From nobody Sun Feb 8 10:50:07 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=intel.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1532064395955671.0542567343527; Thu, 19 Jul 2018 22:26:35 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 6E0922098EAB1; Thu, 19 Jul 2018 22:26:34 -0700 (PDT) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C61BA21BADAB3 for ; Thu, 19 Jul 2018 22:26:32 -0700 (PDT) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Jul 2018 22:26:32 -0700 Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.19]) by orsmga002.jf.intel.com with ESMTP; 19 Jul 2018 22:26:29 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.115; helo=mga14.intel.com; envelope-from=hao.a.wu@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,377,1526367600"; d="scan'208";a="76331890" From: Hao Wu To: edk2-devel@lists.01.org Date: Fri, 20 Jul 2018 13:26:21 +0800 Message-Id: <20180720052626.24932-2-hao.a.wu@intel.com> X-Mailer: git-send-email 2.12.0.windows.1 In-Reply-To: <20180720052626.24932-1-hao.a.wu@intel.com> References: <20180720052626.24932-1-hao.a.wu@intel.com> Subject: [edk2] [PATCH 1/6] MdePkg/SmmMemLib: Check for untested memory in GCD X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jiewen Yao , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Jiewen Yao It treats GCD untested memory as invalid SMM communication buffer. Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jiewen Yao --- MdePkg/Library/SmmMemLib/SmmMemLib.c | 96 +++++++++++++++++++- MdePkg/Library/SmmMemLib/SmmMemLib.inf | 1 + 2 files changed, 92 insertions(+), 5 deletions(-) diff --git a/MdePkg/Library/SmmMemLib/SmmMemLib.c b/MdePkg/Library/SmmMemLi= b/SmmMemLib.c index 8c78a0b426..3f79e46d46 100644 --- a/MdePkg/Library/SmmMemLib/SmmMemLib.c +++ b/MdePkg/Library/SmmMemLib/SmmMemLib.c @@ -25,12 +25,20 @@ #include #include #include +#include #include #include #include #include #include =20 +// +// attributes for reserved memory before it is promoted to system memory +// +#define EFI_MEMORY_PRESENT 0x0100000000000000ULL +#define EFI_MEMORY_INITIALIZED 0x0200000000000000ULL +#define EFI_MEMORY_TESTED 0x0400000000000000ULL + #define NEXT_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \ ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) + (Size))) =20 @@ -46,10 +54,13 @@ UINTN mMemoryMapEntryCount; EFI_MEMORY_DESCRIPTOR *mMemoryMap; UINTN mDescriptorSize; =20 +EFI_GCD_MEMORY_SPACE_DESCRIPTOR *mSmmMemLibGcdMemSpace =3D NULL; +UINTN mSmmMemLibGcdMemNumberOfDesc =3D 0; + VOID *mRegistrationEndOfDxe; VOID *mRegistrationReadyToLock; =20 -BOOLEAN mSmmReadyToLock =3D FALSE; +BOOLEAN mSmmMemLibSmmReadyToLock =3D FALSE; =20 /** Calculate and save the maximum support address. @@ -154,7 +165,7 @@ SmmIsBufferOutsideSmmValid ( // // Check override for Valid Communication Region // - if (mSmmReadyToLock) { + if (mSmmMemLibSmmReadyToLock) { EFI_MEMORY_DESCRIPTOR *MemoryMap; BOOLEAN InValidCommunicationRegion; =20 @@ -171,12 +182,28 @@ SmmIsBufferOutsideSmmValid ( if (!InValidCommunicationRegion) { DEBUG (( EFI_D_ERROR, - "SmmIsBufferOutsideSmmValid: Not in ValidCommunicationRegion: Buff= er (0x%lx) - Length (0x%lx), ", + "SmmIsBufferOutsideSmmValid: Not in ValidCommunicationRegion: Buff= er (0x%lx) - Length (0x%lx)\n", Buffer, Length )); return FALSE; } + + // + // Check untested memory as invalid communication buffer. + // + for (Index =3D 0; Index < mSmmMemLibGcdMemNumberOfDesc; Index++) { + if (((Buffer >=3D mSmmMemLibGcdMemSpace[Index].BaseAddress) && (Buff= er < mSmmMemLibGcdMemSpace[Index].BaseAddress + mSmmMemLibGcdMemSpace[Index= ].Length)) || + ((mSmmMemLibGcdMemSpace[Index].BaseAddress >=3D Buffer) && (mSmm= MemLibGcdMemSpace[Index].BaseAddress < Buffer + Length))) { + DEBUG (( + EFI_D_ERROR, + "SmmIsBufferOutsideSmmValid: In Untested Memory Region: Buffer (= 0x%lx) - Length (0x%lx)\n", + Buffer, + Length + )); + return FALSE; + } + } } return TRUE; } @@ -317,6 +344,61 @@ SmmSetMem ( return EFI_SUCCESS; } =20 +/** + Get GCD memory map. + Only record untested memory as invalid communication buffer. +**/ +VOID +SmmMemLibInternalGetGcdMemoryMap ( + VOID + ) +{ + UINTN NumberOfDescriptors; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *MemSpaceMap; + EFI_STATUS Status; + UINTN Index; + + Status =3D gDS->GetMemorySpaceMap (&NumberOfDescriptors, &MemSpaceMap); + if (EFI_ERROR (Status)) { + return ; + } + + mSmmMemLibGcdMemNumberOfDesc =3D 0; + for (Index =3D 0; Index < NumberOfDescriptors; Index++) { + if (MemSpaceMap[Index].GcdMemoryType =3D=3D EfiGcdMemoryTypeReserved && + (MemSpaceMap[Index].Capabilities & (EFI_MEMORY_PRESENT | EFI_MEMOR= Y_INITIALIZED | EFI_MEMORY_TESTED)) =3D=3D + (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED) + ) { + mSmmMemLibGcdMemNumberOfDesc++; + } + } + + mSmmMemLibGcdMemSpace =3D AllocateZeroPool (mSmmMemLibGcdMemNumberOfDesc= * sizeof (EFI_GCD_MEMORY_SPACE_DESCRIPTOR)); + ASSERT (mSmmMemLibGcdMemSpace !=3D NULL); + if (mSmmMemLibGcdMemSpace =3D=3D NULL) { + mSmmMemLibGcdMemNumberOfDesc =3D 0; + gBS->FreePool (MemSpaceMap); + return ; + } + + mSmmMemLibGcdMemNumberOfDesc =3D 0; + for (Index =3D 0; Index < NumberOfDescriptors; Index++) { + if (MemSpaceMap[Index].GcdMemoryType =3D=3D EfiGcdMemoryTypeReserved && + (MemSpaceMap[Index].Capabilities & (EFI_MEMORY_PRESENT | EFI_MEMOR= Y_INITIALIZED | EFI_MEMORY_TESTED)) =3D=3D + (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED) + ) { + CopyMem ( + &mSmmMemLibGcdMemSpace[mSmmMemLibGcdMemNumberOfDesc], + &MemSpaceMap[Index], + sizeof(EFI_GCD_MEMORY_SPACE_DESCRIPTOR) + ); + mSmmMemLibGcdMemNumberOfDesc++; + } + } + + gBS->FreePool (MemSpaceMap); +} + /** Notification for SMM EndOfDxe protocol. =20 @@ -415,10 +497,14 @@ SmmLibInternalEndOfDxeNotify ( =20 gBS->FreePool (MemoryMap); =20 + // + // Get additional information from GCD memory map. + // + SmmMemLibInternalGetGcdMemoryMap (); + return EFI_SUCCESS; } =20 - /** Notification for SMM ReadyToLock protocol. =20 @@ -436,7 +522,7 @@ SmmLibInternalReadyToLockNotify ( IN EFI_HANDLE Handle ) { - mSmmReadyToLock =3D TRUE; + mSmmMemLibSmmReadyToLock =3D TRUE; return EFI_SUCCESS; } /** diff --git a/MdePkg/Library/SmmMemLib/SmmMemLib.inf b/MdePkg/Library/SmmMem= Lib/SmmMemLib.inf index e4edad3af2..36576a4f2f 100644 --- a/MdePkg/Library/SmmMemLib/SmmMemLib.inf +++ b/MdePkg/Library/SmmMemLib/SmmMemLib.inf @@ -43,6 +43,7 @@ [LibraryClasses] SmmServicesTableLib UefiBootServicesTableLib + DxeServicesTableLib DebugLib BaseMemoryLib HobLib --=20 2.16.2.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel