MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- MdeModulePkg/MdeModulePkg.dec | 10 + UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ 11 files changed, 1832 insertions(+), 87 deletions(-) create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h
==== V4 ==== 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in another series) 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) ==== V3 ==== 1) Add PCD for policy control (feedback from Ard Biesheuvel) (Discussed with Mike Kinney) + # BIT0 - Image from unknown device. <BR> + # BIT1 - Image from firmware volume.<BR> + # @Prompt Set image protection policy. + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 2) Remove unused function in CpuDxe.(feedback from Liming Gao) 3) Add commit log on link option assumption (feedback from Feng Tian) 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) ==== V2 ==== 1) Clean up ArmPkg, (feedback from Leif Lindholm) ==== V1 ==== This series patch provides capability to protect PE/COFF image in DXE memory. If the UEFI image is page aligned, the image code section is set to read only and the image data section is set to non-executable. The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect the image. Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal X64/ Tested OS: UEFI Win10, UEFI Ubuntu 16.04. Untested platform: ARM/AARCH64. Can ARM/AARCH64 owner help to take a look and try the ARM platform? Cc: Jeff Fan <jeff.fan@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Star Zeng <star.zeng@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Jiewen Yao (3): UefiCpuPkg/CpuDxe: Add memory attribute setting. MdeModulePkg/dec: add PcdImageProtectionPolicy. MdeModulePkg/DxeCore: Add UEFI image protection. MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- MdeModulePkg/MdeModulePkg.dec | 10 + UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ 11 files changed, 1832 insertions(+), 87 deletions(-) create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h -- 2.7.4.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
Reviewed-by: Jeff Fan <jeff.fan@intel.com> -----Original Message----- From: Yao, Jiewen Sent: Tuesday, February 21, 2017 2:57 PM To: edk2-devel@lists.01.org Cc: Fan, Jeff; Kinney, Michael D; Leif Lindholm; Ard Biesheuvel; Zeng, Star; Tian, Feng Subject: [PATCH V4 0/3] DXE Memory Protection ==== V4 ==== 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in another series) 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) ==== V3 ==== 1) Add PCD for policy control (feedback from Ard Biesheuvel) (Discussed with Mike Kinney) + # BIT0 - Image from unknown device. <BR> + # BIT1 - Image from firmware volume.<BR> + # @Prompt Set image protection policy. + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F + + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UIN + T32|0x00001047 2) Remove unused function in CpuDxe.(feedback from Liming Gao) 3) Add commit log on link option assumption (feedback from Feng Tian) 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) ==== V2 ==== 1) Clean up ArmPkg, (feedback from Leif Lindholm) ==== V1 ==== This series patch provides capability to protect PE/COFF image in DXE memory. If the UEFI image is page aligned, the image code section is set to read only and the image data section is set to non-executable. The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect the image. Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal X64/ Tested OS: UEFI Win10, UEFI Ubuntu 16.04. Untested platform: ARM/AARCH64. Can ARM/AARCH64 owner help to take a look and try the ARM platform? Cc: Jeff Fan <jeff.fan@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Star Zeng <star.zeng@intel.com> Cc: Feng Tian <feng.tian@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Jiewen Yao (3): UefiCpuPkg/CpuDxe: Add memory attribute setting. MdeModulePkg/dec: add PcdImageProtectionPolicy. MdeModulePkg/DxeCore: Add UEFI image protection. MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- MdeModulePkg/MdeModulePkg.dec | 10 + UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ 11 files changed, 1832 insertions(+), 87 deletions(-) create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h -- 2.7.4.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
On 21 February 2017 at 06:57, Jiewen Yao <jiewen.yao@intel.com> wrote: > ==== V4 ==== > 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in another series) > 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) > 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) > Hello Jiewen, This works fine now on AARCH64. Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Could you please wait a little bit before merging this? Leif and I need to get the AARCH64 prepatory patches merged first, but I am hoping to do that today. Thanks, Ard. > ==== V3 ==== > 1) Add PCD for policy control (feedback from Ard Biesheuvel) > (Discussed with Mike Kinney) > + # BIT0 - Image from unknown device. <BR> > + # BIT1 - Image from firmware volume.<BR> > + # @Prompt Set image protection policy. > + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F > + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 > > 2) Remove unused function in CpuDxe.(feedback from Liming Gao) > 3) Add commit log on link option assumption (feedback from Feng Tian) > 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) > 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) > > ==== V2 ==== > 1) Clean up ArmPkg, (feedback from Leif Lindholm) > > ==== V1 ==== > This series patch provides capability to protect PE/COFF image > in DXE memory. > If the UEFI image is page aligned, the image code section is set to read > only and the image data section is set to non-executable. > > The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect > the image. > > Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal X64/ > Tested OS: UEFI Win10, UEFI Ubuntu 16.04. > > Untested platform: ARM/AARCH64. > Can ARM/AARCH64 owner help to take a look and try the ARM platform? > > > Cc: Jeff Fan <jeff.fan@intel.com> > Cc: Michael Kinney <michael.d.kinney@intel.com> > Cc: Leif Lindholm <leif.lindholm@linaro.org> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> > Cc: Star Zeng <star.zeng@intel.com> > Cc: Feng Tian <feng.tian@intel.com> > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> > > > Jiewen Yao (3): > UefiCpuPkg/CpuDxe: Add memory attribute setting. > MdeModulePkg/dec: add PcdImageProtectionPolicy. > MdeModulePkg/DxeCore: Add UEFI image protection. > > MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ > MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- > MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- > MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- > MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ > MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- > MdeModulePkg/MdeModulePkg.dec | 10 + > UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- > UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- > UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ > UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ > 11 files changed, 1832 insertions(+), 87 deletions(-) > create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c > create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c > create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h > > -- > 2.7.4.windows.1 > _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
No problem. ☺ I appreciate your help to confirm it working on AARCH64. Thank you Yao Jiewen From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] Sent: Tuesday, February 21, 2017 4:36 PM To: Yao, Jiewen <jiewen.yao@intel.com>; Leif Lindholm <leif.lindholm@linaro.org> Cc: edk2-devel@lists.01.org; Fan, Jeff <jeff.fan@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zeng, Star <star.zeng@intel.com>; Tian, Feng <feng.tian@intel.com> Subject: Re: [PATCH V4 0/3] DXE Memory Protection On 21 February 2017 at 06:57, Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>> wrote: > ==== V4 ==== > 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in another series) > 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) > 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) > Hello Jiewen, This works fine now on AARCH64. Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org<mailto:ard.biesheuvel@linaro.org>> Could you please wait a little bit before merging this? Leif and I need to get the AARCH64 prepatory patches merged first, but I am hoping to do that today. Thanks, Ard. > ==== V3 ==== > 1) Add PCD for policy control (feedback from Ard Biesheuvel) > (Discussed with Mike Kinney) > + # BIT0 - Image from unknown device. <BR> > + # BIT1 - Image from firmware volume.<BR> > + # @Prompt Set image protection policy. > + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F > + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 > > 2) Remove unused function in CpuDxe.(feedback from Liming Gao) > 3) Add commit log on link option assumption (feedback from Feng Tian) > 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) > 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) > > ==== V2 ==== > 1) Clean up ArmPkg, (feedback from Leif Lindholm) > > ==== V1 ==== > This series patch provides capability to protect PE/COFF image > in DXE memory. > If the UEFI image is page aligned, the image code section is set to read > only and the image data section is set to non-executable. > > The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect > the image. > > Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal X64/ > Tested OS: UEFI Win10, UEFI Ubuntu 16.04. > > Untested platform: ARM/AARCH64. > Can ARM/AARCH64 owner help to take a look and try the ARM platform? > > > Cc: Jeff Fan <jeff.fan@intel.com<mailto:jeff.fan@intel.com>> > Cc: Michael Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>> > Cc: Leif Lindholm <leif.lindholm@linaro.org<mailto:leif.lindholm@linaro.org>> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org<mailto:ard.biesheuvel@linaro.org>> > Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>> > Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>> > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>> > > > Jiewen Yao (3): > UefiCpuPkg/CpuDxe: Add memory attribute setting. > MdeModulePkg/dec: add PcdImageProtectionPolicy. > MdeModulePkg/DxeCore: Add UEFI image protection. > > MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ > MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- > MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- > MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- > MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ > MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- > MdeModulePkg/MdeModulePkg.dec | 10 + > UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- > UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- > UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ > UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ > 11 files changed, 1832 insertions(+), 87 deletions(-) > create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c > create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c > create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h > > -- > 2.7.4.windows.1 > _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
On 21 February 2017 at 08:39, Yao, Jiewen <jiewen.yao@intel.com> wrote: > No problem. J > Pushed now. Thanks for you patience. > > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] > Sent: Tuesday, February 21, 2017 4:36 PM > To: Yao, Jiewen <jiewen.yao@intel.com>; Leif Lindholm > <leif.lindholm@linaro.org> > Cc: edk2-devel@lists.01.org; Fan, Jeff <jeff.fan@intel.com>; Kinney, Michael > D <michael.d.kinney@intel.com>; Zeng, Star <star.zeng@intel.com>; Tian, Feng > <feng.tian@intel.com> > Subject: Re: [PATCH V4 0/3] DXE Memory Protection > > > > On 21 February 2017 at 06:57, Jiewen Yao <jiewen.yao@intel.com> wrote: >> ==== V4 ==== >> 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in >> another series) >> 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) >> 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) >> > > Hello Jiewen, > > This works fine now on AARCH64. > > Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> > > Could you please wait a little bit before merging this? Leif and I > need to get the AARCH64 prepatory patches merged first, but I am > hoping to do that today. > > Thanks, > Ard. > >> ==== V3 ==== >> 1) Add PCD for policy control (feedback from Ard Biesheuvel) >> (Discussed with Mike Kinney) >> + # BIT0 - Image from unknown device. <BR> >> + # BIT1 - Image from firmware volume.<BR> >> + # @Prompt Set image protection policy. >> + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F >> + >> gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 >> >> 2) Remove unused function in CpuDxe.(feedback from Liming Gao) >> 3) Add commit log on link option assumption (feedback from Feng Tian) >> 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) >> 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) >> >> ==== V2 ==== >> 1) Clean up ArmPkg, (feedback from Leif Lindholm) >> >> ==== V1 ==== >> This series patch provides capability to protect PE/COFF image >> in DXE memory. >> If the UEFI image is page aligned, the image code section is set to read >> only and the image data section is set to non-executable. >> >> The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect >> the image. >> >> Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal >> X64/ >> Tested OS: UEFI Win10, UEFI Ubuntu 16.04. >> >> Untested platform: ARM/AARCH64. >> Can ARM/AARCH64 owner help to take a look and try the ARM platform? >> >> >> Cc: Jeff Fan <jeff.fan@intel.com> >> Cc: Michael Kinney <michael.d.kinney@intel.com> >> Cc: Leif Lindholm <leif.lindholm@linaro.org> >> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> >> Cc: Star Zeng <star.zeng@intel.com> >> Cc: Feng Tian <feng.tian@intel.com> >> Contributed-under: TianoCore Contribution Agreement 1.0 >> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> >> >> >> Jiewen Yao (3): >> UefiCpuPkg/CpuDxe: Add memory attribute setting. >> MdeModulePkg/dec: add PcdImageProtectionPolicy. >> MdeModulePkg/DxeCore: Add UEFI image protection. >> >> MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ >> MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- >> MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- >> MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- >> MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ >> MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- >> MdeModulePkg/MdeModulePkg.dec | 10 + >> UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- >> UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- >> UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ >> UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ >> 11 files changed, 1832 insertions(+), 87 deletions(-) >> create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c >> create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c >> create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h >> >> -- >> 2.7.4.windows.1 >> _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2024 Red Hat, Inc.