[edk2] [PATCH v2 0/4] Enable page table write protection

Jian J Wang posted 4 patches 6 years, 3 months ago
Failed in applying to current master (apply log)
There is a newer version of this series
MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315 +++++++++++++++++++++-
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
MdeModulePkg/MdeModulePkg.dec                    |  28 ++
UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329 ++++++++++++++++++++++-
UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
12 files changed, 816 insertions(+), 13 deletions(-)
create mode 100644 MdeModulePkg/Include/Guid/PageTablePool.h
[edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Jian J Wang 6 years, 3 months ago
> v2 changes:
>  a. Enable protection on any newly added page table after DxeIpl.
>  b. Introduce page table pool concept to make page table allocation
>     and protection easier and error free.

Write Protect feature (CR0.WP) is always enabled in driver UefiCpuPkg/CpuDxe.
But the memory pages used for page table are not set as read-only in the driver
DxeIplPeim, after the paging is setup. This might jeopardize the page table
integrity if there's buffer overflow occured in other part of system.

This patch series will change this situation by clearing R/W bit in page attribute
of the pages used as page table.

Validation works include booting Windows (10/server 2016) and Linux (Fedora/Ubuntu)
on OVMF and Intel real platform.

Jian J Wang (4):
  MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
  MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
  MdeModulePkg/DxeIpl: Mark page table as read-only
  UefiCpuPkg/CpuDxe: Enable protection for newly added page table

 MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
 MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
 MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
 MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315 +++++++++++++++++++++-
 MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
 MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
 MdeModulePkg/MdeModulePkg.dec                    |  28 ++
 UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
 UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
 UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
 UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329 ++++++++++++++++++++++-
 UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
 12 files changed, 816 insertions(+), 13 deletions(-)
 create mode 100644 MdeModulePkg/Include/Guid/PageTablePool.h

-- 
2.14.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Zeng, Star 6 years, 3 months ago
Recommend to not introduce the new header file and PCDs as new interfaces, but handle the page table pool separately in DxeIpl and CpuDxe.

Thanks,
Star
-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian J Wang
Sent: Monday, December 4, 2017 4:36 PM
To: edk2-devel@lists.01.org
Subject: [edk2] [PATCH v2 0/4] Enable page table write protection

> v2 changes:
>  a. Enable protection on any newly added page table after DxeIpl.
>  b. Introduce page table pool concept to make page table allocation
>     and protection easier and error free.

Write Protect feature (CR0.WP) is always enabled in driver UefiCpuPkg/CpuDxe.
But the memory pages used for page table are not set as read-only in the driver DxeIplPeim, after the paging is setup. This might jeopardize the page table integrity if there's buffer overflow occured in other part of system.

This patch series will change this situation by clearing R/W bit in page attribute of the pages used as page table.

Validation works include booting Windows (10/server 2016) and Linux (Fedora/Ubuntu) on OVMF and Intel real platform.

Jian J Wang (4):
  MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
  MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
  MdeModulePkg/DxeIpl: Mark page table as read-only
  UefiCpuPkg/CpuDxe: Enable protection for newly added page table

 MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
 MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
 MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
 MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315 +++++++++++++++++++++-  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
 MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
 MdeModulePkg/MdeModulePkg.dec                    |  28 ++
 UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
 UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
 UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
 UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329 ++++++++++++++++++++++-
 UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
 12 files changed, 816 insertions(+), 13 deletions(-)  create mode 100644 MdeModulePkg/Include/Guid/PageTablePool.h

--
2.14.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Wang, Jian J 6 years, 3 months ago
That means we can't share page table pool between DxeIpl and CpuDxe. If this is
acceptable, I can remove them.

> -----Original Message-----
> From: Zeng, Star
> Sent: Monday, December 04, 2017 5:11 PM
> To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>; Dong,
> Eric <eric.dong@intel.com>; Zeng, Star <star.zeng@intel.com>
> Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> 
> Recommend to not introduce the new header file and PCDs as new interfaces,
> but handle the page table pool separately in DxeIpl and CpuDxe.
> 
> Thanks,
> Star
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian J
> Wang
> Sent: Monday, December 4, 2017 4:36 PM
> To: edk2-devel@lists.01.org
> Subject: [edk2] [PATCH v2 0/4] Enable page table write protection
> 
> > v2 changes:
> >  a. Enable protection on any newly added page table after DxeIpl.
> >  b. Introduce page table pool concept to make page table allocation
> >     and protection easier and error free.
> 
> Write Protect feature (CR0.WP) is always enabled in driver UefiCpuPkg/CpuDxe.
> But the memory pages used for page table are not set as read-only in the driver
> DxeIplPeim, after the paging is setup. This might jeopardize the page table
> integrity if there's buffer overflow occured in other part of system.
> 
> This patch series will change this situation by clearing R/W bit in page attribute
> of the pages used as page table.
> 
> Validation works include booting Windows (10/server 2016) and Linux
> (Fedora/Ubuntu) on OVMF and Intel real platform.
> 
> Jian J Wang (4):
>   MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
>   MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
>   MdeModulePkg/DxeIpl: Mark page table as read-only
>   UefiCpuPkg/CpuDxe: Enable protection for newly added page table
> 
>  MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
>  MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
>  MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
>  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315
> +++++++++++++++++++++-
> MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
>  MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
>  MdeModulePkg/MdeModulePkg.dec                    |  28 ++
>  UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
>  UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
>  UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
>  UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329
> ++++++++++++++++++++++-
>  UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
>  12 files changed, 816 insertions(+), 13 deletions(-)  create mode 100644
> MdeModulePkg/Include/Guid/PageTablePool.h
> 
> --
> 2.14.1.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Yao, Jiewen 6 years, 3 months ago
I do not suggest we define PAGE_TABLE_POOL_HEADER.
If we can figure out other way, that will be better.

Thank you
Yao Jiewen


> -----Original Message-----
> From: Wang, Jian J
> Sent: Monday, December 4, 2017 5:26 PM
> To: Zeng, Star <star.zeng@intel.com>; edk2-devel@lists.01.org
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>; Dong,
> Eric <eric.dong@intel.com>
> Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> 
> That means we can't share page table pool between DxeIpl and CpuDxe. If this is
> acceptable, I can remove them.
> 
> > -----Original Message-----
> > From: Zeng, Star
> > Sent: Monday, December 04, 2017 5:11 PM
> > To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>;
> Dong,
> > Eric <eric.dong@intel.com>; Zeng, Star <star.zeng@intel.com>
> > Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> >
> > Recommend to not introduce the new header file and PCDs as new interfaces,
> > but handle the page table pool separately in DxeIpl and CpuDxe.
> >
> > Thanks,
> > Star
> > -----Original Message-----
> > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian
> J
> > Wang
> > Sent: Monday, December 4, 2017 4:36 PM
> > To: edk2-devel@lists.01.org
> > Subject: [edk2] [PATCH v2 0/4] Enable page table write protection
> >
> > > v2 changes:
> > >  a. Enable protection on any newly added page table after DxeIpl.
> > >  b. Introduce page table pool concept to make page table allocation
> > >     and protection easier and error free.
> >
> > Write Protect feature (CR0.WP) is always enabled in driver
> UefiCpuPkg/CpuDxe.
> > But the memory pages used for page table are not set as read-only in the driver
> > DxeIplPeim, after the paging is setup. This might jeopardize the page table
> > integrity if there's buffer overflow occured in other part of system.
> >
> > This patch series will change this situation by clearing R/W bit in page attribute
> > of the pages used as page table.
> >
> > Validation works include booting Windows (10/server 2016) and Linux
> > (Fedora/Ubuntu) on OVMF and Intel real platform.
> >
> > Jian J Wang (4):
> >   MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
> >   MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
> >   MdeModulePkg/DxeIpl: Mark page table as read-only
> >   UefiCpuPkg/CpuDxe: Enable protection for newly added page table
> >
> >  MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
> >  MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
> >  MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
> >  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315
> > +++++++++++++++++++++-
> > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
> >  MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
> >  MdeModulePkg/MdeModulePkg.dec                    |  28 ++
> >  UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
> >  UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
> >  UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
> >  UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329
> > ++++++++++++++++++++++-
> >  UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
> >  12 files changed, 816 insertions(+), 13 deletions(-)  create mode 100644
> > MdeModulePkg/Include/Guid/PageTablePool.h
> >
> > --
> > 2.14.1.windows.1
> >
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Wang, Jian J 6 years, 3 months ago
It's for sharing the pool between the DxeIpl and CpuDxe. If we don't care about 
wasting a little bit memory, it's ok to drop this definition. CpuDxe can reserve
a block of memory for page table for its own uses.

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Tuesday, December 05, 2017 10:27 AM
> To: Wang, Jian J <jian.j.wang@intel.com>; Zeng, Star <star.zeng@intel.com>;
> edk2-devel@lists.01.org
> Cc: Ni, Ruiyu <ruiyu.ni@intel.com>; Dong, Eric <eric.dong@intel.com>
> Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> 
> I do not suggest we define PAGE_TABLE_POOL_HEADER.
> If we can figure out other way, that will be better.
> 
> Thank you
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: Wang, Jian J
> > Sent: Monday, December 4, 2017 5:26 PM
> > To: Zeng, Star <star.zeng@intel.com>; edk2-devel@lists.01.org
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>;
> Dong,
> > Eric <eric.dong@intel.com>
> > Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> >
> > That means we can't share page table pool between DxeIpl and CpuDxe. If this
> is
> > acceptable, I can remove them.
> >
> > > -----Original Message-----
> > > From: Zeng, Star
> > > Sent: Monday, December 04, 2017 5:11 PM
> > > To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org
> > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>;
> > Dong,
> > > Eric <eric.dong@intel.com>; Zeng, Star <star.zeng@intel.com>
> > > Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> > >
> > > Recommend to not introduce the new header file and PCDs as new
> interfaces,
> > > but handle the page table pool separately in DxeIpl and CpuDxe.
> > >
> > > Thanks,
> > > Star
> > > -----Original Message-----
> > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Jian
> > J
> > > Wang
> > > Sent: Monday, December 4, 2017 4:36 PM
> > > To: edk2-devel@lists.01.org
> > > Subject: [edk2] [PATCH v2 0/4] Enable page table write protection
> > >
> > > > v2 changes:
> > > >  a. Enable protection on any newly added page table after DxeIpl.
> > > >  b. Introduce page table pool concept to make page table allocation
> > > >     and protection easier and error free.
> > >
> > > Write Protect feature (CR0.WP) is always enabled in driver
> > UefiCpuPkg/CpuDxe.
> > > But the memory pages used for page table are not set as read-only in the
> driver
> > > DxeIplPeim, after the paging is setup. This might jeopardize the page table
> > > integrity if there's buffer overflow occured in other part of system.
> > >
> > > This patch series will change this situation by clearing R/W bit in page
> attribute
> > > of the pages used as page table.
> > >
> > > Validation works include booting Windows (10/server 2016) and Linux
> > > (Fedora/Ubuntu) on OVMF and Intel real platform.
> > >
> > > Jian J Wang (4):
> > >   MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
> > >   MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
> > >   MdeModulePkg/DxeIpl: Mark page table as read-only
> > >   UefiCpuPkg/CpuDxe: Enable protection for newly added page table
> > >
> > >  MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
> > >  MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
> > >  MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
> > >  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315
> > > +++++++++++++++++++++-
> > > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
> > >  MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
> > >  MdeModulePkg/MdeModulePkg.dec                    |  28 ++
> > >  UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
> > >  UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
> > >  UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
> > >  UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329
> > > ++++++++++++++++++++++-
> > >  UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
> > >  12 files changed, 816 insertions(+), 13 deletions(-)  create mode 100644
> > > MdeModulePkg/Include/Guid/PageTablePool.h
> > >
> > > --
> > > 2.14.1.windows.1
> > >
> > > _______________________________________________
> > > edk2-devel mailing list
> > > edk2-devel@lists.01.org
> > > https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Yao, Jiewen 6 years, 3 months ago
Hi Jian
In V1 review, I suggest to test in UEFI shell env to make sure all page table is read only, with PageTable split in CPU driver.

May I know if that is done?

Thank you
Yao Jiewen

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian J
> Wang
> Sent: Monday, December 4, 2017 4:36 PM
> To: edk2-devel@lists.01.org
> Subject: [edk2] [PATCH v2 0/4] Enable page table write protection
> 
> > v2 changes:
> >  a. Enable protection on any newly added page table after DxeIpl.
> >  b. Introduce page table pool concept to make page table allocation
> >     and protection easier and error free.
> 
> Write Protect feature (CR0.WP) is always enabled in driver UefiCpuPkg/CpuDxe.
> But the memory pages used for page table are not set as read-only in the driver
> DxeIplPeim, after the paging is setup. This might jeopardize the page table
> integrity if there's buffer overflow occured in other part of system.
> 
> This patch series will change this situation by clearing R/W bit in page attribute
> of the pages used as page table.
> 
> Validation works include booting Windows (10/server 2016) and Linux
> (Fedora/Ubuntu)
> on OVMF and Intel real platform.
> 
> Jian J Wang (4):
>   MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
>   MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
>   MdeModulePkg/DxeIpl: Mark page table as read-only
>   UefiCpuPkg/CpuDxe: Enable protection for newly added page table
> 
>  MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
>  MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
>  MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
>  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315
> +++++++++++++++++++++-
>  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
>  MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
>  MdeModulePkg/MdeModulePkg.dec                    |  28 ++
>  UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
>  UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
>  UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
>  UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329
> ++++++++++++++++++++++-
>  UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
>  12 files changed, 816 insertions(+), 13 deletions(-)
>  create mode 100644 MdeModulePkg/Include/Guid/PageTablePool.h
> 
> --
> 2.14.1.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Re: [edk2] [PATCH v2 0/4] Enable page table write protection
Posted by Wang, Jian J 6 years, 3 months ago
I haven't got time to do it in automatic way. V1 may need a shell app to
check it, but current implementation might not need it because we now
have 2 or 3 continuous 2MB pages to hold all page tables. We just
need to verify the page attribute of those 2 or 3 page tables. It's easy
to do it in a JTAG debugger manually.

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Tuesday, December 05, 2017 10:32 AM
> To: Wang, Jian J <jian.j.wang@intel.com>; edk2-devel@lists.01.org
> Cc: Yao, Jiewen <jiewen.yao@intel.com>
> Subject: RE: [edk2] [PATCH v2 0/4] Enable page table write protection
> 
> Hi Jian
> In V1 review, I suggest to test in UEFI shell env to make sure all page table is
> read only, with PageTable split in CPU driver.
> 
> May I know if that is done?
> 
> Thank you
> Yao Jiewen
> 
> > -----Original Message-----
> > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jian
> J
> > Wang
> > Sent: Monday, December 4, 2017 4:36 PM
> > To: edk2-devel@lists.01.org
> > Subject: [edk2] [PATCH v2 0/4] Enable page table write protection
> >
> > > v2 changes:
> > >  a. Enable protection on any newly added page table after DxeIpl.
> > >  b. Introduce page table pool concept to make page table allocation
> > >     and protection easier and error free.
> >
> > Write Protect feature (CR0.WP) is always enabled in driver
> UefiCpuPkg/CpuDxe.
> > But the memory pages used for page table are not set as read-only in the
> driver
> > DxeIplPeim, after the paging is setup. This might jeopardize the page table
> > integrity if there's buffer overflow occured in other part of system.
> >
> > This patch series will change this situation by clearing R/W bit in page attribute
> > of the pages used as page table.
> >
> > Validation works include booting Windows (10/server 2016) and Linux
> > (Fedora/Ubuntu)
> > on OVMF and Intel real platform.
> >
> > Jian J Wang (4):
> >   MdeModulePkg/MdeModulePkg.dec: Add new PCDs and Guid
> >   MdeModulePkg/PageTablePool.h: Page table pool GUID definition file
> >   MdeModulePkg/DxeIpl: Mark page table as read-only
> >   UefiCpuPkg/CpuDxe: Enable protection for newly added page table
> >
> >  MdeModulePkg/Core/DxeIplPeim/DxeIpl.h            |  34 +++
> >  MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf          |   3 +
> >  MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c  |   8 +-
> >  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 315
> > +++++++++++++++++++++-
> >  MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h |  15 ++
> >  MdeModulePkg/Include/Guid/PageTablePool.h        |  53 ++++
> >  MdeModulePkg/MdeModulePkg.dec                    |  28 ++
> >  UefiCpuPkg/CpuDxe/CpuDxe.c                       |  17 +-
> >  UefiCpuPkg/CpuDxe/CpuDxe.h                       |   2 +
> >  UefiCpuPkg/CpuDxe/CpuDxe.inf                     |   3 +
> >  UefiCpuPkg/CpuDxe/CpuPageTable.c                 | 329
> > ++++++++++++++++++++++-
> >  UefiCpuPkg/CpuDxe/CpuPageTable.h                 |  22 ++
> >  12 files changed, 816 insertions(+), 13 deletions(-)
> >  create mode 100644 MdeModulePkg/Include/Guid/PageTablePool.h
> >
> > --
> > 2.14.1.windows.1
> >
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel