UINT64*)(UINTN)(Pdpte[BitFieldRead32 ((UINT32)PageIndex, 30= , 31)] & ~mAddressEncMask & ~(EFI_PAGE_SIZE - 1)); Pte[BitFieldRead32 ((UINT32)PageIndex, 21, 29)] =3D (UINT64)Pages | = mAddressEncMask | PAGE_ATTRIBUTE_BITS; @@ -886,6 +886,29 @@ Gen4GPageTable ( } } =20 + if (NULL_DETECTION_ENABLED) { + Pte =3D (UINT64*)(UINT64)(Pdpte[0] & ~mAddressEncMask & ~(EFI_PAGE_SIZ= E - 1)); + if ((Pte[0] & IA32_PG_PS) =3D=3D 0) { + // 4K-page entries are already mapped. Just hide the first one anywa= y. + Pte =3D (UINT64*)(UINT64)(Pte[0] & ~mAddressEncMask & ~(EFI_PAGE_SIZ= E - 1)); + Pte[0] &=3D ~1; // Hide page 0 + } else { + // Create 4K-page entries + Pages =3D (UINTN)AllocatePageTableMemory (1); + ASSERT (Pages !=3D 0); + + Pte[0] =3D (UINT64)(Pages | mAddressEncMask | PAGE_ATTRIBUTE_BITS); + + Pte =3D (UINT64*)Pages; + PageAddress =3D 0; + Pte[0] =3D PageAddress | mAddressEncMask; // Hide page 0 but present= left + for (Index =3D 1; Index < EFI_PAGE_SIZE / sizeof (*Pte); Index++) { + PageAddress +=3D EFI_PAGE_SIZE; + Pte[Index] =3D PageAddress | mAddressEncMask | PAGE_ATTRIBUTE_BITS; + } + } + } + return (UINT32)(UINTN)PageTable; } =20 diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h b/UefiCpuPkg/PiSmmC= puDxeSmm/PiSmmCpuDxeSmm.h index 1cf85c1481..bcb3032db8 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h @@ -153,6 +153,8 @@ typedef UINT32 SMM_CPU_ARR= IVAL_EXCEPTIONS; #define ARRIVAL_EXCEPTION_DELAYED 0x2 #define ARRIVAL_EXCEPTION_SMI_DISABLED 0x4 =20 +#define NULL_DETECTION_ENABLED ((PcdGet8(PcdNullPointerDetectionPropert= yMask) & BIT1) !=3D 0) + // // Private structure for the SMM CPU module that is stored in DXE Runtime = memory // Contains the SMM Configuration Protocols that is produced. diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSm= mCpuDxeSmm/PiSmmCpuDxeSmm.inf index 099792e6ce..57a14d9f24 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf @@ -138,14 +138,14 @@ gEdkiiPiSmmMemoryAttributesTableGuid ## CONSUMES ## SystemTable =20 [FeaturePcd] - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmDebug ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmBlockStartupThisAp ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuHotPlugSupport ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackGuard ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileEnable ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileRingBuffer ## CONS= UMES - gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock ## CONS= UMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmDebug ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmBlockStartupThisAp ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuHotPlugSupport ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStackGuard ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileEnable ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileRingBuffer ## CO= NSUMES + gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmFeatureControlMsrLock ## CO= NSUMES =20 [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber ## SOME= TIMES_CONSUMES @@ -159,6 +159,7 @@ gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmStaticPageTable ## CONS= UMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ## CONS= UMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES =20 [Depex] gEfiMpServiceProtocolGuid diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index 3dde80f9ba..e67bcfe0f6 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -872,6 +872,17 @@ SmiPFHandler ( } } =20 + // + // If NULL pointer was just accessed + // + if (NULL_DETECTION_ENABLED && (PFAddress >=3D 0 && PFAddress < EFI_PAGE_= SIZE)) { + DEBUG ((DEBUG_ERROR, "!!! NULL pointer access !!!\n")); + DEBUG_CODE ( + DumpModuleInfoByIp ((UINTN)SystemContext.SystemContextX64->Rip); + ); + CpuDeadLoop (); + } + if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { SmmProfilePFHandler ( SystemContext.SystemContextX64->Rip, --=20 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Sat Apr 27 10:15:41 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1505294730553901.5410676045647; Wed, 13 Sep 2017 02:25:30 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id D745021D492F3; Wed, 13 Sep 2017 02:22:31 -0700 (PDT) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 66D1721E8796F for ; Wed, 13 Sep 2017 02:22:30 -0700 (PDT) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP; 13 Sep 2017 02:25:28 -0700 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.50]) by fmsmga005.fm.intel.com with ESMTP; 13 Sep 2017 02:25:25 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,387,1500966000"; d="scan'208";a="150787248" From: "Wang, Jian J" To: edk2-devel@lists.01.org Date: Wed, 13 Sep 2017 17:25:06 +0800 Message-Id: <20170913092507.12504-4-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 In-Reply-To: <20170913092507.12504-1-jian.j.wang@intel.com> References: <20170913092507.12504-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 3/4] IntelFrameworkModulePkg/Csm: Update CSM code to temporarily bypass NULL pointer detection if enabled. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Justen@ml01.01.org, Eric Dong , Kinney@ml01.01.org, Jordan L , Wolman@ml01.01.org, Jiewen Yao , Ayellet , Michael D , Laszlo Ersek , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" CSM code has to access memory below 4096 (BDA, int vector, etc.). If NULL p= ointer detection is enabled, the page 0 must be enabled temporarily before = accessing it and disabled again afterwards. Otherwise page fault will be tr= iggered. Cc: Jiewen Yao Cc: Eric Dong Cc: Star Zeng Cc: Laszlo Ersek Cc: Justen, Jordan L Cc: Kinney, Michael D Cc: Wolman, Ayellet Suggested-by: Wolman, Ayellet Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wang, Jian J Acked-by: Brian J. Johnson --- .../Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c | 10 +++- .../Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h | 18 +++++++ .../Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf | 2 + .../Csm/LegacyBiosDxe/LegacyBda.c | 4 ++ .../Csm/LegacyBiosDxe/LegacyBios.c | 55 ++++++++++++++++++= ---- .../Csm/LegacyBiosDxe/LegacyBiosDxe.inf | 2 + .../Csm/LegacyBiosDxe/LegacyBiosInterface.h | 23 +++++++++ .../Csm/LegacyBiosDxe/LegacyBootSupport.c | 33 ++++++++++--- .../Csm/LegacyBiosDxe/LegacyPci.c | 17 ++++++- IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c | 41 ++++++++++------ 10 files changed, 173 insertions(+), 32 deletions(-) diff --git a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard= .c b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c index 7308523ad8..96148ae367 100644 --- a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c +++ b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c @@ -248,7 +248,7 @@ BiosKeyboardDriverBindingStart ( // // Allocate the private device structure // - BiosKeyboardPrivate =3D (BIOS_KEYBOARD_DEV *) AllocateZeroPool (sizeof= (BIOS_KEYBOARD_DEV)); + BiosKeyboardPrivate =3D (BIOS_KEYBOARD_DEV *) AllocateZeroPool (sizeof (= BIOS_KEYBOARD_DEV)); if (NULL =3D=3D BiosKeyboardPrivate) { Status =3D EFI_OUT_OF_RESOURCES; goto Done; @@ -281,6 +281,9 @@ BiosKeyboardDriverBindingStart ( BiosKeyboardPrivate->SimpleTextInputEx.UnregisterKeyNotify =3D BiosKeybo= ardUnregisterKeyNotify; =20 InitializeListHead (&BiosKeyboardPrivate->NotifyList); =20 + Status =3D gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID **= ) &BiosKeyboardPrivate->Cpu); + ASSERT_EFI_ERROR(Status); + // // Report that the keyboard is being enabled // @@ -1842,7 +1845,9 @@ BiosKeyboardTimerHandler ( // // Clear the CTRL and ALT BDA flag // - KbFlag1 =3D *((UINT8 *) (UINTN) 0x417); // read the STATUS FLAGS 1 + DISABLE_NULL_DETECTION(BiosKeyboardPrivate); + + KbFlag1 =3D *((UINT8 *) (UINTN) 0x417); // read the STATUS FLAGS 1 KbFlag2 =3D *((UINT8 *) (UINTN) 0x418); // read STATUS FLAGS 2 =20 DEBUG_CODE ( @@ -1916,6 +1921,7 @@ BiosKeyboardTimerHandler ( KbFlag1 &=3D ~0x0C; =20 *((UINT8 *) (UINTN) 0x417) =3D KbFlag1;=20 =20 + ENABLE_NULL_DETECTION(BiosKeyboardPrivate); =20 // // Output EFI input key and shift/toggle state diff --git a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard= .h b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h index 0bf28ea140..b717ef676b 100644 --- a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h +++ b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h @@ -26,6 +26,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #include #include #include +#include =20 #include #include @@ -212,6 +213,7 @@ typedef struct { EFI_HANDLE Handle; EFI_LEGACY_BIOS_PROTOCOL *LegacyBios; EFI_ISA_IO_PROTOCOL *IsaIo; + EFI_CPU_ARCH_PROTOCOL *Cpu; EFI_SIMPLE_TEXT_INPUT_PROTOCOL SimpleTextIn; EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL SimpleTextInputEx; UINT16 DataRegisterAddress; @@ -242,6 +244,22 @@ typedef struct { BIOS_KEYBOARD_DEV_SIGNATURE \ ) =20 +// +// CSM needs to access memory between 0-4095, which will cause page fault = exception=20 +// if NULL pointer detection mechanism is enabled. Following macros can be= used +// to disable/enable NULL pointer detection before/after accessing those m= emory. +// +#define NULL_POINTER_DETECTION_ENABLED ((PcdGet8(PcdNullPointerDetectionP= ropertyMask) & BIT0) !=3D 0) +#define DISABLE_NULL_DETECTION(Instance) = \ + if (NULL_POINTER_DETECTION_ENABLED && (Instance)->Cpu !=3D NULL) { = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , 0); \ + } + =20 +#define ENABLE_NULL_DETECTION(Instance) = \ + if (NULL_POINTER_DETECTION_ENABLED && (Instance)->Cpu !=3D NULL) { = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , EFI_MEMORY_RP); \ + } + // // Global Variables // diff --git a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.= inf b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf index 4d4536466c..4291a10123 100644 --- a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf +++ b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf @@ -67,12 +67,14 @@ gEfiSimpleTextInputExProtocolGuid ## BY_START gEfiLegacyBiosProtocolGuid ## CONSUMES gEfiPs2PolicyProtocolGuid ## SOMETIMES_CONSUMES + gEfiCpuArchProtocolGuid ## SOMETIMES_CONSUMES =20 [FeaturePcd] gEfiMdeModulePkgTokenSpaceGuid.PcdPs2KbdExtendedVerification|FALSE ## C= ONSUMES =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdFastPS2Detection ## S= OMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## C= ONSUMES =20 [UserExtensions.TianoCore."ExtraFiles"] KeyboardDxeExtra.uni diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c b/IntelF= rameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c index c45d5d4c3e..e7cee4b8a3 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c @@ -34,6 +34,8 @@ LegacyBiosInitBda ( BDA_STRUC *Bda; UINT8 *Ebda; =20 + DISABLE_NULL_DETECTION(Private); + Bda =3D (BDA_STRUC *) ((UINTN) 0x400); Ebda =3D (UINT8 *) ((UINTN) 0x9fc00); =20 @@ -62,5 +64,7 @@ LegacyBiosInitBda ( =20 *Ebda =3D 0x01; =20 + ENABLE_NULL_DETECTION(Private); + return EFI_SUCCESS; } diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c b/Intel= FrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c index 3ead2d9828..c3ef542ea3 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c @@ -40,6 +40,7 @@ VOID *mRuntimeSmbiosEntryPoint =3D NULL; EFI_PHYSICAL_ADDRESS mReserveSmbiosEntryPoint =3D 0; EFI_PHYSICAL_ADDRESS mStructureTableAddress =3D 0; UINTN mStructureTablePages =3D 0; +BOOLEAN mEndOfDxe =3D FALSE; =20 /** Do an AllocatePages () of type AllocateMaxAddress for EfiBootServicesCode @@ -765,6 +766,26 @@ InstallSmbiosEventCallback ( } } =20 +/** + Callback function to toggle EndOfDxe status. NULL pointer detection need= s this=20 + status to decide if it's necessary to change attributes of page 0.=20 + + @param Event Event whose notification function is being= invoked. + @param Context The pointer to the notification function's= context, + which is implementation-dependent. + +**/ +VOID +EFIAPI +ToggleEndOfDxeStatus ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + mEndOfDxe =3D TRUE; + return; +} + /** Install Driver to produce Legacy BIOS protocol. =20 @@ -802,6 +823,7 @@ LegacyBiosInstall ( UINT64 Length; UINT8 *SecureBoot; EFI_EVENT InstallSmbiosEvent; + EFI_EVENT EndOfDxeEvent; =20 // // Load this driver's image to memory @@ -964,8 +986,10 @@ LegacyBiosInstall ( // Initialize region from 0x0000 to 4k. This initializes interrupt vector // range. // - gBS->SetMem ((VOID *) ClearPtr, 0x400, INITIAL_VALUE_BELOW_1K); - ZeroMem ((VOID *) ((UINTN)ClearPtr + 0x400), 0xC00); + DISABLE_NULL_DETECTION(Private); + gBS->SetMem ((VOID *) ClearPtr, 0x400, INITIAL_VALUE_BELOW_1K); + ZeroMem ((VOID *) ((UINTN)ClearPtr + 0x400), 0xC00); + ENABLE_NULL_DETECTION(Private); =20 // // Allocate pages for OPROM usage @@ -1104,12 +1128,14 @@ LegacyBiosInstall ( // // Save Unexpected interrupt vector so can restore it just prior to boot // - BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE_V= ECTOR_MASTER); - Private->BiosUnexpectedInt =3D BaseVectorMaster[0]; - IntRedirCode =3D (UINT32) (UINTN) Private->IntThunk->InterruptRedirectio= nCode; - for (Index =3D 0; Index < 8; Index++) { - BaseVectorMaster[Index] =3D (EFI_SEGMENT (IntRedirCode + Index * 4) <<= 16) | EFI_OFFSET (IntRedirCode + Index * 4); - } + DISABLE_NULL_DETECTION(Private); + BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE= _VECTOR_MASTER); + Private->BiosUnexpectedInt =3D BaseVectorMaster[0]; + IntRedirCode =3D (UINT32) (UINTN) Private->IntThunk->InterruptRedirect= ionCode; + for (Index =3D 0; Index < 8; Index++) { + BaseVectorMaster[Index] =3D (EFI_SEGMENT (IntRedirCode + Index * 4) = << 16) | EFI_OFFSET (IntRedirCode + Index * 4); + } + ENABLE_NULL_DETECTION(Private); // // Save EFI value // @@ -1133,6 +1159,19 @@ LegacyBiosInstall ( ); ASSERT_EFI_ERROR (Status); =20 =20 + // + // Create callback to update status of EndOfDxe, which is needed by NULL= pointer detection + // + Status =3D gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + ToggleEndOfDxeStatus, + NULL, + &gEfiEndOfDxeEventGroupGuid, + &EndOfDxeEvent + ); + ASSERT_EFI_ERROR (Status); + // // Make a new handle and install the protocol // diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf b/= IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf index 48473a0713..10dc392800 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf @@ -108,6 +108,7 @@ gEfiDiskInfoIdeInterfaceGuid ## SOMETIMES_CONSUMES ##GU= ID #Used in LegacyBiosBuildIdeData() to assure device is a disk gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ##Sy= stemTable gEfiLegacyBiosGuid ## SOMETIMES_CONSUMES ##GU= ID #Used in LegacyBiosInstallVgaRom() to locate handle buffer + gEfiEndOfDxeEventGroupGuid =20 [Guids.IA32] gEfiAcpi20TableGuid ## SOMETIMES_CONSUMES ##Sy= stemTable @@ -147,6 +148,7 @@ gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdHighPmmMemorySize = ## CONSUMES gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdOpromReservedMemoryBase = ## CONSUMES gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdOpromReservedMemorySize = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask = ## CONSUMES =20 [Depex] gEfiLegacyRegion2ProtocolGuid AND gEfiLegacyInterruptProtocolGuid AND gE= fiLegacyBiosPlatformProtocolGuid AND gEfiLegacy8259ProtocolGuid AND gEfiGen= ericMemTestProtocolGuid AND gEfiCpuArchProtocolGuid AND gEfiTimerArchProtoc= olGuid AND gEfiVariableWriteArchProtocolGuid diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.= h b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h index fe9dd7463a..9d479309a4 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h @@ -108,6 +108,27 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EIT= HER EXPRESS OR IMPLIED. #define NORMALIZE_EFI_SEGMENT(_Adr) (UINT16) (((UINTN) (_Adr)) >> 4) #define NORMALIZE_EFI_OFFSET(_Adr) (UINT16) (((UINT16) ((UINTN) (_Ad= r))) & 0xf) =20 +// +// CSM needs to access memory between 0-4095, which will cause page fault = exception=20 +// if NULL pointer detection mechanism is enabled. Following macros can be= used +// to disable/enable NULL pointer detection before/after accessing those m= emory. +// +#define NULL_DETECTION_ENABLED = \ + ( ((mEndOfDxe =3D=3D FALSE) && ((PcdGet8(PcdNullPointerDetectionPropert= yMask) & BIT0) =3D=3D BIT0)) \ + || ((mEndOfDxe =3D=3D TRUE) && ((PcdGet8(PcdNullPointerDetectionPropert= yMask) & (BIT0|BIT7)) =3D=3D BIT0)) \ + ) +#define DISABLE_NULL_DETECTION(Instance) = \ + if (NULL_DETECTION_ENABLED) { = \ + DEBUG((DEBUG_INFO, "%a(): disable NULL detection\r\n", __func__)); = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , 0); \ + } + =20 +#define ENABLE_NULL_DETECTION(Instance) = \ + if (NULL_DETECTION_ENABLED) { = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , EFI_MEMORY_RP); \ + DEBUG((DEBUG_INFO, "%a(): enable NULL detection\r\n", __func__)); = \ + } + // // Trace defines // @@ -509,6 +530,8 @@ extern BBS_TABLE *mBbsTable; =20 extern EFI_GENERIC_MEMORY_TEST_PROTOCOL *gGenMemoryTest; =20 +extern BOOLEAN mEndOfDxe; + #define PORT_70 0x70 #define PORT_71 0x71 =20 diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c = b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c index 1e098b3726..d381c2f735 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c @@ -1073,8 +1073,10 @@ GenericLegacyBoot ( // Use 182/10 to avoid floating point math. // LocalTime =3D (LocalTime * 182) / 10; - BdaPtr =3D (UINT32 *) (UINTN)0x46C; - *BdaPtr =3D LocalTime; + DISABLE_NULL_DETECTION(Private); + BdaPtr =3D (UINT32 *) (UINTN)0x46C; + *BdaPtr =3D LocalTime; + ENABLE_NULL_DETECTION(Private); =20 // // Shadow PCI ROMs. We must do this near the end since this will kick @@ -1320,6 +1322,7 @@ GenericLegacyBoot ( // set of TIANO vectors) or takes it over. // // + DISABLE_NULL_DETECTION(Private); BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE= _VECTOR_MASTER); for (Index =3D 0; Index < 8; Index++) { Private->ThunkSavedInt[Index] =3D BaseVectorMaster[Index]; @@ -1327,6 +1330,7 @@ GenericLegacyBoot ( BaseVectorMaster[Index] =3D (UINT32) (Private->BiosUnexpectedInt); } } + ENABLE_NULL_DETECTION(Private); =20 ZeroMem (&Regs, sizeof (EFI_IA32_REGISTER_SET)); Regs.X.AX =3D Legacy16Boot; @@ -1340,10 +1344,12 @@ GenericLegacyBoot ( 0 ); =20 + DISABLE_NULL_DETECTION(Private); BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE= _VECTOR_MASTER); for (Index =3D 0; Index < 8; Index++) { BaseVectorMaster[Index] =3D Private->ThunkSavedInt[Index]; } + ENABLE_NULL_DETECTION(Private); } Private->LegacyBootEntered =3D TRUE; if ((mBootMode =3D=3D BOOT_LEGACY_OS) || (mBootMode =3D=3D BOOT_UNCONVEN= TIONAL_DEVICE)) { @@ -1731,9 +1737,11 @@ LegacyBiosBuildE820 ( // // First entry is 0 to (640k - EBDA) // - E820Table[0].BaseAddr =3D 0; - E820Table[0].Length =3D (UINT64) ((*(UINT16 *) (UINTN)0x40E) << 4); - E820Table[0].Type =3D EfiAcpiAddressRangeMemory; + DISABLE_NULL_DETECTION(Private); + E820Table[0].BaseAddr =3D 0; + E820Table[0].Length =3D (UINT64) ((*(UINT16 *) (UINTN)0x40E) << 4); + E820Table[0].Type =3D EfiAcpiAddressRangeMemory; + ENABLE_NULL_DETECTION(Private); =20 // // Second entry is (640k - EBDA) to 640k @@ -1967,6 +1975,8 @@ LegacyBiosCompleteBdaBeforeBoot ( UINT16 MachineConfig; DEVICE_PRODUCER_DATA_HEADER *SioPtr; =20 + DISABLE_NULL_DETECTION(Private); + Bda =3D (BDA_STRUC *) ((UINTN) 0x400); MachineConfig =3D 0; =20 @@ -2025,6 +2035,8 @@ LegacyBiosCompleteBdaBeforeBoot ( MachineConfig =3D (UINT16) (MachineConfig + 0x00 + 0x02 + (SioPtr-= >MousePresent * 0x04)); Bda->MachineConfig =3D MachineConfig; =20 + ENABLE_NULL_DETECTION(Private); + return EFI_SUCCESS; } =20 @@ -2049,15 +2061,20 @@ LegacyBiosUpdateKeyboardLedStatus ( UINT8 LocalLeds; EFI_IA32_REGISTER_SET Regs; =20 - Bda =3D (BDA_STRUC *) ((UINTN) 0x400); - Private =3D LEGACY_BIOS_INSTANCE_FROM_THIS (This); + + DISABLE_NULL_DETECTION(Private); + + Bda =3D (BDA_STRUC *) ((UINTN) 0x400); LocalLeds =3D Leds; Bda->LedStatus =3D (UINT8) ((Bda->LedStatus &~0x07) | LocalLeds); LocalLeds =3D (UINT8) (LocalLeds << 4); Bda->ShiftStatus =3D (UINT8) ((Bda->ShiftStatus &~0x70) | LocalLeds); LocalLeds =3D (UINT8) (Leds & 0x20); Bda->KeyboardStatus =3D (UINT8) ((Bda->KeyboardStatus &~0x20) | LocalLed= s); + + ENABLE_NULL_DETECTION(Private); + // // Call into Legacy16 code to allow it to do any processing // @@ -2102,7 +2119,9 @@ LegacyBiosCompleteStandardCmosBeforeBoot ( // to large capacity drives // CMOS 14 =3D BDA 40:10 plus bit 3(display enabled) // + DISABLE_NULL_DETECTION(Private); Bda =3D (UINT8)(*((UINT8 *)((UINTN)0x410)) | BIT3); + ENABLE_NULL_DETECTION(Private); =20 // // Force display enabled diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c b/IntelF= rameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c index 8ffdf0c1ff..2ca5dddf00 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c @@ -2279,6 +2279,7 @@ LegacyBiosInstallRom ( UINTN Function; EFI_IA32_REGISTER_SET Regs; UINT8 VideoMode; + UINT8 OldVideoMode; EFI_TIME BootTime; UINT32 *BdaPtr; UINT32 LocalTime; @@ -2299,6 +2300,7 @@ LegacyBiosInstallRom ( Device =3D 0; Function =3D 0; VideoMode =3D 0; + OldVideoMode =3D 0; PhysicalAddress =3D 0; MaxRomAddr =3D PcdGet32 (PcdEndOpromShadowAddress); =20 @@ -2401,6 +2403,8 @@ LegacyBiosInstallRom ( // 2. BBS compliants drives will not change 40:75 until boot time. // 3. Onboard IDE controllers will change 40:75 // + DISABLE_NULL_DETECTION(Private); + LocalDiskStart =3D (UINT8) ((*(UINT8 *) ((UINTN) 0x475)) + 0x80); if ((Private->Disk4075 + 0x80) < LocalDiskStart) { // @@ -2426,6 +2430,9 @@ LegacyBiosInstallRom ( // VideoMode =3D *(UINT8 *) ((UINTN) (0x400 + BDA_VIDEO_MODE)); } + + ENABLE_NULL_DETECTION(Private); + // // Notify the platform that we are about to scan the ROM // @@ -2466,9 +2473,11 @@ LegacyBiosInstallRom ( // Multiply result by 18.2 for number of ticks since midnight. // Use 182/10 to avoid floating point math. // + DISABLE_NULL_DETECTION(Private); LocalTime =3D (LocalTime * 182) / 10; BdaPtr =3D (UINT32 *) ((UINTN) 0x46C); *BdaPtr =3D LocalTime; + ENABLE_NULL_DETECTION(Private); =20 // // Pass in handoff data @@ -2564,7 +2573,11 @@ LegacyBiosInstallRom ( // // Set mode settings since PrepareToScanRom may change mode // - if (VideoMode !=3D *(UINT8 *) ((UINTN) (0x400 + BDA_VIDEO_MODE))) { + DISABLE_NULL_DETECTION(Private); + OldVideoMode =3D *(UINT8 *) ((UINTN) (0x400 + BDA_VIDEO_MODE)); + ENABLE_NULL_DETECTION(Private); + + if (VideoMode !=3D OldVideoMode) { // // The active video mode is changed, restore it to original mode. // @@ -2604,7 +2617,9 @@ LegacyBiosInstallRom ( } } =20 + DISABLE_NULL_DETECTION(Private); LocalDiskEnd =3D (UINT8) ((*(UINT8 *) ((UINTN) 0x475)) + 0x80); + ENABLE_NULL_DETECTION(Private); =20 // // Allow platform to perform any required actions after the diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c b/IntelFrame= workModulePkg/Csm/LegacyBiosDxe/Thunk.c index 3d9a8b9649..50f6247a99 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c @@ -57,7 +57,11 @@ LegacyBiosInt86 ( IN EFI_IA32_REGISTER_SET *Regs ) { - UINT32 *VectorBase; + UINT16 Segment; + UINT16 Offset; + LEGACY_BIOS_INSTANCE *Private; + + Private =3D LEGACY_BIOS_INSTANCE_FROM_THIS (This); =20 Regs->X.Flags.Reserved1 =3D 1; Regs->X.Flags.Reserved2 =3D 0; @@ -72,12 +76,15 @@ LegacyBiosInt86 ( // The base address of legacy interrupt vector table is 0. // We use this base address to get the legacy interrupt handler. // - VectorBase =3D 0; + DISABLE_NULL_DETECTION(Private); + Segment =3D (UINT16)(((UINT32 *)0)[BiosInt] >> 16); + Offset =3D (UINT16)((UINT32 *)0)[BiosInt]; + ENABLE_NULL_DETECTION(Private); =20 return InternalLegacyBiosFarCall ( This, - (UINT16) ((VectorBase)[BiosInt] >> 16), - (UINT16) (VectorBase)[BiosInt], + Segment, + Offset, Regs, &Regs->X.Flags, sizeof (Regs->X.Flags) @@ -288,16 +295,22 @@ InternalLegacyBiosFarCall ( // EBDA base address, if the current EBDA base address is smaller, it in= dicates // PcdEbdaReservedMemorySize should be adjusted to larger for more OPROM= s. // - DEBUG_CODE ( - { - UINTN EbdaBaseAddress; - UINTN ReservedEbdaBaseAddress; - - EbdaBaseAddress =3D (*(UINT16 *) (UINTN) 0x40E) << 4; - ReservedEbdaBaseAddress =3D CONVENTIONAL_MEMORY_TOP - PcdGet32 (PcdE= bdaReservedMemorySize); - ASSERT (ReservedEbdaBaseAddress <=3D EbdaBaseAddress); - } - ); + if (!NULL_DETECTION_ENABLED) { + //=20 + // Only do following if NULL pointer detection is not enabled, because= it cannot=20 + // be disabled at this time due to current TPL(=3DTPL_HIGH_LEVEL). + // + DEBUG_CODE ( + { + UINTN EbdaBaseAddress; + UINTN ReservedEbdaBaseAddress; + + EbdaBaseAddress =3D (*(UINT16 *) (UINTN) 0x40E) << 4; + ReservedEbdaBaseAddress =3D CONVENTIONAL_MEMORY_TOP - PcdGet32 (Pc= dEbdaReservedMemorySize); + ASSERT (ReservedEbdaBaseAddress <=3D EbdaBaseAddress); + } + ); + } =20 if (Stack !=3D NULL && StackSize !=3D 0) { // --=20 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Sat Apr 27 10:15:41 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1505294733970953.493721339101; Wed, 13 Sep 2017 02:25:33 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 28EA621D492F7; Wed, 13 Sep 2017 02:22:35 -0700 (PDT) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 4F40321E8796F for ; Wed, 13 Sep 2017 02:22:33 -0700 (PDT) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP; 13 Sep 2017 02:25:31 -0700 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.50]) by fmsmga005.fm.intel.com with ESMTP; 13 Sep 2017 02:25:29 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.42,387,1500966000"; d="scan'208";a="150787260" From: "Wang, Jian J" To: edk2-devel@lists.01.org Date: Wed, 13 Sep 2017 17:25:07 +0800 Message-Id: <20170913092507.12504-5-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 In-Reply-To: <20170913092507.12504-1-jian.j.wang@intel.com> References: <20170913092507.12504-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 4/4] OvmfPkg/QemuVideoDxe: Update QemuVideoDxe driver to bypass NULL pointer detection if enabled. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Justen@ml01.01.org, Eric Dong , Kinney@ml01.01.org, Jordan L , Wolman@ml01.01.org, Jiewen Yao , Ayellet , Michael D , Laszlo Ersek , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" QemuVideoDxe driver will install VBE SHIM into page 0. If NULL pointer dete= ction is enabled, page 0 must be enabled temporarily before installing and = disabled again afterwards. For Windows 7 boot, BIT7 of PcdNullPointerDetect= ionPropertyMask must still be set to avoid hang. Cc: Jiewen Yao Cc: Eric Dong Cc: Star Zeng Cc: Laszlo Ersek Cc: Justen, Jordan L Cc: Kinney, Michael D Cc: Wolman, Ayellet Suggested-by: Wolman, Ayellet Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wang, Jian J Acked-by: Brian J. Johnson Suggested-by: "Wolman, Ayellet" --- OvmfPkg/QemuVideoDxe/Driver.c | 15 ++++++++++++++- OvmfPkg/QemuVideoDxe/Qemu.h | 16 ++++++++++++++++ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf | 2 ++ 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/QemuVideoDxe/Driver.c b/OvmfPkg/QemuVideoDxe/Driver.c index 0dce80e59b..ee0eed7214 100644 --- a/OvmfPkg/QemuVideoDxe/Driver.c +++ b/OvmfPkg/QemuVideoDxe/Driver.c @@ -194,6 +194,7 @@ QemuVideoControllerDriverStart ( PCI_TYPE00 Pci; QEMU_VIDEO_CARD *Card; EFI_PCI_IO_PROTOCOL *ChildPciIo; + EFI_CPU_ARCH_PROTOCOL *Cpu; =20 OldTpl =3D gBS->RaiseTPL (TPL_CALLBACK); =20 @@ -479,7 +480,19 @@ QemuVideoControllerDriverStart ( #if defined MDE_CPU_IA32 || defined MDE_CPU_X64 if (Private->Variant =3D=3D QEMU_VIDEO_BOCHS_MMIO || Private->Variant =3D=3D QEMU_VIDEO_BOCHS) { - InstallVbeShim (Card->Name, Private->GraphicsOutput.Mode->FrameBufferB= ase); + // + // Prepare CPU arch protocol for NULL pointer detection + // + Status =3D gBS->LocateProtocol ( + &gEfiCpuArchProtocolGuid, + NULL,=20 + (VOID **) &Cpu + ); + ASSERT_EFI_ERROR (Status); + + DISABLE_NULL_DETECTION(Cpu); + InstallVbeShim (Card->Name, Private->GraphicsOutput.Mode->FrameBuffe= rBase); + ENABLE_NULL_DETECTION(Cpu); } #endif =20 diff --git a/OvmfPkg/QemuVideoDxe/Qemu.h b/OvmfPkg/QemuVideoDxe/Qemu.h index 7fbb25b3ef..bb3bc6eb0f 100644 --- a/OvmfPkg/QemuVideoDxe/Qemu.h +++ b/OvmfPkg/QemuVideoDxe/Qemu.h @@ -25,6 +25,7 @@ #include #include #include +#include =20 #include #include @@ -82,6 +83,21 @@ typedef struct { =20 #define GRAPHICS_OUTPUT_INVALIDE_MODE_NUMBER 0xffff =20 +// +// VBE code will access memory between 0-4095 which will cause page fault = exception=20 +// if NULL pointer detection mechanism is enabled. Following macros can be= used to=20 +// disable/enable NULL pointer detection before/after accessing those memo= ry. +// +#define NULL_DETECTION_ENABLED ((PcdGet8(PcdNullPointerDetectionPropertyM= ask) & (BIT0|BIT7)) =3D=3D BIT0) +#define DISABLE_NULL_DETECTION(Cpu) = \ + if (NULL_DETECTION_ENABLED) { = \ + (Cpu)->SetMemoryAttributes((Cpu), 0, EFI_PAGE_SIZE, 0); = \ + } +#define ENABLE_NULL_DETECTION(Cpu) = \ + if (NULL_DETECTION_ENABLED) { = \ + (Cpu)->SetMemoryAttributes((Cpu), 0, EFI_PAGE_SIZE, EFI_MEMORY_RP); = \ + } + // // QEMU Video Private Data Structure // diff --git a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf b/OvmfPkg/QemuVideoDxe/Q= emuVideoDxe.inf index 7c7d429bca..5d166eb99c 100644 --- a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf +++ b/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -72,7 +72,9 @@ gEfiGraphicsOutputProtocolGuid # PROTOCOL BY_START gEfiDevicePathProtocolGuid # PROTOCOL BY_START gEfiPciIoProtocolGuid # PROTOCOL TO_START + gEfiCpuArchProtocolGuid =20 [Pcd] gOptionRomPkgTokenSpaceGuid.PcdDriverSupportedEfiVersion + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask =20 --=20 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel