From nobody Sat Nov 2 16:18:56 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 148778791632930.020415398582713; Wed, 22 Feb 2017 10:25:16 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 3EA2382241; Wed, 22 Feb 2017 10:25:13 -0800 (PST) Received: from mail-wr0-x231.google.com (mail-wr0-x231.google.com [IPv6:2a00:1450:400c:c0c::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2904A82241 for ; Wed, 22 Feb 2017 10:25:12 -0800 (PST) Received: by mail-wr0-x231.google.com with SMTP id s27so7996226wrb.2 for ; Wed, 22 Feb 2017 10:25:12 -0800 (PST) Received: from localhost.localdomain ([196.80.204.181]) by smtp.gmail.com with ESMTPSA id e73sm3504667wmi.32.2017.02.22.10.25.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 22 Feb 2017 10:25:09 -0800 (PST) X-Original-To: edk2-devel@lists.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=PZzERjxxvqhbBXywh2UfA5kCwGMS83lyqLRRBYIdBS8=; b=VQgt8KXB8tjqKAsFrQweg3WB6LQYhZHkYUCDecYAVSpFzhcDBtog9bYTl3j4eUmxE2 Ac3KX8iLOgfXnLCDueDNSAwOtn0JjSDzCnis1Z8zHMM5mUbTn6mtXUVEJcxwj9HHVJKv ULu8mcIhcMLpC45rIhGnaRoYAgKEKOUVQg2WU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=PZzERjxxvqhbBXywh2UfA5kCwGMS83lyqLRRBYIdBS8=; b=aTFd4rT25UlKdcbFgXz+CdHRbGrGdKawaCgT8H+1hv7kSnpHzzibMgb7wrj5WKSrHS vbXgt2dmcC22lusxsgz8VV4dpBj7K2T2MFSts7pUx7OJcHfHFerZUU96M3ZH8DbdOUYU Blk4RIwIiXQ9WZG39bFr/qqbFo/nOYmpxKXD6tEMLLlCXHC5Gidu1QGsUEOSUzCO438d AOsxW/W0ccdzfJRdEEHtim/q7o1v1f7VUeKZmvhwmO33DCwavdrmXAmTosyzgunzVXVp CSTsD8CvLJ1D13A3rfOOBic3CjGB3/u7pzC6HIUSV+Jq5I0ircQhH4y6Dx1d5EwyPoRs uZUA== X-Gm-Message-State: AMke39kxE8hnWHPs+w9M/DOwdVzVUC4OH0APLwWegfzlXn+aIePZ4JK+pb0YPTo1TsKPNDNZ X-Received: by 10.223.129.74 with SMTP id 68mr24080363wrm.183.1487787910626; Wed, 22 Feb 2017 10:25:10 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, afish@apple.com, leif.lindholm@linaro.org, michael.d.kinney@intel.com, liming.gao@intel.com, jiewen.yao@intel.com Date: Wed, 22 Feb 2017 18:24:56 +0000 Message-Id: <1487787898-5222-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1487787898-5222-1-git-send-email-ard.biesheuvel@linaro.org> References: <1487787898-5222-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [RFC PATCH 2/4] MdeModulePkg/DxeCore: convert the DxeCore memory region to BootServicesCode X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: feng.tian@intel.com, lersek@redhat.com, star.zeng@intel.com, Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Before removing exec permissions from all non-code regions, ensure that the DXE core itself is covered by a BootServicesCode region, by adding a new function ConvertDxeCoreImage () and calling it at the right time from DxeMain (). Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- MdeModulePkg/Core/Dxe/DxeMain.h | 8 ++++++++ MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 2 ++ MdeModulePkg/Core/Dxe/Mem/Page.c | 15 +++++++++++++++ 3 files changed, 25 insertions(+) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMai= n.h index b14be9a74d8e..300f19a3aa58 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -2949,4 +2949,12 @@ MemoryProtectionExitBootServicesCallback ( VOID ); =20 +/** + Convert DXE core image to BootServicesCode memory +**/ +VOID +ConvertDxeCoreImage ( + VOID + ); + #endif diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 91e94a78d205..d3a873e737b1 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -396,6 +396,8 @@ DxeMain ( =20 MemoryProfileInstallProtocol (); =20 + ConvertDxeCoreImage (); + CoreInitializePropertiesTable (); CoreInitializeMemoryAttributesTable (); CoreInitializeMemoryProtection (); diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index b0939c596991..73b56fccf965 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -1951,8 +1951,23 @@ Done: } =20 =20 +VOID +ConvertDxeCoreImage ( + VOID + ) +{ + CoreAcquireMemoryLock (); =20 + // + // Convert the memory region that backs the DXE core to a 'code' region,= so + // that the strict permissions handling doesn't take our exec permissions + // away. + // + CoreConvertPages ((UINTN)gDxeCoreLoadedImage->ImageBase, + EFI_SIZE_TO_PAGES (gDxeCoreLoadedImage->ImageSize), EfiBootServicesCod= e); =20 + CoreReleaseMemoryLock (); +} =20 =20 =20 --=20 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel