1. Patchew
  2. EDK2
  3. [edk2] [PATCH v4 0/7] MdeModulePkg/DxeCore: increased memory protection
  4. View patch

[edk2] [PATCH v4 2/7] MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF images

Ard Biesheuvel posted 7 patches 7 years, 8 months ago
[edk2] [PATCH v4 2/7] MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF images
Posted by Ard Biesheuvel 7 years, 8 months ago 
Ensure that any memory allocated for PE/COFF images is identifiable as
a boot services code region, so that we know it requires its executable
permissions to be preserved when we tighten mapping permissions later on.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
 MdeModulePkg/Core/Pei/Image/Image.c | 23 ++++++++++++--------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/MdeModulePkg/Core/Pei/Image/Image.c b/MdeModulePkg/Core/Pei/Image/Image.c
index d659de8b3e64..68e40c027e63 100644
--- a/MdeModulePkg/Core/Pei/Image/Image.c
+++ b/MdeModulePkg/Core/Pei/Image/Image.c
@@ -112,11 +112,12 @@ GetImageReadFunction (
   IN      PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
   )
 {
-  PEI_CORE_INSTANCE  *Private;
-  VOID*  MemoryBuffer;
+  PEI_CORE_INSTANCE     *Private;
+  EFI_PHYSICAL_ADDRESS  MemoryBuffer;
 
   Private = PEI_CORE_INSTANCE_FROM_PS_THIS (GetPeiServicesTablePointer ());
-  
+  MemoryBuffer = 0;
+
   if (Private->PeiMemoryInstalled  && (((Private->HobList.HandoffInformationTable->BootMode != BOOT_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnBoot)) || 
       ((Private->HobList.HandoffInformationTable->BootMode == BOOT_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot))) &&
       (EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_X64) || EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_IA32))) {
@@ -125,9 +126,9 @@ GetImageReadFunction (
     //  compilers that have been tested
     //
     if (Private->ShadowedImageRead == NULL) {
-      MemoryBuffer = AllocatePages (0x400 / EFI_PAGE_SIZE + 1);
-      ASSERT (MemoryBuffer != NULL);
-      CopyMem (MemoryBuffer, (CONST VOID *) (UINTN) PeiImageReadForShadow, 0x400);
+      PeiServicesAllocatePages (EfiBootServicesCode, 0x400 / EFI_PAGE_SIZE + 1, &MemoryBuffer);
+      ASSERT (MemoryBuffer != 0);
+      CopyMem ((VOID *)(UINTN)MemoryBuffer, (CONST VOID *) (UINTN) PeiImageReadForShadow, 0x400);
       Private->ShadowedImageRead = (PE_COFF_LOADER_READ_FILE) (UINTN) MemoryBuffer;
     }
 
@@ -453,12 +454,16 @@ LoadAndRelocatePeCoffImage (
         //
         // The PEIM is not assiged valid address, try to allocate page to load it.
         //
-        ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN) AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));
+        Status = PeiServicesAllocatePages (EfiBootServicesCode,
+                                           EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),
+                                           &ImageContext.ImageAddress);
       }
     } else {
-      ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN) AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));
+      Status = PeiServicesAllocatePages (EfiBootServicesCode,
+                                         EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),
+                                         &ImageContext.ImageAddress);
     }
-    if (ImageContext.ImageAddress != 0) {
+    if (!EFI_ERROR (Status)) {
       //
       // Adjust the Image Address to make sure it is section alignment.
       //
-- 
2.7.4

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v4 2/7] MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF images
Posted by Gao, Liming 7 years, 8 months ago 
Reviewed-by: Liming Gao <liming.gao@intel.com>

>-----Original Message-----
>From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
>Sent: Monday, February 27, 2017 10:38 PM
>To: edk2-devel@lists.01.org; afish@apple.com; leif.lindholm@linaro.org;
>Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming
><liming.gao@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
>Cc: lersek@redhat.com; Tian, Feng <feng.tian@intel.com>; Zeng, Star
><star.zeng@intel.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>
>Subject: [PATCH v4 2/7] MdeModulePkg/PeiCore: allocate BootServicesCode
>memory for PE/COFF images
>
>Ensure that any memory allocated for PE/COFF images is identifiable as
>a boot services code region, so that we know it requires its executable
>permissions to be preserved when we tighten mapping permissions later on.
>
>Contributed-under: TianoCore Contribution Agreement 1.0
>Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
>---
> MdeModulePkg/Core/Pei/Image/Image.c | 23 ++++++++++++--------
> 1 file changed, 14 insertions(+), 9 deletions(-)
>
>diff --git a/MdeModulePkg/Core/Pei/Image/Image.c
>b/MdeModulePkg/Core/Pei/Image/Image.c
>index d659de8b3e64..68e40c027e63 100644
>--- a/MdeModulePkg/Core/Pei/Image/Image.c
>+++ b/MdeModulePkg/Core/Pei/Image/Image.c
>@@ -112,11 +112,12 @@ GetImageReadFunction (
>   IN      PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
>   )
> {
>-  PEI_CORE_INSTANCE  *Private;
>-  VOID*  MemoryBuffer;
>+  PEI_CORE_INSTANCE     *Private;
>+  EFI_PHYSICAL_ADDRESS  MemoryBuffer;
>
>   Private = PEI_CORE_INSTANCE_FROM_PS_THIS
>(GetPeiServicesTablePointer ());
>-
>+  MemoryBuffer = 0;
>+
>   if (Private->PeiMemoryInstalled  && (((Private-
>>HobList.HandoffInformationTable->BootMode != BOOT_ON_S3_RESUME)
>&& PcdGetBool (PcdShadowPeimOnBoot)) ||
>       ((Private->HobList.HandoffInformationTable->BootMode ==
>BOOT_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot))) &&
>       (EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_X64) ||
>EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_IA32))) {
>@@ -125,9 +126,9 @@ GetImageReadFunction (
>     //  compilers that have been tested
>     //
>     if (Private->ShadowedImageRead == NULL) {
>-      MemoryBuffer = AllocatePages (0x400 / EFI_PAGE_SIZE + 1);
>-      ASSERT (MemoryBuffer != NULL);
>-      CopyMem (MemoryBuffer, (CONST VOID *) (UINTN)
>PeiImageReadForShadow, 0x400);
>+      PeiServicesAllocatePages (EfiBootServicesCode, 0x400 / EFI_PAGE_SIZE +
>1, &MemoryBuffer);
>+      ASSERT (MemoryBuffer != 0);
>+      CopyMem ((VOID *)(UINTN)MemoryBuffer, (CONST VOID *) (UINTN)
>PeiImageReadForShadow, 0x400);
>       Private->ShadowedImageRead = (PE_COFF_LOADER_READ_FILE) (UINTN)
>MemoryBuffer;
>     }
>
>@@ -453,12 +454,16 @@ LoadAndRelocatePeCoffImage (
>         //
>         // The PEIM is not assiged valid address, try to allocate page to load it.
>         //
>-        ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)
>AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));
>+        Status = PeiServicesAllocatePages (EfiBootServicesCode,
>+                                           EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),
>+                                           &ImageContext.ImageAddress);
>       }
>     } else {
>-      ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)
>AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));
>+      Status = PeiServicesAllocatePages (EfiBootServicesCode,
>+                                         EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),
>+                                         &ImageContext.ImageAddress);
>     }
>-    if (ImageContext.ImageAddress != 0) {
>+    if (!EFI_ERROR (Status)) {
>       //
>       // Adjust the Image Address to make sure it is section alignment.
>       //
>--
>2.7.4

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.