From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61942+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61942+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666935; cv=none; d=zohomail.com; s=zohoarc; b=gVRGuNIIO9XsDePmh4C9YI6Il32zUPapKuBgV+YQpv2VVNyson2V7vaHT9G5f9mU5Qr1Cn+3EmLURZXYmNcdTTU6OXNwlXzpwDxC/RtyhYMj7Pb78bFrSlh9WxIKEbWXbzRgDXT5kVstt4J6+D1Hv7nkcdlW27pf0hGd1FmNJ34= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666935; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=lTsgEMVhoXUP5Qxfwq3OzSmThOZBpgJH0zqNUSU9C9k=; b=eVvIL4/jKYbicGrdEC3/JNdPznBhOWo/otTC9EQTbm4cuid0WuFNKMn+AWBAeN6+2JdQhWmuy7hZUDdVZHxq8ZBlcEw/ofXvuufYfhlAgALuzyfdut3GKWk7P6XUPRfDJHiVtI9E3u2CfMBWD6TByISCx/cPLCesLnjhSHuTABs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61942+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666935853706.120373085705; Wed, 1 Jul 2020 22:15:35 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id kSScYY1788612xJjI9tk3uHS; Wed, 01 Jul 2020 22:15:35 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:35 -0700 IronPort-SDR: Kz13iBAEZsRql8EKI+ZUu0NMGY2aMBA2HyxD1aGIvtn2zHE5nEpZvQqC1niuJzjIeBTDWeWyv9 qF4aVLA2OJ3Q== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319015" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319015" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:34 -0700 IronPort-SDR: Jwps3/ZKOF1PWRcuw8uzKnOyQkGL+NWiCzO7joEm+3Bo127lFH2uIrtC5IAeqF1nBYSP/ehp5Y U2HidEFdcyoA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455384849" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:30 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Michael Kubacki , Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao , Debkumar De , Harry Han , Catharine West Subject: [edk2-devel] [PATCH v2 1/9] MdeModulePkg/PeiCore: Enable T-RAM evacuation in PeiCore (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:17 +0800 Message-Id: <20200702051525.1102-2-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: 5QUoi9vgl1T6h5ly1oGBT4pPx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666935; bh=pTsvkMEgMMyODxirXVV2VdjWI8IYebe+HTtVY5ATaxg=; h=Cc:Date:From:Reply-To:Subject:To; b=hca1yxpU3TYQ+GDWYyLxmuRkK817eXT29vS7r+65xJe7AUSt0b6mtZyAvqKckycLKkJ ChVBHsGd9NNmvxU4CSVnVhtpld5Dc/ysPZn6DQkdgN3bRsRJwbqpWX+fJoiWKOj08k+CU NTltUFgox2brqNK0H3qATtaWAYckyN52HCE= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Michael Kubacki REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 Introduces new changes to PeiCore to move the contents of temporary RAM visible to the PeiCore to permanent memory. This expands on pre-existing shadowing support in the PeiCore to perform the following additional actions: 1. Migrate pointers in PPIs installed in PeiCore to the permanent memory copy of PeiCore. 2. Copy all installed firmware volumes to permanent memory. 3. Relocate and fix up the PEIMs within the firmware volumes. 4. Convert all PPIs into the migrated firmware volume to the corresponding PPI address in the permanent memory location. This applies to PPIs and PEI notifications. 5. Convert all status code callbacks in the migrated firmware volume to the corresponding address in the permanent memory location. 6. Update the FV HOB to the corresponding firmware volume in permanent memory. Cc: Jian J Wang Cc: Hao A Wu Cc: Dandan Bi Cc: Liming Gao Cc: Debkumar De Cc: Harry Han Cc: Catharine West Signed-off-by: Michael Kubacki --- MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 402 ++++++++++++++++++ MdeModulePkg/Core/Pei/Image/Image.c | 115 +++++ MdeModulePkg/Core/Pei/Memory/MemoryServices.c | 82 ++++ MdeModulePkg/Core/Pei/PeiMain.h | 168 ++++++++ MdeModulePkg/Core/Pei/PeiMain.inf | 1 + MdeModulePkg/Core/Pei/PeiMain/PeiMain.c | 16 + MdeModulePkg/Core/Pei/Ppi/Ppi.c | 287 +++++++++++++ 7 files changed, 1071 insertions(+) diff --git a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c b/MdeModulePkg/C= ore/Pei/Dispatcher/Dispatcher.c index 4c2eac1384e8..ef88b3423376 100644 --- a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c +++ b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c @@ -952,6 +952,408 @@ PeiCheckAndSwitchStack ( } } =20 +/** + Migrate a PEIM from Temporary RAM to permanent memory. + + @param PeimFileHandle Pointer to the FFS file header of the image. + @param MigratedFileHandle Pointer to the FFS file header of the migrat= ed image. + + @retval EFI_SUCCESS Sucessfully migrated the PEIM to permanent m= emory. + +**/ +EFI_STATUS +EFIAPI +MigratePeim ( + IN EFI_PEI_FILE_HANDLE FileHandle, + IN EFI_PEI_FILE_HANDLE MigratedFileHandle + ) +{ + EFI_STATUS Status; + EFI_FFS_FILE_HEADER *FileHeader; + VOID *Pe32Data; + VOID *ImageAddress; + CHAR8 *AsciiString; + UINTN Index; + + Status =3D EFI_SUCCESS; + + FileHeader =3D (EFI_FFS_FILE_HEADER *) FileHandle; + ASSERT (!IS_FFS_FILE2 (FileHeader)); + + ImageAddress =3D NULL; + PeiGetPe32Data (MigratedFileHandle, &ImageAddress); + if (ImageAddress !=3D NULL) { + AsciiString =3D PeCoffLoaderGetPdbPointer (ImageAddress); + for (Index =3D 0; AsciiString[Index] !=3D 0; Index++) { + if (AsciiString[Index] =3D=3D '\\' || AsciiString[Index] =3D=3D '/')= { + AsciiString =3D AsciiString + Index + 1; + Index =3D 0; + } else if (AsciiString[Index] =3D=3D '.') { + AsciiString[Index] =3D 0; + } + } + DEBUG ((DEBUG_INFO, "%a", AsciiString)); + + Pe32Data =3D (VOID *) ((UINTN) ImageAddress - (UINTN) MigratedFileHand= le + (UINTN) FileHandle); + Status =3D LoadAndRelocatePeCoffImageInPlace (Pe32Data, ImageAddress); + ASSERT_EFI_ERROR (Status); + } + + return Status; +} + +/** + Migrate Status Code Callback function pointers inside an FV from tempora= ry memory to permanent memory. + + @param OrgFvHandle Address of FV Handle in temporary memory. + @param FvHandle Address of FV Handle in permanent memory. + @param FvSize Size of the FV. + +**/ +VOID +ConvertStatusCodeCallbacks ( + IN UINTN OrgFvHandle, + IN UINTN FvHandle, + IN UINTN FvSize + ) +{ + EFI_PEI_HOB_POINTERS Hob; + UINTN *NumberOfEntries; + UINTN *CallbackEntry; + UINTN Index; + + Hob.Raw =3D GetFirstGuidHob (&gStatusCodeCallbackGuid); + while (Hob.Raw !=3D NULL) { + NumberOfEntries =3D GET_GUID_HOB_DATA (Hob); + CallbackEntry =3D NumberOfEntries + 1; + for (Index =3D 0; Index < *NumberOfEntries; Index++) { + if (((VOID *) CallbackEntry[Index]) !=3D NULL) { + if ((CallbackEntry[Index] >=3D OrgFvHandle) && (CallbackEntry[Inde= x] < (OrgFvHandle + FvSize))) { + DEBUG ((DEBUG_INFO, "Migrating CallbackEntry[%d] from 0x%08X to = ", Index, CallbackEntry[Index])); + if (OrgFvHandle > FvHandle) { + CallbackEntry[Index] =3D CallbackEntry[Index] - (OrgFvHandle -= FvHandle); + } else { + CallbackEntry[Index] =3D CallbackEntry[Index] + (FvHandle - Or= gFvHandle); + } + DEBUG ((DEBUG_INFO, "0x%08X\n", CallbackEntry[Index])); + } + } + } + Hob.Raw =3D GET_NEXT_HOB (Hob); + Hob.Raw =3D GetNextGuidHob (&gStatusCodeCallbackGuid, Hob.Raw); + } +} + +/** + Migrates SEC modules in the given firmware volume. + + Migrating SECURITY_CORE files requires special treatment since they are = not tracked for PEI dispatch. + + This functioun should be called after the FV has been copied to its post= -memory location and the PEI Core FV list has + been updated. + + @param Private Pointer to the PeiCore's private data structure. + @param FvIndex The firmware volume index to migrate. + @param OrgFvHandle The handle to the firmware volume in temporary m= emory. + + @retval EFI_SUCCESS SEC modules were migrated successfully + @retval EFI_INVALID_PARAMETER The Private pointer is NULL or FvCount i= s invalid. + +**/ +EFI_STATUS +EFIAPI +MigrateSecModulesInFv ( + IN PEI_CORE_INSTANCE *Private, + IN UINTN FvIndex, + IN UINTN OrgFvHandle + ) +{ + EFI_STATUS Status; + EFI_STATUS FindFileStatus; + EFI_PEI_FILE_HANDLE MigratedFileHandle; + EFI_PEI_FILE_HANDLE FileHandle; + UINT32 SectionAuthenticationStatus; + UINT32 FileSize; + VOID *OrgPe32SectionData; + VOID *Pe32SectionData; + EFI_FFS_FILE_HEADER *FfsFileHeader; + EFI_COMMON_SECTION_HEADER *Section; + BOOLEAN IsFfs3Fv; + UINTN SectionInstance; + + if (Private =3D=3D NULL || FvIndex >=3D Private->FvCount) { + return EFI_INVALID_PARAMETER; + } + + do { + FindFileStatus =3D PeiFfsFindNextFile ( + GetPeiServicesTablePointer (), + EFI_FV_FILETYPE_SECURITY_CORE, + Private->Fv[FvIndex].FvHandle, + &MigratedFileHandle + ); + if (!EFI_ERROR (FindFileStatus ) && MigratedFileHandle !=3D NULL) { + FileHandle =3D (EFI_PEI_FILE_HANDLE) ((UINTN) MigratedFileHandle - (= UINTN) Private->Fv[FvIndex].FvHandle + OrgFvHandle); + FfsFileHeader =3D (EFI_FFS_FILE_HEADER *) MigratedFileHandle; + + DEBUG ((DEBUG_VERBOSE, " Migrating SEC_CORE MigratedFileHandle at= 0x%x.\n", (UINTN) MigratedFileHandle)); + DEBUG ((DEBUG_VERBOSE, " FileHandle at 0x%x.\n= ", (UINTN) FileHandle)); + + IsFfs3Fv =3D CompareGuid (&Private->Fv[FvIndex].FvHeader->FileSystem= Guid, &gEfiFirmwareFileSystem3Guid); + if (IS_FFS_FILE2 (FfsFileHeader)) { + ASSERT (FFS_FILE2_SIZE (FfsFileHeader) > 0x00FFFFFF); + if (!IsFfs3Fv) { + DEBUG ((DEBUG_ERROR, "It is a FFS3 formatted file: %g in a non-F= FS3 formatted FV.\n", &FfsFileHeader->Name)); + return EFI_NOT_FOUND; + } + Section =3D (EFI_COMMON_SECTION_HEADER *) ((UINT8 *) FfsFileHeader= + sizeof (EFI_FFS_FILE_HEADER2)); + FileSize =3D FFS_FILE2_SIZE (FfsFileHeader) - sizeof (EFI_FFS_FILE= _HEADER2); + } else { + Section =3D (EFI_COMMON_SECTION_HEADER *) ((UINT8 *) FfsFileHeader= + sizeof (EFI_FFS_FILE_HEADER)); + FileSize =3D FFS_FILE_SIZE (FfsFileHeader) - sizeof (EFI_FFS_FILE_= HEADER); + } + + SectionInstance =3D 1; + SectionAuthenticationStatus =3D 0; + Status =3D ProcessSection ( + GetPeiServicesTablePointer (), + EFI_SECTION_PE32, + &SectionInstance, + Section, + FileSize, + &Pe32SectionData, + &SectionAuthenticationStatus, + IsFfs3Fv + ); + + if (!EFI_ERROR (Status)) { + OrgPe32SectionData =3D (VOID *) ((UINTN) Pe32SectionData - (UINTN)= MigratedFileHandle + (UINTN) FileHandle); + DEBUG ((DEBUG_VERBOSE, " PE32 section in migrated file at 0x%= x.\n", (UINTN) Pe32SectionData)); + DEBUG ((DEBUG_VERBOSE, " PE32 section in original file at 0x%= x.\n", (UINTN) OrgPe32SectionData)); + Status =3D LoadAndRelocatePeCoffImageInPlace (OrgPe32SectionData, = Pe32SectionData); + ASSERT_EFI_ERROR (Status); + } + } + } while (!EFI_ERROR (FindFileStatus)); + + return EFI_SUCCESS; +} + +/** + Migrates PEIMs in the given firmware volume. + + @param Private Pointer to the PeiCore's private data structure. + @param FvIndex The firmware volume index to migrate. + @param OrgFvHandle The handle to the firmware volume in temporary m= emory. + @param FvHandle The handle to the firmware volume in permanent m= emory. + + @retval EFI_SUCCESS The PEIMs in the FV were migrated succes= sfully + @retval EFI_INVALID_PARAMETER The Private pointer is NULL or FvCount i= s invalid. + +**/ +EFI_STATUS +EFIAPI +MigratePeimsInFv ( + IN PEI_CORE_INSTANCE *Private, + IN UINTN FvIndex, + IN UINTN OrgFvHandle, + IN UINTN FvHandle + ) +{ + EFI_STATUS Status; + volatile UINTN FileIndex; + EFI_PEI_FILE_HANDLE MigratedFileHandle; + EFI_PEI_FILE_HANDLE FileHandle; + + if (Private =3D=3D NULL || FvIndex >=3D Private->FvCount) { + return EFI_INVALID_PARAMETER; + } + + if (Private->Fv[FvIndex].ScanFv) { + for (FileIndex =3D 0; FileIndex < Private->Fv[FvIndex].PeimCount; File= Index++) { + if (Private->Fv[FvIndex].FvFileHandles[FileIndex] !=3D NULL) { + FileHandle =3D Private->Fv[FvIndex].FvFileHandles[FileIndex]; + + MigratedFileHandle =3D (EFI_PEI_FILE_HANDLE) ((UINTN) FileHandle -= OrgFvHandle + FvHandle); + + DEBUG ((DEBUG_VERBOSE, " Migrating FileHandle %2d ", FileIndex)= ); + Status =3D MigratePeim (FileHandle, MigratedFileHandle); + DEBUG ((DEBUG_INFO, "\n")); + ASSERT_EFI_ERROR (Status); + + if (!EFI_ERROR (Status)) { + // if (Private->Fv[FvIndex].PeimState[FileIndex] =3D=3D PEIM_STA= TE_REGISTER_FOR_SHADOW) { + // Private->Fv[FvIndex].PeimState[FileIndex]++; + // } + Private->Fv[FvIndex].FvFileHandles[FileIndex] =3D MigratedFileHa= ndle; + if (FvIndex =3D=3D Private->CurrentPeimFvCount) { + Private->CurrentFvFileHandles[FileIndex] =3D MigratedFileHandl= e; + } + } + } + } + } + + return EFI_SUCCESS; +} + +/** + Migrate FVs out of temporary RAM before the cache is flushed. + + @param Private PeiCore's private data structure + @param SecCoreData Points to a data structure containing information= about the PEI core's operating + environment, such as the size and location of tem= porary RAM, the stack location and + the BFV location. + + @retval EFI_SUCCESS Succesfully migrated installed FVs from te= mporary RAM to permanent memory. + @retval EFI_OUT_OF_RESOURCES Insufficient memory exists to allocate nee= ded pages. + +**/ +EFI_STATUS +EFIAPI +EvacuateTempRam ( + IN PEI_CORE_INSTANCE *Private, + IN CONST EFI_SEC_PEI_HAND_OFF *SecCoreData + ) +{ + EFI_STATUS Status; + volatile UINTN FvIndex; + volatile UINTN FvChildIndex; + UINTN ChildFvOffset; + EFI_FIRMWARE_VOLUME_HEADER *FvHeader; + EFI_FIRMWARE_VOLUME_HEADER *ChildFvHeader; + EFI_FIRMWARE_VOLUME_HEADER *MigratedFvHeader; + EFI_FIRMWARE_VOLUME_HEADER *MigratedChildFvHeader; + + PEI_CORE_FV_HANDLE PeiCoreFvHandle; + EFI_PEI_CORE_FV_LOCATION_PPI *PeiCoreFvLocationPpi; + + ASSERT (Private->PeiMemoryInstalled); + + DEBUG ((DEBUG_VERBOSE, "Beginning evacuation of content in temporary RAM= .\n")); + + // + // Migrate PPI Pointers of PEI_CORE from temporary memory to newly loade= d PEI_CORE in permanent memory. + // + Status =3D PeiLocatePpi ((CONST EFI_PEI_SERVICES **) &Private->Ps, &gEfi= PeiCoreFvLocationPpiGuid, 0, NULL, (VOID **) &PeiCoreFvLocationPpi); + if (!EFI_ERROR (Status) && (PeiCoreFvLocationPpi->PeiCoreFvLocation !=3D= NULL)) { + PeiCoreFvHandle.FvHandle =3D (EFI_PEI_FV_HANDLE) PeiCoreFvLocationPpi-= >PeiCoreFvLocation; + } else { + PeiCoreFvHandle.FvHandle =3D (EFI_PEI_FV_HANDLE) SecCoreData->BootFirm= wareVolumeBase; + } + for (FvIndex =3D 0; FvIndex < Private->FvCount; FvIndex++) { + if (Private->Fv[FvIndex].FvHandle =3D=3D PeiCoreFvHandle.FvHandle) { + PeiCoreFvHandle =3D Private->Fv[FvIndex]; + break; + } + } + Status =3D EFI_SUCCESS; + + ConvertPeiCorePpiPointers (Private, PeiCoreFvHandle); + + for (FvIndex =3D 0; FvIndex < Private->FvCount; FvIndex++) { + FvHeader =3D Private->Fv[FvIndex].FvHeader; + ASSERT (FvHeader !=3D NULL); + ASSERT (FvIndex < Private->FvCount); + + DEBUG ((DEBUG_VERBOSE, "FV[%02d] at 0x%x.\n", FvIndex, (UINTN) FvHeade= r)); + if ( + !( + ((EFI_PHYSICAL_ADDRESS)(UINTN) FvHeader >=3D Private->PhysicalMemo= ryBegin) && + (((EFI_PHYSICAL_ADDRESS)(UINTN) FvHeader + (FvHeader->FvLength - 1= )) < Private->FreePhysicalMemoryTop) + ) + ) { + Status =3D PeiServicesAllocatePages ( + EfiBootServicesCode, + EFI_SIZE_TO_PAGES ((UINTN) FvHeader->FvLength), + (EFI_PHYSICAL_ADDRESS *) &MigratedFvHeader + ); + ASSERT_EFI_ERROR (Status); + + DEBUG (( + DEBUG_VERBOSE, + " Migrating FV[%d] from 0x%08X to 0x%08X\n", + FvIndex, + (UINTN) FvHeader, + (UINTN) MigratedFvHeader + )); + + CopyMem (MigratedFvHeader, FvHeader, (UINTN) FvHeader->FvLength); + + // + // Migrate any children for this FV now + // + for (FvChildIndex =3D FvIndex; FvChildIndex < Private->FvCount; FvCh= ildIndex++) { + ChildFvHeader =3D Private->Fv[FvChildIndex].FvHeader; + if ( + ((UINTN) ChildFvHeader > (UINTN) FvHeader) && + (((UINTN) ChildFvHeader + ChildFvHeader->FvLength) < ((UINTN) Fv= Header) + FvHeader->FvLength) + ) { + DEBUG ((DEBUG_VERBOSE, " Child FV[%02d] is being migrated.\n"= , FvChildIndex)); + ChildFvOffset =3D (UINTN) ChildFvHeader - (UINTN) FvHeader; + DEBUG ((DEBUG_VERBOSE, " Child FV offset =3D 0x%x.\n", ChildF= vOffset)); + MigratedChildFvHeader =3D (EFI_FIRMWARE_VOLUME_HEADER *) ((UINTN= ) MigratedFvHeader + ChildFvOffset); + Private->Fv[FvChildIndex].FvHeader =3D MigratedChildFvHeader; + Private->Fv[FvChildIndex].FvHandle =3D (EFI_PEI_FV_HANDLE) Migra= tedChildFvHeader; + DEBUG ((DEBUG_VERBOSE, " Child migrated FV header at 0x%x.\n"= , (UINTN) MigratedChildFvHeader)); + + // @todo: find issue with file and section alignment in SEC PE32= images for migration + // (alignment in P32 is given as 32-bit when actual align= ment is 16-bit) + // SEC PPIs are currently re-installed with a dedicated P= EIM + // Status =3D MigrateSecModulesInFv (Private, FvChildIndex, (UIN= TN) ChildFvHeader); + // ASSERT_EFI_ERROR (Status); + Status =3D MigratePeimsInFv (Private, FvChildIndex, (UINTN) Chi= ldFvHeader, (UINTN) MigratedChildFvHeader); + ASSERT_EFI_ERROR (Status); + + ConvertPpiPointersFv ( + Private, + (UINTN) ChildFvHeader, + (UINTN) MigratedChildFvHeader, + (UINTN) ChildFvHeader->FvLength - 1 + ); + + ConvertStatusCodeCallbacks ( + (UINTN) ChildFvHeader, + (UINTN) MigratedChildFvHeader, + (UINTN) ChildFvHeader->FvLength - 1 + ); + + ConvertFvHob (Private, (UINTN) ChildFvHeader, (UINTN) MigratedCh= ildFvHeader); + } + } + Private->Fv[FvIndex].FvHeader =3D MigratedFvHeader; + Private->Fv[FvIndex].FvHandle =3D (EFI_PEI_FV_HANDLE) MigratedFvHead= er; + + // @todo: find issue with file and section alignment in SEC PE32 ima= ges for migration + // (alignment in P32 is given as 32-bit when actual alignment= is 16-bit) + // SEC PPIs are currently re-installed with a dedicated PEIM + // Status =3D MigrateSecModulesInFv (Private, FvIndex, (UINTN) FvHea= der); + // ASSERT_EFI_ERROR (Status); + Status =3D MigratePeimsInFv (Private, FvIndex, (UINTN) FvHeader, (UI= NTN) MigratedFvHeader); + ASSERT_EFI_ERROR (Status); + + ConvertPpiPointersFv ( + Private, + (UINTN) FvHeader, + (UINTN) MigratedFvHeader, + (UINTN) FvHeader->FvLength - 1 + ); + + ConvertStatusCodeCallbacks ( + (UINTN) FvHeader, + (UINTN) MigratedFvHeader, + (UINTN) FvHeader->FvLength - 1 + ); + + ConvertFvHob (Private, (UINTN) FvHeader, (UINTN) MigratedFvHeader); + } + } + + RemoveFvHobsInTemporaryMemory (Private); + + return Status; +} + /** Conduct PEIM dispatch. =20 diff --git a/MdeModulePkg/Core/Pei/Image/Image.c b/MdeModulePkg/Core/Pei/Im= age/Image.c index e3ee3699337f..612797722a3e 100644 --- a/MdeModulePkg/Core/Pei/Image/Image.c +++ b/MdeModulePkg/Core/Pei/Image/Image.c @@ -444,6 +444,121 @@ LoadAndRelocatePeCoffImage ( return ReturnStatus; } =20 +/** + Loads and relocates a PE/COFF image in place. + + @param Pe32Data The base address of the PE/COFF file that is to = be loaded and relocated + @param ImageAddress The base address of the relocated PE/COFF image + + @retval EFI_SUCCESS The file was loaded and relocated + +**/ +EFI_STATUS +LoadAndRelocatePeCoffImageInPlace ( + IN VOID *Pe32Data, + IN VOID *ImageAddress + ) +{ + EFI_STATUS Status; + PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + + ZeroMem (&ImageContext, sizeof (ImageContext)); + ImageContext.Handle =3D Pe32Data; + ImageContext.ImageRead =3D PeiImageRead; + + Status =3D PeCoffLoaderGetImageInfo (&ImageContext); + if (EFI_ERROR (Status)) { + ASSERT_EFI_ERROR (Status); + return Status; + } + + ImageContext.ImageAddress =3D (PHYSICAL_ADDRESS)(UINTN) ImageAddress; + + // + // Load the image in place + // + Status =3D PeCoffLoaderLoadImage (&ImageContext); + if (EFI_ERROR (Status)) { + ASSERT_EFI_ERROR (Status); + return Status; + } + + // + // Relocate the image in place + // + Status =3D PeCoffLoaderRelocateImage (&ImageContext); + if (EFI_ERROR (Status)) { + ASSERT_EFI_ERROR (Status); + return Status; + } + + // + // Flush the instruction cache so the image data is written before we ex= ecute it + // + if (ImageContext.ImageAddress !=3D (EFI_PHYSICAL_ADDRESS)(UINTN) Pe32Dat= a) { + InvalidateInstructionCacheRange ((VOID *)(UINTN)ImageContext.ImageAddr= ess, (UINTN)ImageContext.ImageSize); + } + + return Status; +} + +/** + Find the PE32 Data for an FFS file. + + @param FileHandle Pointer to the FFS file header of the image. + @param Pe32Data Pointer to a (VOID *) PE32 Data pointer. + + @retval EFI_SUCCESS Image is successfully loaded. + @retval EFI_NOT_FOUND Fail to locate PE32 Data. + +**/ +EFI_STATUS +PeiGetPe32Data ( + IN EFI_PEI_FILE_HANDLE FileHandle, + OUT VOID **Pe32Data + ) +{ + EFI_STATUS Status; + EFI_SECTION_TYPE SearchType1; + EFI_SECTION_TYPE SearchType2; + UINT32 AuthenticationState; + + *Pe32Data =3D NULL; + + if (FeaturePcdGet (PcdPeiCoreImageLoaderSearchTeSectionFirst)) { + SearchType1 =3D EFI_SECTION_TE; + SearchType2 =3D EFI_SECTION_PE32; + } else { + SearchType1 =3D EFI_SECTION_PE32; + SearchType2 =3D EFI_SECTION_TE; + } + + // + // Try to find a first exe section (if PcdPeiCoreImageLoaderSearchTeSect= ionFirst + // is true, TE will be searched first). + // + Status =3D PeiServicesFfsFindSectionData3 ( + SearchType1, + 0, + FileHandle, + Pe32Data, + &AuthenticationState + ); + // + // If we didn't find a first exe section, try to find the second exe sec= tion. + // + if (EFI_ERROR (Status)) { + Status =3D PeiServicesFfsFindSectionData3 ( + SearchType2, + 0, + FileHandle, + Pe32Data, + &AuthenticationState + ); + } + return Status; +} + /** Loads a PEIM into memory for subsequent execution. If there are compress= ed images or images that need to be relocated into memory for performance r= easons, diff --git a/MdeModulePkg/Core/Pei/Memory/MemoryServices.c b/MdeModulePkg/C= ore/Pei/Memory/MemoryServices.c index 6b3a64a811cd..9d933f0393a8 100644 --- a/MdeModulePkg/Core/Pei/Memory/MemoryServices.c +++ b/MdeModulePkg/Core/Pei/Memory/MemoryServices.c @@ -166,6 +166,88 @@ MigrateMemoryPages ( Private->FreePhysicalMemoryTop =3D NewMemPagesBase; } =20 +/** + Removes any FV HOBs whose base address is not in PEI installed memory. + + @param[in] Private Pointer to PeiCore's private data structure. + +**/ +VOID +RemoveFvHobsInTemporaryMemory ( + IN PEI_CORE_INSTANCE *Private + ) +{ + EFI_PEI_HOB_POINTERS Hob; + EFI_HOB_FIRMWARE_VOLUME *FirmwareVolumeHob; + + DEBUG ((DEBUG_INFO, "Removing FVs in FV HOB not already migrated to perm= anent memory.\n")); + + for (Hob.Raw =3D GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw =3D GET_= NEXT_HOB (Hob)) { + if (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_FV || GET_HOB_TYPE (Hob) = =3D=3D EFI_HOB_TYPE_FV2 || GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_FV3) { + FirmwareVolumeHob =3D Hob.FirmwareVolume; + DEBUG ((DEBUG_INFO, " Found FV HOB.\n")); + DEBUG (( + DEBUG_INFO, + " BA=3D%016lx L=3D%016lx\n", + FirmwareVolumeHob->BaseAddress, + FirmwareVolumeHob->Length + )); + if ( + !( + ((EFI_PHYSICAL_ADDRESS) (UINTN) FirmwareVolumeHob->BaseAddress >= =3D Private->PhysicalMemoryBegin) && + (((EFI_PHYSICAL_ADDRESS) (UINTN) FirmwareVolumeHob->BaseAddress = + (FirmwareVolumeHob->Length - 1)) < Private->FreePhysicalMemoryTop) + ) + ) { + DEBUG ((DEBUG_INFO, " Removing FV HOB to an FV in T-RAM (was = not migrated).\n")); + Hob.Header->HobType =3D EFI_HOB_TYPE_UNUSED; + } + } + } +} + +/** + Migrate the base address in firmware volume allocation HOBs + from temporary memory to PEI installed memory. + + @param[in] PrivateData Pointer to PeiCore's private data structure. + @param[in] OrgFvHandle Address of FV Handle in temporary memory. + @param[in] FvHandle Address of FV Handle in permanent memory. + +**/ +VOID +ConvertFvHob ( + IN PEI_CORE_INSTANCE *PrivateData, + IN UINTN OrgFvHandle, + IN UINTN FvHandle + ) +{ + EFI_PEI_HOB_POINTERS Hob; + EFI_HOB_FIRMWARE_VOLUME *FirmwareVolumeHob; + EFI_HOB_FIRMWARE_VOLUME2 *FirmwareVolume2Hob; + EFI_HOB_FIRMWARE_VOLUME3 *FirmwareVolume3Hob; + + DEBUG ((DEBUG_INFO, "Converting FVs in FV HOB.\n")); + + for (Hob.Raw =3D GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw =3D GET_= NEXT_HOB (Hob)) { + if (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_FV) { + FirmwareVolumeHob =3D Hob.FirmwareVolume; + if (FirmwareVolumeHob->BaseAddress =3D=3D OrgFvHandle) { + FirmwareVolumeHob->BaseAddress =3D FvHandle; + } + } else if (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_FV2) { + FirmwareVolume2Hob =3D Hob.FirmwareVolume2; + if (FirmwareVolume2Hob->BaseAddress =3D=3D OrgFvHandle) { + FirmwareVolume2Hob->BaseAddress =3D FvHandle; + } + } else if (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_FV3) { + FirmwareVolume3Hob =3D Hob.FirmwareVolume3; + if (FirmwareVolume3Hob->BaseAddress =3D=3D OrgFvHandle) { + FirmwareVolume3Hob->BaseAddress =3D FvHandle; + } + } + } +} + /** Migrate MemoryBaseAddress in memory allocation HOBs from the temporary memory to PEI installed memory. diff --git a/MdeModulePkg/Core/Pei/PeiMain.h b/MdeModulePkg/Core/Pei/PeiMai= n.h index 56b3bd85793d..b0101dba5e30 100644 --- a/MdeModulePkg/Core/Pei/PeiMain.h +++ b/MdeModulePkg/Core/Pei/PeiMain.h @@ -394,6 +394,41 @@ PeimDispatchReadiness ( IN VOID *DependencyExpression ); =20 +/** + Migrate a PEIM from Temporary RAM to permanent memory. + + @param PeimFileHandle Pointer to the FFS file header of the image. + @param MigratedFileHandle Pointer to the FFS file header of the migrat= ed image. + + @retval EFI_SUCCESS Sucessfully migrated the PEIM to permanent m= emory. + +**/ +EFI_STATUS +EFIAPI +MigratePeim ( + IN EFI_PEI_FILE_HANDLE FileHandle, + IN EFI_PEI_FILE_HANDLE MigratedFileHandle + ); + +/** + Migrate FVs out of Temporary RAM before the cache is flushed. + + @param Private PeiCore's private data structure + @param SecCoreData Points to a data structure containing information= about the PEI core's operating + environment, such as the size and location of tem= porary RAM, the stack location and + the BFV location. + + @retval EFI_SUCCESS Succesfully migrated installed FVs from Te= mporary RAM to permanent memory. + @retval EFI_OUT_OF_RESOURCES Insufficient memory exists to allocate nee= ded pages. + +**/ +EFI_STATUS +EFIAPI +EvacuateTempRam ( + IN PEI_CORE_INSTANCE *Private, + IN CONST EFI_SEC_PEI_HAND_OFF *SecCoreData + ); + /** Conduct PEIM dispatch. =20 @@ -477,6 +512,50 @@ ConvertPpiPointers ( IN PEI_CORE_INSTANCE *PrivateData ); =20 +/** + + Migrate Notify Pointers inside an FV from temporary memory to permanent = memory. + + @param PrivateData Pointer to PeiCore's private data structure. + @param OrgFvHandle Address of FV Handle in temporary memory. + @param FvHandle Address of FV Handle in permanent memory. + @param FvSize Size of the FV. + +**/ +VOID +ConvertPpiPointersFv ( + IN PEI_CORE_INSTANCE *PrivateData, + IN UINTN OrgFvHandle, + IN UINTN FvHandle, + IN UINTN FvSize + ); + +/** + + Migrate PPI Pointers of PEI_CORE from temporary memory to permanent memo= ry. + + @param PrivateData Pointer to PeiCore's private data structure. + @param CoreFvHandle Address of PEI_CORE FV Handle in temporary memor= y. + +**/ +VOID +ConvertPeiCorePpiPointers ( + IN PEI_CORE_INSTANCE *PrivateData, + PEI_CORE_FV_HANDLE CoreFvHandle + ); + +/** + + Dumps the PPI lists to debug output. + + @param PrivateData Points to PeiCore's private instance data. + +**/ +VOID +DumpPpiList ( + IN PEI_CORE_INSTANCE *PrivateData + ); + /** =20 Install PPI services. It is implementation of EFI_PEI_SERVICE.InstallPpi. @@ -808,6 +887,37 @@ PeiFfsFindNextFile ( IN OUT EFI_PEI_FILE_HANDLE *FileHandle ); =20 +/** + Go through the file to search SectionType section. + Search within encapsulation sections (compression and GUIDed) recursivel= y, + until the match section is found. + + @param PeiServices An indirect pointer to the EFI_PEI_SERVICES tab= le published by the PEI Foundation. + @param SectionType Filter to find only section of this type. + @param SectionInstance Pointer to the filter to find the specific inst= ance of section. + @param Section From where to search. + @param SectionSize The file size to search. + @param OutputBuffer A pointer to the discovered section, if success= ful. + NULL if section not found + @param AuthenticationStatus Updated upon return to point to the authenti= cation status for this section. + @param IsFfs3Fv Indicates the FV format. + + @return EFI_NOT_FOUND The match section is not found. + @return EFI_SUCCESS The match section is found. + +**/ +EFI_STATUS +ProcessSection ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN EFI_SECTION_TYPE SectionType, + IN OUT UINTN *SectionInstance, + IN EFI_COMMON_SECTION_HEADER *Section, + IN UINTN SectionSize, + OUT VOID **OutputBuffer, + OUT UINT32 *AuthenticationStatus, + IN BOOLEAN IsFfs3Fv + ); + /** Searches for the next matching section within the specified file. =20 @@ -931,6 +1041,33 @@ MigrateMemoryPages ( IN BOOLEAN TemporaryRamMigrated ); =20 +/** + Removes any FV HOBs whose base address is not in PEI installed memory. + + @param[in] Private Pointer to PeiCore's private data structure. + +**/ +VOID +RemoveFvHobsInTemporaryMemory ( + IN PEI_CORE_INSTANCE *Private + ); + +/** + Migrate the base address in firmware volume allocation HOBs + from temporary memory to PEI installed memory. + + @param[in] PrivateData Pointer to PeiCore's private data structure. + @param[in] OrgFvHandle Address of FV Handle in temporary memory. + @param[in] FvHandle Address of FV Handle in permanent memory. + +**/ +VOID +ConvertFvHob ( + IN PEI_CORE_INSTANCE *PrivateData, + IN UINTN OrgFvHandle, + IN UINTN FvHandle + ); + /** Migrate MemoryBaseAddress in memory allocation HOBs from the temporary memory to PEI installed memory. @@ -1249,6 +1386,37 @@ InitializeImageServices ( IN PEI_CORE_INSTANCE *OldCoreData ); =20 +/** + Loads and relocates a PE/COFF image in place. + + @param Pe32Data The base address of the PE/COFF file that is to = be loaded and relocated + @param ImageAddress The base address of the relocated PE/COFF image + + @retval EFI_SUCCESS The file was loaded and relocated + +**/ +EFI_STATUS +LoadAndRelocatePeCoffImageInPlace ( + IN VOID *Pe32Data, + IN VOID *ImageAddress + ); + +/** + Find the PE32 Data for an FFS file. + + @param FileHandle Pointer to the FFS file header of the image. + @param Pe32Data Pointer to a (VOID *) PE32 Data pointer. + + @retval EFI_SUCCESS Image is successfully loaded. + @retval EFI_NOT_FOUND Fail to locate PE32 Data. + +**/ +EFI_STATUS +PeiGetPe32Data ( + IN EFI_PEI_FILE_HANDLE FileHandle, + OUT VOID **Pe32Data + ); + /** The wrapper function of PeiLoadImageLoadImage(). =20 diff --git a/MdeModulePkg/Core/Pei/PeiMain.inf b/MdeModulePkg/Core/Pei/PeiM= ain.inf index 6e25cc40232a..5ff14100a65f 100644 --- a/MdeModulePkg/Core/Pei/PeiMain.inf +++ b/MdeModulePkg/Core/Pei/PeiMain.inf @@ -76,6 +76,7 @@ [Guids] ## CONSUMES ## UNDEFINED # Locate PPI ## CONSUMES ## GUID # Used to compare with FV's file system GUID = and get the FV's file system format gEfiFirmwareFileSystem3Guid + gStatusCodeCallbackGuid =20 [Ppis] gEfiPeiStatusCodePpiGuid ## SOMETIMES_CONSUMES # Pe= iReportStatusService is not ready if this PPI doesn't exist diff --git a/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c b/MdeModulePkg/Core/Pe= i/PeiMain/PeiMain.c index cca57c4c0686..802cd239e2eb 100644 --- a/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c +++ b/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c @@ -418,6 +418,22 @@ PeiCore ( ProcessPpiListFromSec ((CONST EFI_PEI_SERVICES **) &PrivateData.Ps, = PpiList); } } else { + if ( + (!(PrivateData.HobList.HandoffInformationTable->BootMode =3D=3D BOOT= _ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnBoot)) || + ((PrivateData.HobList.HandoffInformationTable->BootMode =3D=3D BOOT_= ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot)) + ) { + DEBUG ((DEBUG_VERBOSE, "PPI lists before temporary RAM evacuation:\n= ")); + DumpPpiList (&PrivateData); + + // + // Migrate installed content from Temporary RAM to Permanent RAM + // + EvacuateTempRam (&PrivateData, SecCoreData); + + DEBUG ((DEBUG_VERBOSE, "PPI lists after temporary RAM evacuation:\n"= )); + DumpPpiList (&PrivateData); + } + // // Try to locate Temporary RAM Done Ppi. // diff --git a/MdeModulePkg/Core/Pei/Ppi/Ppi.c b/MdeModulePkg/Core/Pei/Ppi/Pp= i.c index 1ffe718c4702..018b25f86470 100644 --- a/MdeModulePkg/Core/Pei/Ppi/Ppi.c +++ b/MdeModulePkg/Core/Pei/Ppi/Ppi.c @@ -198,6 +198,227 @@ ConvertPpiPointers ( } } =20 +/** + + Migrate Notify Pointers inside an FV from temporary memory to permanent = memory. + + @param PrivateData Pointer to PeiCore's private data structure. + @param OrgFvHandle Address of FV Handle in temporary memory. + @param FvHandle Address of FV Handle in permanent memory. + @param FvSize Size of the FV. + +**/ +VOID +ConvertPpiPointersFv ( + IN PEI_CORE_INSTANCE *PrivateData, + IN UINTN OrgFvHandle, + IN UINTN FvHandle, + IN UINTN FvSize + ) +{ + UINT8 Index; + UINTN Offset; + BOOLEAN OffsetPositive; + EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *FvInfoPpi; + UINT8 GuidIndex; + EFI_GUID *Guid; + EFI_GUID *GuidCheckList[2]; + + GuidCheckList[0] =3D &gEfiPeiFirmwareVolumeInfoPpiGuid; + GuidCheckList[1] =3D &gEfiPeiFirmwareVolumeInfo2PpiGuid; + + if (FvHandle > OrgFvHandle) { + OffsetPositive =3D TRUE; + Offset =3D FvHandle - OrgFvHandle; + } else { + OffsetPositive =3D FALSE; + Offset =3D OrgFvHandle - FvHandle; + } + + DEBUG ((DEBUG_VERBOSE, "Converting PPI pointers in FV.\n")); + DEBUG (( + DEBUG_VERBOSE, + " OrgFvHandle at 0x%08x. FvHandle at 0x%08x. FvSize =3D 0x%x\n", + (UINTN) OrgFvHandle, + (UINTN) FvHandle, + FvSize + )); + DEBUG (( + DEBUG_VERBOSE, + " OrgFvHandle range: 0x%08x - 0x%08x\n", + OrgFvHandle, + OrgFvHandle + FvSize + )); + + for (Index =3D 0; Index < PrivateData->PpiData.CallbackNotifyList.Curren= tCount; Index++) { + ConvertPointer ( + (VOID **) &PrivateData->PpiData.CallbackNotifyList.NotifyPtrs[Inde= x].Raw, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + ConvertPointer ( + (VOID **) &PrivateData->PpiData.CallbackNotifyList.NotifyPtrs[Inde= x].Notify->Guid, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + ConvertPointer ( + (VOID **) &PrivateData->PpiData.CallbackNotifyList.NotifyPtrs[Inde= x].Notify->Notify, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + } + + for (Index =3D 0; Index < PrivateData->PpiData.DispatchNotifyList.Curren= tCount; Index++) { + ConvertPointer ( + (VOID **) &PrivateData->PpiData.DispatchNotifyList.NotifyPtrs[Index]= .Raw, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + ConvertPointer ( + (VOID **) &PrivateData->PpiData.DispatchNotifyList.NotifyPtrs[Index]= .Notify->Guid, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + ConvertPointer ( + (VOID **) &PrivateData->PpiData.DispatchNotifyList.NotifyPtrs[Index]= .Notify->Notify, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + } + + for (Index =3D 0; Index < PrivateData->PpiData.PpiList.CurrentCount; Ind= ex++) { + ConvertPointer ( + (VOID **) &PrivateData->PpiData.PpiList.PpiPtrs[Index].Raw, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + ConvertPointer ( + (VOID **) &PrivateData->PpiData.PpiList.PpiPtrs[Index].Ppi->Guid, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + ConvertPointer ( + (VOID **) &PrivateData->PpiData.PpiList.PpiPtrs[Index].Ppi->Ppi, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + + Guid =3D PrivateData->PpiData.PpiList.PpiPtrs[Index].Ppi->Guid; + for (GuidIndex =3D 0; GuidIndex < ARRAY_SIZE (GuidCheckList); ++GuidIn= dex) { + // + // Don't use CompareGuid function here for performance reasons. + // Instead we compare the GUID as INT32 at a time and branch + // on the first failed comparison. + // + if ((((INT32 *)Guid)[0] =3D=3D ((INT32 *)GuidCheckList[GuidIndex])[0= ]) && + (((INT32 *)Guid)[1] =3D=3D ((INT32 *)GuidCheckList[GuidIndex])[1= ]) && + (((INT32 *)Guid)[2] =3D=3D ((INT32 *)GuidCheckList[GuidIndex])[2= ]) && + (((INT32 *)Guid)[3] =3D=3D ((INT32 *)GuidCheckList[GuidIndex])[3= ])) { + FvInfoPpi =3D PrivateData->PpiData.PpiList.PpiPtrs[Index].Ppi->Ppi; + DEBUG ((DEBUG_VERBOSE, " FvInfo: %p -> ", FvInfoPpi->FvInfo)); + if ((UINTN)FvInfoPpi->FvInfo =3D=3D OrgFvHandle) { + ConvertPointer ( + (VOID **)&FvInfoPpi->FvInfo, + OrgFvHandle, + OrgFvHandle + FvSize, + Offset, + OffsetPositive + ); + DEBUG ((DEBUG_VERBOSE, "%p", FvInfoPpi->FvInfo)); + } + DEBUG ((DEBUG_VERBOSE, "\n")); + break; + } + } + } +} + +/** + + Dumps the PPI lists to debug output. + + @param PrivateData Points to PeiCore's private instance data. + +**/ +VOID +DumpPpiList ( + IN PEI_CORE_INSTANCE *PrivateData + ) +{ + DEBUG_CODE_BEGIN (); + UINTN Index; + + if (PrivateData =3D=3D NULL) { + return; + } + + for (Index =3D 0; Index < PrivateData->PpiData.CallbackNotifyList.Curren= tCount; Index++) { + DEBUG (( + DEBUG_VERBOSE, + "CallbackNotify[%2d] {%g} at 0x%x (%a)\n", + Index, + PrivateData->PpiData.CallbackNotifyList.NotifyPtrs[Index].Notify->Gu= id, + (UINTN) PrivateData->PpiData.CallbackNotifyList.NotifyPtrs[Index].Ra= w, + ( + !( + ((EFI_PHYSICAL_ADDRESS) (UINTN) PrivateData->PpiData.CallbackNot= ifyList.NotifyPtrs[Index].Raw >=3D PrivateData->PhysicalMemoryBegin) && + (((EFI_PHYSICAL_ADDRESS) ((UINTN) PrivateData->PpiData.CallbackN= otifyList.NotifyPtrs[Index].Raw) + sizeof (EFI_PEI_NOTIFY_DESCRIPTOR)) < Pr= ivateData->FreePhysicalMemoryTop) + ) + ? "CAR" : "Post-Memory" + ) + )); + } + for (Index =3D 0; Index < PrivateData->PpiData.DispatchNotifyList.Curren= tCount; Index++) { + DEBUG ((DEBUG_VERBOSE, + "DispatchNotify[%2d] {%g} at 0x%x (%a)\n", + Index, + PrivateData->PpiData.DispatchNotifyList.NotifyPtrs[Index].Notify->Guid, + (UINTN) PrivateData->PpiData.DispatchNotifyList.NotifyPtrs[Index].Raw, + ( + !( + ((EFI_PHYSICAL_ADDRESS) (UINTN) PrivateData->PpiData.DispatchNotif= yList.NotifyPtrs[Index].Raw >=3DPrivateData->PhysicalMemoryBegin) && + (((EFI_PHYSICAL_ADDRESS) ((UINTN) PrivateData->PpiData.DispatchNot= ifyList.NotifyPtrs[Index].Raw) + sizeof (EFI_PEI_NOTIFY_DESCRIPTOR)) < Priv= ateData->FreePhysicalMemoryTop) + ) + ? "CAR" : "Post-Memory" + ) + )); + } + for (Index =3D 0; Index < PrivateData->PpiData.PpiList.CurrentCount; Ind= ex++) { + DEBUG ((DEBUG_VERBOSE, + "PPI[%2d] {%g} at 0x%x (%a)\n", + Index, + PrivateData->PpiData.PpiList.PpiPtrs[Index].Ppi->Guid, + (UINTN) PrivateData->PpiData.PpiList.PpiPtrs[Index].Raw, + ( + !( + ((EFI_PHYSICAL_ADDRESS) (UINTN) PrivateData->PpiData.PpiList.PpiPt= rs[Index].Raw >=3D PrivateData->PhysicalMemoryBegin) && + (((EFI_PHYSICAL_ADDRESS) ((UINTN) PrivateData->PpiData.PpiList.Ppi= Ptrs[Index].Raw) + sizeof (EFI_PEI_PPI_DESCRIPTOR)) < PrivateData->FreePhys= icalMemoryTop) + ) + ? "CAR" : "Post-Memory" + ) + )); + } + DEBUG_CODE_END (); +} + /** =20 This function installs an interface in the PEI PPI database by GUID. @@ -830,3 +1051,69 @@ ProcessPpiListFromSec ( } } =20 +/** + + Migrate PPI Pointers of PEI_CORE from temporary memory to permanent memo= ry. + + @param PrivateData Pointer to PeiCore's private data structure. + @param CoreFvHandle Address of PEI_CORE FV Handle in temporary memor= y. + +**/ + +VOID +ConvertPeiCorePpiPointers ( + IN PEI_CORE_INSTANCE *PrivateData, + PEI_CORE_FV_HANDLE CoreFvHandle + ) +{ + EFI_FV_FILE_INFO FileInfo; + EFI_PHYSICAL_ADDRESS OrgImageBase; + EFI_PHYSICAL_ADDRESS MigratedImageBase; + UINTN PeiCoreModuleSize; + EFI_PEI_FILE_HANDLE PeiCoreFileHandle; + VOID *PeiCoreImageBase; + VOID *PeiCoreEntryPoint; + EFI_STATUS Status; + + PeiCoreFileHandle =3D NULL; + + // + // Find the PEI Core in the BFV in temporary memory. + // + Status =3D CoreFvHandle.FvPpi->FindFileByType ( + CoreFvHandle.FvPpi, + EFI_FV_FILETYPE_PEI_CORE, + CoreFvHandle.FvHandle, + &PeiCoreFileHandle + ); + ASSERT_EFI_ERROR (Status); + + if (!EFI_ERROR (Status)) { + Status =3D CoreFvHandle.FvPpi->GetFileInfo (CoreFvHandle.FvPpi, PeiCor= eFileHandle, &FileInfo); + ASSERT_EFI_ERROR (Status); + + Status =3D PeiGetPe32Data (PeiCoreFileHandle, &PeiCoreImageBase); + ASSERT_EFI_ERROR (Status); + + // + // Find PEI Core EntryPoint in the BFV in temporary memory. + // + Status =3D PeCoffLoaderGetEntryPoint ((VOID *) (UINTN) PeiCoreImageBas= e, &PeiCoreEntryPoint); + ASSERT_EFI_ERROR (Status); + + OrgImageBase =3D (UINTN) PeiCoreImageBase; + MigratedImageBase =3D (UINTN) _ModuleEntryPoint - ((UINTN) PeiCoreEntr= yPoint - (UINTN) PeiCoreImageBase); + + // + // Size of loaded PEI_CORE in permanent memory. + // + PeiCoreModuleSize =3D (UINTN)FileInfo.BufferSize - ((UINTN) OrgImageBa= se - (UINTN) FileInfo.Buffer); + + // + // Migrate PEI_CORE PPI pointers from temporary memory to newly + // installed PEI_CORE in permanent memory. + // + ConvertPpiPointersFv (PrivateData, (UINTN) OrgImageBase, (UINTN) Migra= tedImageBase, PeiCoreModuleSize); + } +} + --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61942): https://edk2.groups.io/g/devel/message/61942 Mute This Topic: https://groups.io/mt/75252660/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61943+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61943+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666937; cv=none; d=zohomail.com; s=zohoarc; b=mJZ+1AzLDXVMG8SL7HMZf0Dt8nyGTjOd2LxH9H46us3UDiBZ8ETlnuWmpsCVtQFT87R2c/i4sPy/eb9Ry6H6AOKQMesWn5oNiDRN9kBqku/O1e8pMcsSdEGiDoNrJ5DnZeZsiN7TX67XKY4b1RhWYBCTf5eKE4HMZfXEAlklPvc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666937; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=tPCWsCaIHLC/uo/BGPudCQUBjO4Tg7XX+b+7YltrwRk=; b=B8STXYGzXyPawGmvez81Rx7KfEzLBVewoUZD93fLcrtAi1XnLIEKcY4gD2YbLgyRWaS5XW3l5qtGFBv+CoK1pKDO+AGz3yBFWQiDMlhgZYtmu5Eo5WpHB8XPag/sbt3YTVpjZGaCfZJafe9c6RHrgMBeN28Lib7J1Avp1E3EpuM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61943+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666937635279.51838264386345; Wed, 1 Jul 2020 22:15:37 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id tBe8YY1788612x8tRB1AVQpd; Wed, 01 Jul 2020 22:15:37 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:36 -0700 IronPort-SDR: a4F0kTU3kQ7V9bRsXmdrBK1Hkra399tgw9/R65lvG/1welMLjsGDY01HjIEZbcC7zbLf0pFsGq R+WfJANK4Rwg== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319024" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319024" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:36 -0700 IronPort-SDR: 4b+RuCQGaqwfRwxJwEDCf9/cb9W5w0ExlZ5xynTaJ2QhycNvu98TJweA4RZARK+2qtEp5+8XZP enV6WrS+F7Pw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455384873" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:34 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Michael Kubacki , Eric Dong , Ray Ni , Laszlo Ersek , Rahul Kumar Subject: [edk2-devel] [PATCH v2 2/9] UefiCpuPkg/CpuMpPei: Add GDT and IDT migration support (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:18 +0800 Message-Id: <20200702051525.1102-3-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: 2RxO9yIsiwXFv4abongD5YQax1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666937; bh=SBPZPee7Vd+W2NgFpxOCsK/W3gknCXxvM88sm2mQp44=; h=Cc:Date:From:Reply-To:Subject:To; b=ewWe2+OFQ8jSi9E5wI91u8NvnVxSjGIGml+2ZHs0rfO/udQdrYBmgVCiTMVe8j/sYgY K/EfoMBC/iEF3ex6iKC68cYOPdTtIoXguLKTGeXTomRpslNXbKAaDLE/Oq9hicpHz+vAd HDWM6Ux03rX2srIrMaCHB6CT2gB8Go7bxj8= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Michael Kubacki REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 Moves the GDT and IDT to permanent memory in a memory discovered callback. This is done to ensure the GDT and IDT authenticated in pre-memory is not fetched from outside a verified location after the permanent memory transition. Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Cc: Rahul Kumar Signed-off-by: Michael Kubacki --- UefiCpuPkg/CpuMpPei/CpuMpPei.c | 40 ++++++++++++++++++- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 13 ++++++ UefiCpuPkg/CpuMpPei/CpuPaging.c | 14 +++++-- .../Ia32/ArchExceptionHandler.c | 4 +- .../SecPeiCpuException.c | 2 +- 5 files changed, 65 insertions(+), 8 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.c b/UefiCpuPkg/CpuMpPei/CpuMpPei.c index 07ccbe7c6a91..2d6f1bc98851 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.c +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.c @@ -429,6 +429,44 @@ GetGdtr ( AsmReadGdtr ((IA32_DESCRIPTOR *)Buffer); } =20 +/** + Migrates the Global Descriptor Table (GDT) to permanent memory. + + @retval EFI_SUCCESS The GDT was migrated successfully. + @retval EFI_OUT_OF_RESOURCES The GDT could not be migrated due to lac= k of available memory. + +**/ +EFI_STATUS +EFIAPI +MigrateGdt ( + VOID + ) +{ + EFI_STATUS Status; + UINTN GdtBufferSize; + IA32_DESCRIPTOR Gdtr; + UINT8 *GdtBuffer; + + AsmReadGdtr ((IA32_DESCRIPTOR *) &Gdtr); + GdtBufferSize =3D sizeof (IA32_TSS_DESCRIPTOR) + Gdtr.Limit + 1; + + Status =3D PeiServicesAllocatePool ( + GdtBufferSize, + (VOID **) &GdtBuffer + ); + ASSERT (GdtBuffer !=3D NULL); + if (EFI_ERROR (Status)) { + return EFI_OUT_OF_RESOURCES; + } + + GdtBuffer =3D ALIGN_POINTER (GdtBuffer, sizeof (IA32_TSS_DESCRIPTOR)); + CopyMem ((VOID *) (UINTN) GdtBuffer, (VOID *) Gdtr.Base, Gdtr.Limit + 1); + Gdtr.Base =3D (UINT32)(UINTN) GdtBuffer; + AsmWriteGdtr (&Gdtr); + + return EFI_SUCCESS; +} + /** Initializes CPU exceptions handlers for the sake of stack switch require= ment. =20 @@ -644,7 +682,7 @@ InitializeCpuMpWorker ( &gEfiVectorHandoffInfoPpiGuid, 0, NULL, - (VOID **)&VectorHandoffInfoPpi + (VOID **) &VectorHandoffInfoPpi ); if (Status =3D=3D EFI_SUCCESS) { VectorInfo =3D VectorHandoffInfoPpi->Info; diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.h b/UefiCpuPkg/CpuMpPei/CpuMpPei.h index 7d5c527d6006..5dc956409594 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.h +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.h @@ -397,6 +397,19 @@ SecPlatformInformation2 ( OUT EFI_SEC_PLATFORM_INFORMATION_RECORD2 *PlatformInformationRecord2 ); =20 +/** + Migrates the Global Descriptor Table (GDT) to permanent memory. + + @retval EFI_SUCCESS The GDT was migrated successfully. + @retval EFI_OUT_OF_RESOURCES The GDT could not be migrated due to lac= k of available memory. + +**/ +EFI_STATUS +EFIAPI +MigrateGdt ( + VOID + ); + /** Initializes MP and exceptions handlers. =20 diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin= g.c index a462e7ee1e38..d0cbebf70bbf 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -152,7 +152,7 @@ GetPhysicalAddressWidth ( Get the type of top level page table. =20 @retval Page512G PML4 paging. - @retval Page1G PAE paing. + @retval Page1G PAE paging. =20 **/ PAGE_ATTRIBUTE @@ -582,7 +582,7 @@ SetupStackGuardPage ( } =20 /** - Enabl/setup stack guard for each processor if PcdCpuStackGuard is set to= TRUE. + Enable/setup stack guard for each processor if PcdCpuStackGuard is set t= o TRUE. =20 Doing this in the memory-discovered callback is to make sure the Stack G= uard feature to cover as most PEI code as possible. @@ -602,8 +602,14 @@ MemoryDiscoveredPpiNotifyCallback ( IN VOID *Ppi ) { - EFI_STATUS Status; - BOOLEAN InitStackGuard; + EFI_STATUS Status; + BOOLEAN InitStackGuard; + BOOLEAN InterruptState; + + InterruptState =3D SaveAndDisableInterrupts (); + Status =3D MigrateGdt (); + ASSERT_EFI_ERROR (Status); + SetInterruptState (InterruptState); =20 // // Paging must be setup first. Otherwise the exception TSS setup during = MP diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHa= ndler.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandl= er.c index 1aafb7dac139..903449e0daa9 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandler.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchExceptionHandler.c @@ -18,8 +18,8 @@ **/ VOID ArchUpdateIdtEntry ( - IN IA32_IDT_GATE_DESCRIPTOR *IdtEntry, - IN UINTN InterruptHandler + OUT IA32_IDT_GATE_DESCRIPTOR *IdtEntry, + IN UINTN InterruptHandler ) { IdtEntry->Bits.OffsetLow =3D (UINT16)(UINTN)InterruptHandler; diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c= b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c index 20148db74cf8..d4ae153c5742 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c @@ -87,7 +87,7 @@ InitializeCpuExceptionHandlers ( IdtEntryCount =3D (IdtDescriptor.Limit + 1) / sizeof (IA32_IDT_GATE_DESC= RIPTOR); if (IdtEntryCount > CPU_EXCEPTION_NUM) { // - // CPU exeption library only setup CPU_EXCEPTION_NUM exception handler= at most + // CPU exception library only setup CPU_EXCEPTION_NUM exception handle= r at most // IdtEntryCount =3D CPU_EXCEPTION_NUM; } --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61943): https://edk2.groups.io/g/devel/message/61943 Mute This Topic: https://groups.io/mt/75252661/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61944+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61944+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666940; cv=none; d=zohomail.com; s=zohoarc; b=TKkO+mEuC31aeVvP+zMHWztKOs+pce+NZ4REsRt/t0NGE9/cVI3VuWYnUDpOhFjFR8rX8zq8+rtXhd5FzbJ+fj989JQvoSXP9GgXt0jJMnZi347zXDBxiLv8wG6TeDmoYX0f65WudEauuOVzWwF50WoqmESzH/XB4LIavIkXYcg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666940; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=32xE1wGyTIOBPL8gKW7yn8zUwUdKVDbYeVKDHZRsxKk=; b=Q72GNfyGHLKXnqTCskO7l9ECKTTJJ8LraON8YLKmpvQehgUKT9JHCxnm+v9yb7inKi12bOXNVw8EeS8aE9bZ+muMmjgpihq8CUZCQe517kbpZmYMURhGoSR7KV1kEWFRdJeyTzLrQuM70I4M/AD73aavhpzNjdDe7SuiAp4LUaE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61944+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666940411142.8259925243991; Wed, 1 Jul 2020 22:15:40 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id dg4RYY1788612xU3WEb4GVn3; Wed, 01 Jul 2020 22:15:40 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:39 -0700 IronPort-SDR: daP297dzn9t8tKu9LwNXf5OU8cQV6V4As2SSu9MjqfuZ29OTmJ7azp9Je33CCwhHSfiGjsFmMd ZROVVzVytsCw== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319033" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319033" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:39 -0700 IronPort-SDR: 7b3a48jrk7cxXkj4YR3VNRLDECtfdKSXB9IU2ro8vZJGCqdxetWYHTjlv/bPrLbrNIbyznHss8 QmhiLMswgp+A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455384932" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:36 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Michael Kubacki , Eric Dong , Ray Ni , Laszlo Ersek , Rahul Kumar , Debkumar De , Harry Han , Catharine West Subject: [edk2-devel] [PATCH v2 3/9] UefiCpuPkg/SecMigrationPei: Add initial PEIM (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:19 +0800 Message-Id: <20200702051525.1102-4-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: xeSGPmIatdVluELcHF3vc0m9x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666940; bh=Nul7I7fWnvKx70LuqG9Pg2Ps/YL4sbXAlDHZqoK2oT4=; h=Cc:Date:From:Reply-To:Subject:To; b=SQl6Rg7ph9oqg4dJufgDqfQ9WVZFOAaZvk5hJ/j0NNndYNMaxzhhCvMWjmHT6vqxqVe UPg6JdQCPaMC8hqYt3f3zwmlyDQ8/nl8smr300Rq5jXhCZf3V8ORMoZF/PV2oI/QfyYj3 No2kbNln/MmYGJUY2hXMDAzAUoJvMZnIwec= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Michael Kubacki REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 Adds a PEIM that republishes structures produced in SEC. This is done because SEC modules may not be shadowed in some platforms due to space constraints or special alignment requirements. The SecMigrationPei module locates interfaces that may be published in SEC and reinstalls the interface with permanent memory addresses. This is important if pre-memory address access is forbidden after memory initialization and data such as a PPI descriptor, PPI GUID, or PPI inteface reside in pre-memory. Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Cc: Rahul Kumar Cc: Debkumar De Cc: Harry Han Cc: Catharine West Signed-off-by: Michael Kubacki --- UefiCpuPkg/Include/Ppi/RepublishSecPpi.h | 54 +++ UefiCpuPkg/SecCore/SecCore.inf | 2 + UefiCpuPkg/SecCore/SecMain.c | 26 +- UefiCpuPkg/SecCore/SecMain.h | 1 + UefiCpuPkg/SecMigrationPei/SecMigrationPei.c | 372 ++++++++++++++++++ UefiCpuPkg/SecMigrationPei/SecMigrationPei.h | 170 ++++++++ .../SecMigrationPei/SecMigrationPei.inf | 64 +++ .../SecMigrationPei/SecMigrationPei.uni | 13 + UefiCpuPkg/UefiCpuPkg.dec | 4 + UefiCpuPkg/UefiCpuPkg.dsc | 1 + 10 files changed, 705 insertions(+), 2 deletions(-) create mode 100644 UefiCpuPkg/Include/Ppi/RepublishSecPpi.h create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.c create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.h create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni diff --git a/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h b/UefiCpuPkg/Include/= Ppi/RepublishSecPpi.h new file mode 100644 index 000000000000..6fb9f1b005b4 --- /dev/null +++ b/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h @@ -0,0 +1,54 @@ +/** @file + This file declares Sec Platform Information PPI. + + This service is the primary handoff state into the PEI Foundation. + The Security (SEC) component creates the early, transitory memory + environment and also encapsulates knowledge of at least the + location of the Boot Firmware Volume (BFV). + + Copyright (c) 2020, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Revision Reference: + This PPI is introduced in PI Version 1.0. + +**/ + +#ifndef __REPUBLISH_SEC_PPI_H__ +#define __REPUBLISH_SEC_PPI_H__ + +#include + +#define REPUBLISH_SEC_PPI_PPI_GUID \ + { \ + 0x27a71b1e, 0x73ee, 0x43d6, { 0xac, 0xe3, 0x52, 0x1a, 0x2d, 0xc5, 0xd0= , 0x92 } \ + } + +typedef struct _REPUBLISH_SEC_PPI_PPI REPUBLISH_SEC_PPI_PPI; + +/** + This interface re-installs PPIs installed in SecCore from a post-memory = PEIM. + + This is to allow a platform that may not support relocation of SecCore t= o update the PPI instance to a post-memory + copy from a PEIM that has been shadowed to permanent memory. + + @retval EFI_SUCCESS The SecCore PPIs were re-installed successfully. + @retval Others An error occurred re-installing the SecCore PPIs. + +**/ +typedef +EFI_STATUS +(EFIAPI *REPUBLISH_SEC_PPI_REPUBLISH_SEC_PPIS)( + VOID + ); + +/// +/// +/// +struct _REPUBLISH_SEC_PPI_PPI { + REPUBLISH_SEC_PPI_REPUBLISH_SEC_PPIS RepublishSecPpis; +}; + +extern EFI_GUID gRepublishSecPpiPpiGuid; + +#endif diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf index 0562820c95e0..545781d6b4b3 100644 --- a/UefiCpuPkg/SecCore/SecCore.inf +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -68,6 +68,8 @@ [Ppis] ## SOMETIMES_CONSUMES gPeiSecPerformancePpiGuid gEfiPeiCoreFvLocationPpiGuid + ## CONSUMES + gRepublishSecPpiPpiGuid =20 [Guids] ## SOMETIMES_PRODUCES ## HOB diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c index 5d5e7f17dced..155be49a6011 100644 --- a/UefiCpuPkg/SecCore/SecMain.c +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -370,13 +370,35 @@ SecTemporaryRamDone ( VOID ) { - BOOLEAN State; + EFI_STATUS Status; + EFI_STATUS Status2; + UINTN Index; + BOOLEAN State; + EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor; + REPUBLISH_SEC_PPI_PPI *RepublishSecPpiPpi; =20 // // Republish Sec Platform Information(2) PPI // RepublishSecPlatformInformationPpi (); =20 + // + // Re-install SEC PPIs using a PEIM produced service if published + // + for (Index =3D 0, Status =3D EFI_SUCCESS; Status =3D=3D EFI_SUCCESS; Ind= ex++) { + Status =3D PeiServicesLocatePpi ( + &gRepublishSecPpiPpiGuid, + Index, + &PeiPpiDescriptor, + (VOID **) &RepublishSecPpiPpi + ); + if (!EFI_ERROR (Status)) { + DEBUG ((DEBUG_INFO, "Calling RepublishSecPpi instance %d.\n", Index)= ); + Status2 =3D RepublishSecPpiPpi->RepublishSecPpis (); + ASSERT_EFI_ERROR (Status2); + } + } + // // Migrate DebugAgentContext. // @@ -385,7 +407,7 @@ SecTemporaryRamDone ( // // Disable interrupts and save current interrupt state // - State =3D SaveAndDisableInterrupts(); + State =3D SaveAndDisableInterrupts (); =20 // // Disable Temporary RAM after Stack and Heap have been migrated at this= point. diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h index e8c05d713668..e20bcf86532c 100644 --- a/UefiCpuPkg/SecCore/SecMain.h +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -15,6 +15,7 @@ #include #include #include +#include =20 #include =20 diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c b/UefiCpuPkg/SecM= igrationPei/SecMigrationPei.c new file mode 100644 index 000000000000..f96013b09b21 --- /dev/null +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c @@ -0,0 +1,372 @@ +/** @file + Migrates SEC structures after permanent memory is installed. + + Copyright (c) 2020, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "SecMigrationPei.h" + +STATIC REPUBLISH_SEC_PPI_PPI mEdkiiRepublishSecPpiPpi =3D { + RepublishSecPpis + }; + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_SEC_PLATFORM_INFORMATION_PPI mSecPlatfo= rmInformationPostMemoryPpi =3D { + SecPlatf= ormInformationPostMemory + }; + + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_TEMPORARY_RAM_DONE_PPI mSecTemporary= RamDonePostMemoryPpi =3D { + SecTemporar= yRamDonePostMemory + }; + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI mSecTempor= aryRamSupportPostMemoryPpi =3D { + SecTempo= raryRamSupportPostMemory + }; + +GLOBAL_REMOVE_IF_UNREFERENCED PEI_SEC_PERFORMANCE_PPI mSecPerformancePpi = =3D { + GetPerformancePost= Memory + }; + +STATIC EFI_PEI_PPI_DESCRIPTOR mEdkiiRepublishSecPpiDescriptor =3D { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gRepublishSecPpiPpiGuid, + &mEdkiiRepublishSecPpiPpi + }; + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecPlatformInformati= onPostMemoryDescriptor =3D { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gEfiSecPlatformInformationPpiGuid, + &mSecPlatformInformationPostMemoryPpi + }; + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecTemporaryRamDoneP= ostMemoryDescriptor =3D { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gEfiTemporaryRamDonePpiGuid, + &mSecTemporaryRamDonePostMemoryPpi + }; + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecTemporaryRamSuppo= rtPostMemoryDescriptor =3D { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gEfiTemporaryRamSupportPpiGuid, + &mSecTemporaryRamSupportPostMemoryPpi + }; + +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecPerformancePpiDes= criptor =3D { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gPeiSecPerformancePpiGuid, + &mSecPerformancePpi + }; + +/** + Disables the use of Temporary RAM. + + If present, this service is invoked by the PEI Foundation after + the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed. + + @retval EFI_SUCCESS Use of Temporary RAM was disabled. + @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled. + +**/ +EFI_STATUS +EFIAPI +SecTemporaryRamDonePostMemory ( + VOID + ) +{ + // + // Temporary RAM Done is already done in post-memory + // install a stub function that is located in permanent memory + // + return EFI_SUCCESS; +} + +/** + This service of the EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI that migrates temp= orary RAM into + permanent memory. + + @param PeiServices Pointer to the PEI Services Table. + @param TemporaryMemoryBase Source Address in temporary memory from wh= ich the SEC or PEIM will copy the + Temporary RAM contents. + @param PermanentMemoryBase Destination Address in permanent memory in= to which the SEC or PEIM will copy the + Temporary RAM contents. + @param CopySize Amount of memory to migrate from temporary= to permanent memory. + + @retval EFI_SUCCESS The data was successfully returned. + @retval EFI_INVALID_PARAMETER PermanentMemoryBase + CopySize > Temporary= MemoryBase when + TemporaryMemoryBase > PermanentMemoryBase. + +**/ +EFI_STATUS +EFIAPI +SecTemporaryRamSupportPostMemory ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN EFI_PHYSICAL_ADDRESS TemporaryMemoryBase, + IN EFI_PHYSICAL_ADDRESS PermanentMemoryBase, + IN UINTN CopySize + ) +{ + // + // Temporary RAM Support is already done in post-memory + // install a stub function that is located in permanent memory + // + return EFI_SUCCESS; +} + +/** + This interface conveys performance information out of the Security (SEC)= phase into PEI. + + This service is published by the SEC phase. The SEC phase handoff has an= optional + EFI_PEI_PPI_DESCRIPTOR list as its final argument when control is passed= from SEC into the + PEI Foundation. As such, if the platform supports collecting performance= data in SEC, + this information is encapsulated into the data structure abstracted by t= his service. + This information is collected for the boot-strap processor (BSP) on IA-3= 2. + + @param[in] PeiServices The pointer to the PEI Services Table. + @param[in] This The pointer to this instance of the PEI_SEC_PER= FORMANCE_PPI. + @param[out] Performance The pointer to performance data collected in SE= C phase. + + @retval EFI_SUCCESS The performance data was successfully returned. + +**/ +EFI_STATUS +EFIAPI +GetPerformancePostMemory ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN PEI_SEC_PERFORMANCE_PPI *This, + OUT FIRMWARE_SEC_PERFORMANCE *Performance + ) +{ + SEC_PLATFORM_INFORMATION_CONTEXT_HOB *SecPlatformInformationContexHob; + + if (This =3D=3D NULL || Performance =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + SecPlatformInformationContexHob =3D GetFirstGuidHob (&gEfiCallerIdGuid); + if (SecPlatformInformationContexHob =3D=3D NULL) { + return EFI_NOT_FOUND; + } + + Performance->ResetEnd =3D SecPlatformInformationContexHob->FirmwareSecPe= rformance.ResetEnd; + + return EFI_SUCCESS; +} + +/** + This interface conveys state information out of the Security (SEC) phase= into PEI. + + @param[in] PeiServices Pointer to the PEI Services Tab= le. + @param[in,out] StructureSize Pointer to the variable describ= ing size of the input buffer. + @param[out] PlatformInformationRecord Pointer to the EFI_SEC_PLATFORM= _INFORMATION_RECORD. + + @retval EFI_SUCCESS The data was successfully returned. + @retval EFI_BUFFER_TOO_SMALL The buffer was too small. + +**/ +EFI_STATUS +EFIAPI +SecPlatformInformationPostMemory ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN OUT UINT64 *StructureSize, + OUT EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord + ) +{ + SEC_PLATFORM_INFORMATION_CONTEXT_HOB *SecPlatformInformationContexHob; + + if (StructureSize =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + SecPlatformInformationContexHob =3D GetFirstGuidHob (&gEfiCallerIdGuid); + if (SecPlatformInformationContexHob =3D=3D NULL) { + return EFI_NOT_FOUND; + } + + if (*StructureSize < SecPlatformInformationContexHob->Context.StructureS= ize) { + *StructureSize =3D SecPlatformInformationContexHob->Context.StructureS= ize; + return EFI_BUFFER_TOO_SMALL; + } + + if (PlatformInformationRecord =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + *StructureSize =3D SecPlatformInformationContexHob->Context.StructureSiz= e; + CopyMem ( + (VOID *) PlatformInformationRecord, + (VOID *) SecPlatformInformationContexHob->Context.PlatformInformationR= ecord, + (UINTN) SecPlatformInformationContexHob->Context.StructureSize + ); + + return EFI_SUCCESS; +} + +/** + This interface re-installs PPIs installed in SecCore from a post-memory = PEIM. + + This is to allow a platform that may not support relocation of SecCore t= o update the PPI instance to a post-memory + copy from a PEIM that has been shadowed to permanent memory. + + @retval EFI_SUCCESS The SecCore PPIs were re-installed successfully. + @retval Others An error occurred re-installing the SecCore PPIs. + +**/ +EFI_STATUS +EFIAPI +RepublishSecPpis ( + VOID + ) +{ + EFI_STATUS Status; + EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor; + VOID *PeiPpi; + SEC_PLATFORM_INFORMATION_CONTEXT_HOB *SecPlatformInformationContextHob; + EFI_SEC_PLATFORM_INFORMATION_RECORD *SecPlatformInformationPtr; + UINT64 SecStructureSize; + + SecPlatformInformationPtr =3D NULL; + SecStructureSize =3D 0; + + Status =3D PeiServicesLocatePpi ( + &gEfiTemporaryRamDonePpiGuid, + 0, + &PeiPpiDescriptor, + (VOID **) &PeiPpi + ); + if (!EFI_ERROR (Status)) { + Status =3D PeiServicesReInstallPpi ( + PeiPpiDescriptor, + &mSecTemporaryRamDonePostMemoryDescriptor + ); + ASSERT_EFI_ERROR (Status); + } + + Status =3D PeiServicesLocatePpi ( + &gEfiTemporaryRamSupportPpiGuid, + 0, + &PeiPpiDescriptor, + (VOID **) &PeiPpi + ); + if (!EFI_ERROR (Status)) { + Status =3D PeiServicesReInstallPpi ( + PeiPpiDescriptor, + &mSecTemporaryRamSupportPostMemoryDescriptor + ); + ASSERT_EFI_ERROR (Status); + } + + Status =3D PeiServicesCreateHob ( + EFI_HOB_TYPE_GUID_EXTENSION, + sizeof (SEC_PLATFORM_INFORMATION_CONTEXT_HOB), + (VOID **) &SecPlatformInformationContextHob + ); + ASSERT_EFI_ERROR (Status); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "SecPlatformInformation Context HOB could not be = created.\n")); + return Status; + } + + SecPlatformInformationContextHob->Header.Name =3D gEfiCallerIdGuid; + SecPlatformInformationContextHob->Revision =3D 1; + + Status =3D PeiServicesLocatePpi ( + &gPeiSecPerformancePpiGuid, + 0, + &PeiPpiDescriptor, + (VOID **) &PeiPpi + ); + if (!EFI_ERROR (Status)) { + Status =3D ((PEI_SEC_PERFORMANCE_PPI *) PeiPpi)->GetPerformance ( + GetPeiServicesTablePo= inter (), + (PEI_SEC_PERFORMANCE_= PPI *) PeiPpi, + &SecPlatformInformati= onContextHob->FirmwareSecPerformance + ); + ASSERT_EFI_ERROR (Status); + if (!EFI_ERROR (Status)) { + Status =3D PeiServicesReInstallPpi ( + PeiPpiDescriptor, + &mSecPerformancePpiDescriptor + ); + ASSERT_EFI_ERROR (Status); + } + } + + Status =3D PeiServicesLocatePpi ( + &gEfiSecPlatformInformationPpiGuid, + 0, + &PeiPpiDescriptor, + (VOID **) &PeiPpi + ); + if (!EFI_ERROR (Status)) { + Status =3D ((EFI_SEC_PLATFORM_INFORMATION_PPI *) PeiPpi)->PlatformInfo= rmation ( + GetPeiServic= esTablePointer (), + &SecStructur= eSize, + SecPlatformI= nformationPtr + ); + ASSERT (Status =3D=3D EFI_BUFFER_TOO_SMALL); + if (Status !=3D EFI_BUFFER_TOO_SMALL) { + return EFI_NOT_FOUND; + } + + ZeroMem ((VOID *) &(SecPlatformInformationContextHob->Context), sizeof= (SEC_PLATFORM_INFORMATION_CONTEXT)); + SecPlatformInformationContextHob->Context.PlatformInformationRecord = =3D AllocatePool ((UINTN) SecStructureSize); + ASSERT (SecPlatformInformationContextHob->Context.PlatformInformationR= ecord !=3D NULL); + if (SecPlatformInformationContextHob->Context.PlatformInformationRecor= d =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + SecPlatformInformationContextHob->Context.StructureSize =3D SecStructu= reSize; + + Status =3D ((EFI_SEC_PLATFORM_INFORMATION_PPI *) PeiPpi)->PlatformInfo= rmation ( + GetPeiServic= esTablePointer (), + &(SecPlatfor= mInformationContextHob->Context.StructureSize), + SecPlatformI= nformationContextHob->Context.PlatformInformationRecord + ); + ASSERT_EFI_ERROR (Status); + if (!EFI_ERROR (Status)) { + Status =3D PeiServicesReInstallPpi ( + PeiPpiDescriptor, + &mSecPlatformInformationPostMemoryDescriptor + ); + ASSERT_EFI_ERROR (Status); + } + } + + return EFI_SUCCESS; +} + +/** + This function is the entry point which installs an instance of REPUBLISH= _SEC_PPI_PPI. + + @param[in] FileHandle Pointer to image file handle. + @param[in] PeiServices Pointer to PEI Services Table + + @retval EFI_SUCCESS An instance of REPUBLISH_SEC_PPI_PPI was installed = successfully. + @retval Others An error occurred installing and instance of REPUBL= ISH_SEC_PPI_PPI. + +**/ +EFI_STATUS +EFIAPI +SecMigrationPeiInitialize ( + IN EFI_PEI_FILE_HANDLE FileHandle, + IN CONST EFI_PEI_SERVICES **PeiServices + ) +{ + EFI_STATUS Status; + + Status =3D PeiServicesInstallPpi (&mEdkiiRepublishSecPpiDescriptor); + ASSERT_EFI_ERROR (Status); + + return Status; +} diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h b/UefiCpuPkg/SecM= igrationPei/SecMigrationPei.h new file mode 100644 index 000000000000..372f8044bdb2 --- /dev/null +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h @@ -0,0 +1,170 @@ +/** @file + Migrates SEC structures after permanent memory is installed. + + Copyright (c) 2020, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __SEC_MIGRATION_H__ +#define __SEC_MIGRATION_H__ + +#include + +#include +#include +#include +#include +#include +#include +#include + +/** + This interface conveys state information out of the Security (SEC) phase= into PEI. + + @param[in] PeiServices Pointer to the PEI Services Tab= le. + @param[in,out] StructureSize Pointer to the variable describ= ing size of the input buffer. + @param[out] PlatformInformationRecord Pointer to the EFI_SEC_PLATFORM= _INFORMATION_RECORD. + + @retval EFI_SUCCESS The data was successfully returned. + @retval EFI_BUFFER_TOO_SMALL The buffer was too small. + +**/ +EFI_STATUS +EFIAPI +SecPlatformInformationPostMemory ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN OUT UINT64 *StructureSize, + OUT EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord + ); + +/** + Re-installs the SEC Platform Information PPIs to implementation in this = module to support post-memory. + + @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES= table published by the PEI Foundation. + @param[in] NotifyDescriptor Address of the notification descriptor data= structure. + @param[in] Ppi Address of the PPI that was installed. + + @retval EFI_SUCCESS The SEC Platform Information PPI could not = be re-installed. + @return Others An error occurred during PPI re-install. + +**/ +EFI_STATUS +EFIAPI +SecPlatformInformationPpiNotifyCallback ( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor, + IN VOID *Ppi + ); + +/** + This interface re-installs PPIs installed in SecCore from a post-memory = PEIM. + + This is to allow a platform that may not support relocation of SecCore t= o update the PPI instance to a post-memory + copy from a PEIM that has been shadowed to permanent memory. + + @retval EFI_SUCCESS The SecCore PPIs were re-installed successfully. + @retval Others An error occurred re-installing the SecCore PPIs. + +**/ +EFI_STATUS +EFIAPI +RepublishSecPpis ( + VOID + ); + +/** + Disables the use of Temporary RAM. + + If present, this service is invoked by the PEI Foundation after + the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed. + + @retval EFI_SUCCESS Use of Temporary RAM was disabled. + @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled. + +**/ +EFI_STATUS +EFIAPI +SecTemporaryRamDonePostMemory ( + VOID + ); + +/** + This service of the EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI that migrates temp= orary RAM into + permanent memory. + + @param PeiServices Pointer to the PEI Services Table. + @param TemporaryMemoryBase Source Address in temporary memory from wh= ich the SEC or PEIM will copy the + Temporary RAM contents. + @param PermanentMemoryBase Destination Address in permanent memory in= to which the SEC or PEIM will copy the + Temporary RAM contents. + @param CopySize Amount of memory to migrate from temporary= to permanent memory. + + @retval EFI_SUCCESS The data was successfully returned. + @retval EFI_INVALID_PARAMETER PermanentMemoryBase + CopySize > Temporary= MemoryBase when + TemporaryMemoryBase > PermanentMemoryBase. + +**/ +EFI_STATUS +EFIAPI +SecTemporaryRamSupportPostMemory ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN EFI_PHYSICAL_ADDRESS TemporaryMemoryBase, + IN EFI_PHYSICAL_ADDRESS PermanentMemoryBase, + IN UINTN CopySize + ); + +/** + This interface conveys performance information out of the Security (SEC)= phase into PEI. + + This service is published by the SEC phase. The SEC phase handoff has an= optional + EFI_PEI_PPI_DESCRIPTOR list as its final argument when control is passed= from SEC into the + PEI Foundation. As such, if the platform supports collecting performance= data in SEC, + this information is encapsulated into the data structure abstracted by t= his service. + This information is collected for the boot-strap processor (BSP) on IA-3= 2. + + @param[in] PeiServices The pointer to the PEI Services Table. + @param[in] This The pointer to this instance of the PEI_SEC_PER= FORMANCE_PPI. + @param[out] Performance The pointer to performance data collected in SE= C phase. + + @retval EFI_SUCCESS The performance data was successfully returned. + +**/ +EFI_STATUS +EFIAPI +GetPerformancePostMemory ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN PEI_SEC_PERFORMANCE_PPI *This, + OUT FIRMWARE_SEC_PERFORMANCE *Performance + ); + +// /** +// Disables the use of Temporary RAM. + +// If present, this service is invoked by the PEI Foundation after +// the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed. + +// @retval EFI_SUCCESS Use of Temporary RAM was disabled. +// @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled. + +// **/ +// EFI_STATUS +// EFIAPI +// SecTemporaryRamDonePostMemory ( +// VOID +// ); + +typedef struct { + UINT64 StructureSize; + EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord; +} SEC_PLATFORM_INFORMATION_CONTEXT; + +typedef struct { + EFI_HOB_GUID_TYPE Header; + UINT8 Revision; + UINT8 Reserved[3]; + FIRMWARE_SEC_PERFORMANCE FirmwareSecPerformance; + SEC_PLATFORM_INFORMATION_CONTEXT Context; +} SEC_PLATFORM_INFORMATION_CONTEXT_HOB; + +#endif diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf b/UefiCpuPkg/Se= cMigrationPei/SecMigrationPei.inf new file mode 100644 index 000000000000..e29c04710941 --- /dev/null +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf @@ -0,0 +1,64 @@ +## @file +# Migrates SEC structures after permanent memory is installed. +# +# Copyright (c) 2019, Intel Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D SecMigrationPei + MODULE_UNI_FILE =3D SecMigrationPei.uni + FILE_GUID =3D 58B35361-8922-41BC-B313-EF7ED9ADFDF7 + MODULE_TYPE =3D PEIM + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D SecMigrationPeiInitialize + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 EBC +# + +[Sources] + SecMigrationPei.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + UefiCpuPkg/UefiCpuPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + HobLib + MemoryAllocationLib + PeimEntryPoint + PeiServicesLib + PeiServicesTablePointerLib + +[Ppis] + ## PRODUCES + gRepublishSecPpiPpiGuid + + ## SOMETIMES_PRODUCES + gEfiTemporaryRamDonePpiGuid + + ## SOMETIME_PRODUCES + gEfiTemporaryRamSupportPpiGuid + + ## SOMETIMES_PRODUCES + gPeiSecPerformancePpiGuid + + ## SOMETIMES_CONSUMES + ## PRODUCES + gEfiSecPlatformInformationPpiGuid + + ## SOMETIMES_CONSUMES + ## SOMETIMES_PRODUCES + gEfiSecPlatformInformation2PpiGuid + +[Depex] + TRUE diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni b/UefiCpuPkg/Se= cMigrationPei/SecMigrationPei.uni new file mode 100644 index 000000000000..62c2064ba217 --- /dev/null +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni @@ -0,0 +1,13 @@ +// /** @file +// Migrates SEC structures after permanent memory is installed. +// +// Copyright (c) 2019, Intel Corporation. All rights reserved.
+// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "Migrates SEC structures a= fter permanent memory is installed" + +#string STR_MODULE_DESCRIPTION #language en-US "Migrates SEC structures a= fter permanent memory is installed." + diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 762badf5d239..0a005bd20311 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -66,6 +66,10 @@ [Guids] ## Include/Guid/MicrocodePatchHob.h gEdkiiMicrocodePatchHobGuid =3D { 0xd178f11d, 0x8716, 0x418e, { 0xa1,= 0x31, 0x96, 0x7d, 0x2a, 0xc4, 0x28, 0x43 }} =20 +[Ppis] + ## Include/Ppi/RepublishSecPpi.h + gRepublishSecPpiPpiGuid =3D { 0x27a71b1e, 0x73ee, 0x43d6, { 0xac, 0xe3= , 0x52, 0x1a, 0x2d, 0xc5, 0xd0, 0x92 }} + [Protocols] ## Include/Protocol/SmmCpuService.h gEfiSmmCpuServiceProtocolGuid =3D { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94,= 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }} diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index afa304128221..964720048dd7 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -146,6 +146,7 @@ [Components.IA32, Components.X64] UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf UefiCpuPkg/SecCore/SecCore.inf + UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf { --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61944): https://edk2.groups.io/g/devel/message/61944 Mute This Topic: https://groups.io/mt/75252662/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61945+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61945+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666942; cv=none; d=zohomail.com; s=zohoarc; b=OklnqC7XvNQfO4/eQImOxZnOugTON/RnRajljGScQR4cFbFgm+wujcgRtE2kHK2KYhnDvRlST3MVmFSK7SDoSd7ldlxZwYY1EVQLqTvf8GmFuh0OB3BmkrHEhZ2RGJ5S7d3EtrLe7RD3ZOGKefucwND4sQr4KhFei/MvW3IqZDY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666942; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=77G9boPSV3gK2dh2DgaNoaK/0pBnSMI2ZrUNSDBBwfM=; b=dPpuqj0IZrxUxa2jcndZlCEpGqbEF2x8jbttMADzWzzNk4yJk1GMedzdfXyGIw7XML4vLF8w3wrTydLsaFqTDWuwq/jDDVmhptv5uG4KMYb2ANteQpdlJFmxMTWho6/5g50qz9nhL/TDKKl4Z6kPzIhx5N+k/6HTgBnyWRKiQgI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61945+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666942095834.6000991829599; Wed, 1 Jul 2020 22:15:42 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id saNkYY1788612xMZ4m9SxpQV; Wed, 01 Jul 2020 22:15:41 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:41 -0700 IronPort-SDR: U7q+0mEqBdZP2bLr1g41i6iYmftkVqm+LZ0z84QeBvgWVxUhYH6ARI+1PpnNMUaJMwmzU5EM6O CVCUhbZXqAyA== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319042" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319042" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:41 -0700 IronPort-SDR: qjR+xTd2hOtzeA+iWXY/fUKkz/bexNcOfpmcIsTqTuyVe1JTMQASXKG69XkLfuaiISMjpDoVih 2mXnoaWOCdHw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455384961" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:39 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao Subject: [edk2-devel] [PATCH v2 4/9] MdeModulePkg/DxeIplPeim: Register for shadow on S3 shadowed boot (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:20 +0800 Message-Id: <20200702051525.1102-5-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: 9XIajaaxf12wPV3uIXhlypQcx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666941; bh=gA5p1F1/aOug0qWY1YvVZW41HGVz08ct3yhZgUPmhN4=; h=Cc:Date:From:Reply-To:Subject:To; b=sDrDj5cTD1jnUocvdJrG/hkXpYcbHJemq9RuZvIyBCGMSjbUStNC/0dG2b0DwMxn3ZZ qqI6RG6kXCNU13TGJ6OXYWxsEJ/ylpJlpmeRMLURyIUBHujYz/96MUylRXiZBpl/MJA75 s2N+qmGQloaUnqnkr/MkbzDF8W4D1saUC4A= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jian J Wang REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 Cc: Jian J Wang Cc: Hao A Wu Cc: Dandan Bi Cc: Liming Gao Signed-off-by: Jian J Wang --- MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 3 +++ MdeModulePkg/Core/DxeIplPeim/DxeLoad.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/Dx= eIplPeim/DxeIpl.inf index 3f1702854660..4ab54594ed66 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf @@ -121,6 +121,9 @@ [Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIM= ES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIM= ES_CONSUMES =20 +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdShadowPeimOnS3Boot ## CONSUMES + [Depex] gEfiPeiLoadFilePpiGuid AND gEfiPeiMasterBootModePpiGuid =20 diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c b/MdeModulePkg/Core/Dxe= IplPeim/DxeLoad.c index d48028cea0dd..9e1831c69819 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c +++ b/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c @@ -77,7 +77,7 @@ PeimInitializeDxeIpl ( =20 BootMode =3D GetBootModeHob (); =20 - if (BootMode !=3D BOOT_ON_S3_RESUME) { + if (BootMode !=3D BOOT_ON_S3_RESUME || PcdGetBool (PcdShadowPeimOnS3Boot= )) { Status =3D PeiServicesRegisterForShadow (FileHandle); if (Status =3D=3D EFI_SUCCESS) { // --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61945): https://edk2.groups.io/g/devel/message/61945 Mute This Topic: https://groups.io/mt/75252663/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61946+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61946+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666944; cv=none; d=zohomail.com; s=zohoarc; b=C8RmAUZS5RHQpSALa48kXVwtbCV1vfr3oa5pcgbQUZn9+zlVwMBE2XAfZXhYy21rBcJ0QgCfKldK009XVSQo1qvxiWfJM02e/wamJ84bSdZiYbbeZL1+7a9LfS//7dFgKsOI6qvFN+nTejw2FQ0UWXG6eMc13w3x0hWRdk+yldA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666944; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=iSpWCIzkSiqUwyHNLHquKMUMrGinRE5fmNefCgfP3uk=; b=FLpTP8Mq6K4DHAuED6EDFDZiepr9wOmHUpMjaH3QkwFS8vmF2uT6BtPUPncDAVvVQSZxydtlI1ZNthD1n5/P1CTbba+ho6yKuz0/+/4jeSg1CqIClxLpRBPgh0lOr36mCxyVkQ0P7oxFl6dcRzzvQHA6/o1RVyw48vYYs8XfoNM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61946+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666944388811.880044801287; Wed, 1 Jul 2020 22:15:44 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id PHOoYY1788612xi5G9SVsKJM; Wed, 01 Jul 2020 22:15:44 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:43 -0700 IronPort-SDR: Aah0lBvsUy8bxlvtHeC4+k8aasJ+tgzTmoHhlmmkFTS65sP3rlxUKdHtGIPEMjYtgbHbttfOrR +WDTz7EH+zcw== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319057" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319057" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:43 -0700 IronPort-SDR: F8xyuFTlHtMAtQiHGikGiFsnrNxiuxcQtcIAesIDNyY0vABac+BzCyPwJmJ/kn+dUve8Qy8mnI eiJhWXJkGqKA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455384992" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:41 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao , Debkumar De , Harry Han , Catharine West Subject: [edk2-devel] [PATCH v2 5/9] MdeModulePkg/Core: Create Migrated FV Info Hob for calculating hash (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:21 +0800 Message-Id: <20200702051525.1102-6-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: m2IoAJhCffEF7Nl3Dx7xUA49x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666944; bh=X6PncEdmRg1Vim8U3Jkn8m6VipyU20DMXWCZ66ZRqsc=; h=Cc:Date:From:Reply-To:Subject:To; b=EE4bYHuh6FxKkBdX0412pZ8O5ltU4VuJ5Yka6FkBdgOO2fdDpqgQbOmhCk1E5EqqaeY +5oS43pTcmluxNtRP95+C6V5gPp2fzm/f9rfNOxTD1uLp4VXNmhiheMoOebKVQx965N3J wORxdG2X2H/66XU5V1ymIodYwpNPqdMJ4M8= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 When we allocate pool to save rebased the PEIMs, the address will change randomly, therefore the hash will change and result PCR0 change as well. To avoid this, we save the raw PEIMs and use it to calculate hash. Cc: Jian J Wang Cc: Hao A Wu Cc: Dandan Bi Cc: Liming Gao Cc: Debkumar De Cc: Harry Han Cc: Catharine West Signed-off-by: Guomin Jiang --- MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c | 15 +++++++++++++ MdeModulePkg/Core/Pei/PeiMain.h | 1 + MdeModulePkg/Core/Pei/PeiMain.inf | 1 + MdeModulePkg/Include/Guid/MigratedFvInfo.h | 22 +++++++++++++++++++ MdeModulePkg/MdeModulePkg.dec | 3 +++ 5 files changed, 42 insertions(+) create mode 100644 MdeModulePkg/Include/Guid/MigratedFvInfo.h diff --git a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c b/MdeModulePkg/C= ore/Pei/Dispatcher/Dispatcher.c index ef88b3423376..7e1ac38f35c8 100644 --- a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c +++ b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c @@ -1223,10 +1223,12 @@ EvacuateTempRam ( EFI_FIRMWARE_VOLUME_HEADER *FvHeader; EFI_FIRMWARE_VOLUME_HEADER *ChildFvHeader; EFI_FIRMWARE_VOLUME_HEADER *MigratedFvHeader; + EFI_FIRMWARE_VOLUME_HEADER *RawDataFvHeader; EFI_FIRMWARE_VOLUME_HEADER *MigratedChildFvHeader; =20 PEI_CORE_FV_HANDLE PeiCoreFvHandle; EFI_PEI_CORE_FV_LOCATION_PPI *PeiCoreFvLocationPpi; + EDKII_MIGRATED_FV_INFO MigratedFvInfo; =20 ASSERT (Private->PeiMemoryInstalled); =20 @@ -1270,6 +1272,13 @@ EvacuateTempRam ( ); ASSERT_EFI_ERROR (Status); =20 + Status =3D PeiServicesAllocatePages ( + EfiBootServicesCode, + EFI_SIZE_TO_PAGES ((UINTN) FvHeader->FvLength), + (EFI_PHYSICAL_ADDRESS *) &RawDataFvHeader + ); + ASSERT_EFI_ERROR (Status); + DEBUG (( DEBUG_VERBOSE, " Migrating FV[%d] from 0x%08X to 0x%08X\n", @@ -1279,6 +1288,12 @@ EvacuateTempRam ( )); =20 CopyMem (MigratedFvHeader, FvHeader, (UINTN) FvHeader->FvLength); + CopyMem (RawDataFvHeader, MigratedFvHeader, (UINTN) FvHeader->FvLeng= th); + MigratedFvInfo.FvOrgBase =3D (UINT32) (UINTN) FvHeader; + MigratedFvInfo.FvNewBase =3D (UINT32) (UINTN) MigratedFvHeader; + MigratedFvInfo.FvDataBase =3D (UINT32) (UINTN) RawDataFvHeader; + MigratedFvInfo.FvLength =3D (UINT32) (UINTN) FvHeader->FvLength; + BuildGuidDataHob (&gEdkiiMigratedFvInfoGuid, &MigratedFvInfo, sizeof= (MigratedFvInfo)); =20 // // Migrate any children for this FV now diff --git a/MdeModulePkg/Core/Pei/PeiMain.h b/MdeModulePkg/Core/Pei/PeiMai= n.h index b0101dba5e30..cbf74d5b9d9a 100644 --- a/MdeModulePkg/Core/Pei/PeiMain.h +++ b/MdeModulePkg/Core/Pei/PeiMain.h @@ -44,6 +44,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 /// /// It is an FFS type extension used for PeiFindFileEx. It indicates curre= nt diff --git a/MdeModulePkg/Core/Pei/PeiMain.inf b/MdeModulePkg/Core/Pei/PeiM= ain.inf index 5ff14100a65f..c80d16b4efa6 100644 --- a/MdeModulePkg/Core/Pei/PeiMain.inf +++ b/MdeModulePkg/Core/Pei/PeiMain.inf @@ -77,6 +77,7 @@ [Guids] ## CONSUMES ## GUID # Used to compare with FV's file system GUID = and get the FV's file system format gEfiFirmwareFileSystem3Guid gStatusCodeCallbackGuid + gEdkiiMigratedFvInfoGuid ## SOMETIMES_PRODUCES = ## HOB =20 [Ppis] gEfiPeiStatusCodePpiGuid ## SOMETIMES_CONSUMES # Pe= iReportStatusService is not ready if this PPI doesn't exist diff --git a/MdeModulePkg/Include/Guid/MigratedFvInfo.h b/MdeModulePkg/Incl= ude/Guid/MigratedFvInfo.h new file mode 100644 index 000000000000..061c17ed0e48 --- /dev/null +++ b/MdeModulePkg/Include/Guid/MigratedFvInfo.h @@ -0,0 +1,22 @@ +/** @file + Migrated FV information + +Copyright (c) 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __EDKII_MIGRATED_FV_INFO_GUID_H__ +#define __EDKII_MIGRATED_FV_INFO_GUID_H__ + +typedef struct { + UINT32 FvOrgBase; // original FV address + UINT32 FvNewBase; // new FV address + UINT32 FvDataBase; // original FV data + UINT32 FvLength; // Fv Length +} EDKII_MIGRATED_FV_INFO; + +extern EFI_GUID gEdkiiMigratedFvInfoGuid; + +#endif // #ifndef __EDKII_MIGRATED_FV_INFO_GUID_H__ + diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 843e963ad34b..5e25cbe98ada 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -389,6 +389,9 @@ [Guids] ## GUID indicates the capsule is to store Capsule On Disk file names. gEdkiiCapsuleOnDiskNameGuid =3D { 0x98c80a4f, 0xe16b, 0x4d11, { 0x93, 0x= 9a, 0xab, 0xe5, 0x61, 0x26, 0x3, 0x30 } } =20 + ## Include/Guid/MigratedFvInfo.h + gEdkiiMigratedFvInfoGuid =3D { 0xc1ab12f7, 0x74aa, 0x408d, { 0xa2, 0xf4,= 0xc6, 0xce, 0xfd, 0x17, 0x98, 0x71 } } + [Ppis] ## Include/Ppi/AtaController.h gPeiAtaControllerPpiGuid =3D { 0xa45e60d1, 0xc719, 0x44aa, { 0xb0,= 0x7a, 0xaa, 0x77, 0x7f, 0x85, 0x90, 0x6d }} --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61946): https://edk2.groups.io/g/devel/message/61946 Mute This Topic: https://groups.io/mt/75252664/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61947+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61947+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666946; cv=none; d=zohomail.com; s=zohoarc; b=DyZpgGO/t5TFMuGiulhyfP6A7IG5DgAOLFSLXe+pToFH3Cw1buML10rJYpbbAQSoHIfdunezLE6PQEPwYsJLoWTj3P0dwpXlOthUsCX4n0Dp2X8OcJDkB3bMtDCR90gkmXHqrSoqSfhe1s6orKnTsDzLPAsGlYk10N/7rP1Nzgg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666946; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=HA5pPUCzG1I0S0jZv65F7pQaoCZ/Ja7ZffrfZNQ2s60=; b=l/pHjvx5OZQ3XFy46RhxYPrRxnJ0P6d5TWieWuNKEKRoWVTZhTIDMLNxljIyPy5NXEkC8Pbk6wKMZ9m3OT6pMKhQgj5GsYwAtYeN8TloPy6WbPwOoS4d1loz5aq1Q1z0RwuP7r2BKgh/pVjMX/oRj2sBxId+WfFf0f4AZfHm20o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61947+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666946383236.55851840713285; Wed, 1 Jul 2020 22:15:46 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id NtW2YY1788612x8W54a6lxDN; Wed, 01 Jul 2020 22:15:46 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:45 -0700 IronPort-SDR: I2UP6GJtq/jKVy+Ejm4pxJh/8UtzoYDCPNBSv0XBropMIWlNOT2bF542YcBdISG6jaI5y0FBIl KPDes1FzmMcw== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319067" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319067" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:45 -0700 IronPort-SDR: 7OydxfqcRqbaBjUVhXkD+qJooboTHLRfWA8P4qhP9tXaMViM0dd7dmDdNorKpMnAZddTOKDQ7p 2QETwcRuejwA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455385016" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:43 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Qi Zhang , Rahul Kumar Subject: [edk2-devel] [PATCH v2 6/9] SecurityPkg/Tcg2Pei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:22 +0800 Message-Id: <20200702051525.1102-7-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: 9GTmuJasD5c7O6kR6qrUcxyVx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666946; bh=2RCM4oJG7PDcpvfpxHcEgGNEQE7Q1EbUjnl9aXJaq4Q=; h=Cc:Date:From:Reply-To:Subject:To; b=lc6325ldh96EEHMJMDGy95wUxw023ulOrpkiqj2ubIB/e5tu1LZg3XtUIkJhbg3aVKl jzpFjbtNayZ2dJ+uqQX4VMvrc7JctxZzAnM8UBjNEshuWfC8CcOuqYXBIxkPujKaPkCXW IYQpZaUi3kRONJtVRkOx1vMTa9xUnzjTVgQ= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 When we allocate pool to save rebased the PEIMs, the address will change randomly, therefore the hash will change and result PCR0 change as well. To avoid this, we save the raw PEIMs and use it to calculate hash. The Tcg2Pei calculate the hash and it use the Migrated FV Info. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Guomin Jiang --- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 31 ++++++++++++++++++++++++++--- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 1 + 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tc= g2Pei.c index 4852d8690617..651a60c1f0e2 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -21,6 +21,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include @@ -536,6 +537,10 @@ MeasureFvImage ( EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI *PrehashedFvPpi; HASH_INFO *PreHashInfo; UINT32 HashAlgoMask; + EFI_PHYSICAL_ADDRESS FvOrgBase; + EFI_PHYSICAL_ADDRESS FvDataBase; + EFI_PEI_HOB_POINTERS Hob; + EDKII_MIGRATED_FV_INFO *MigratedFvInfo; =20 // // Check Excluded FV list @@ -621,6 +626,26 @@ MeasureFvImage ( Instance++; } while (!EFI_ERROR(Status)); =20 + // + // Search the matched migration FV info + // + FvOrgBase =3D FvBase; + FvDataBase =3D FvBase; + Hob.Raw =3D GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); + while (Hob.Raw !=3D NULL) { + MigratedFvInfo =3D GET_GUID_HOB_DATA (Hob); + if ((MigratedFvInfo->FvNewBase =3D=3D (UINT32) FvBase) && (MigratedFvI= nfo->FvLength =3D=3D (UINT32) FvLength)) { + // + // Found the migrated FV info + // + FvOrgBase =3D (EFI_PHYSICAL_ADDRESS) (UINTN) MigratedFvInfo->FvOrgB= ase; + FvDataBase =3D (EFI_PHYSICAL_ADDRESS) (UINTN) MigratedFvInfo->FvData= Base; + break; + } + Hob.Raw =3D GET_NEXT_HOB (Hob); + Hob.Raw =3D GetNextGuidHob (&gEdkiiMigratedFvInfoGuid, Hob.Raw); + } + // // Init the log event for FV measurement // @@ -631,13 +656,13 @@ MeasureFvImage ( if (FvName !=3D NULL) { AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof(FvBlob2.BlobDe= scription), "Fv(%g)", FvName); } - FvBlob2.BlobBase =3D FvBase; + FvBlob2.BlobBase =3D FvOrgBase; FvBlob2.BlobLength =3D FvLength; TcgEventHdr.EventType =3D EV_EFI_PLATFORM_FIRMWARE_BLOB2; TcgEventHdr.EventSize =3D sizeof (FvBlob2); EventData =3D &FvBlob2; } else { - FvBlob.BlobBase =3D FvBase; + FvBlob.BlobBase =3D FvOrgBase; FvBlob.BlobLength =3D FvLength; TcgEventHdr.PCRIndex =3D 0; TcgEventHdr.EventType =3D EV_EFI_PLATFORM_FIRMWARE_BLOB; @@ -672,7 +697,7 @@ MeasureFvImage ( // Status =3D HashLogExtendEvent ( 0, - (UINT8*) (UINTN) FvBase, // HashData + (UINT8*) (UINTN) FvDataBase, // HashData (UINTN) FvLength, // HashDataLen &TcgEventHdr, // EventHdr EventData // EventData diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/= Tcg2Pei.inf index 3d361e8859e7..367df21eedaf 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -63,6 +63,7 @@ [Guids] gTcgEvent2EntryHobGuid ## = PRODUCES ## HOB gEfiTpmDeviceInstanceNoneGuid ## = SOMETIMES_PRODUCES ## GUID # TPM device identifier gEfiTpmDeviceInstanceTpm12Guid ## = SOMETIMES_PRODUCES ## GUID # TPM device identifier + gEdkiiMigratedFvInfoGuid ## = SOMETIMES_CONSUMES ## HOB =20 [Ppis] gEfiPeiFirmwareVolumeInfoPpiGuid ## = SOMETIMES_CONSUMES ## NOTIFY --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61947): https://edk2.groups.io/g/devel/message/61947 Mute This Topic: https://groups.io/mt/75252665/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61948+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61948+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666948; cv=none; d=zohomail.com; s=zohoarc; b=Hq3Hhey0fClD+5tRinMVsTxlV7Mmbb2K9kJFMBH3twX3MrHsfyzIBRUpkSjx6dL4aE3f6zf8CMOePNNRRzvTnPcXJRcxBeRKd/pskN06D/+6uIA5t3k8Q4vnaLAkpXSf520HZbqhgKBCqQfCeIW3avskGCRbqzTLSmZYDbsq6Yg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666948; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=373nM3LcPkeCkzeyIOKimw+YYaUvoSbWjE4QE7Epzlw=; b=nofJ5eSBgGgYmFX/k1zbPXztCpXDbcLP7n4s8hr6ZfVjJ9cRdnIMp4bf7iFlqZh+R7mGvmZAL5npS+7aIFK5yj1oqiKGEnCClf0sVdkIDEmCW/EPc3FQ52mtIQgAedFWuXvs+rzyh0jQUPreFIbHwgeQsFOd3UqQ3r4AOPts3V0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61948+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666948806421.67241705187666; Wed, 1 Jul 2020 22:15:48 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jHnoYY1788612xkDYGzfajVD; Wed, 01 Jul 2020 22:15:48 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:48 -0700 IronPort-SDR: DM5z7EP4pVzxLTyLBfKgwxgj/s6z0UWKsF6Xyc6qyMZown+U9wlJTQkalDaek3a0H5mW494SI/ kcE9UU54MISw== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319080" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319080" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:47 -0700 IronPort-SDR: dXU6S+XJImh3lH2gcuuHgLQTvAX8gDZJpoMu/E81lAUXJSrA86XpkB6q5aGeL3yfIw1s87EV5J yg/Mw3ek9u8Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455385040" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:45 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao , Debkumar De , Harry Han , Catharine West Subject: [edk2-devel] [PATCH v2 7/9] MdeModulePkg/Core: Add switch to enable or disable TOCTOU feature (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:23 +0800 Message-Id: <20200702051525.1102-8-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: ny6bN9dfc5X1pqLYsDqi7J77x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666948; bh=pDLZoq/Gy69T2Zyl+/LJM10naOusPXifvMNuoX1BVYw=; h=Cc:Date:From:Reply-To:Subject:To; b=fGw5ZqaBxQmdgrBLYAawV0O9GfTE9w8PmWpuNPpDBCBsRPHtJMmWGecoqOOSreMBL2z tzSAUBP04Ap0Eb2/uv3wG2QqXZrCnlZX1YvihcCGS+Pjh+zMpDXsqTxaUUGLl3Sp6/Cwq ea5ilG5lNcK3O559IrgYKLrQx2LoKBYg6Lg= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 Add total switch to enable or disable TOCTOU feature, the vulnerability is critical, so the switch is on normally but if you can disable it according to your needs. Cc: Jian J Wang Cc: Hao A Wu Cc: Dandan Bi Cc: Liming Gao Cc: Debkumar De Cc: Harry Han Cc: Catharine West Signed-off-by: Guomin Jiang --- MdeModulePkg/Core/Pei/PeiMain.inf | 1 + MdeModulePkg/Core/Pei/PeiMain/PeiMain.c | 5 +++-- MdeModulePkg/MdeModulePkg.dec | 5 +++++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Core/Pei/PeiMain.inf b/MdeModulePkg/Core/Pei/PeiM= ain.inf index c80d16b4efa6..0cf357371a16 100644 --- a/MdeModulePkg/Core/Pei/PeiMain.inf +++ b/MdeModulePkg/Core/Pei/PeiMain.inf @@ -111,6 +111,7 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdShadowPeimOnS3Boot = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdShadowPeimOnBoot = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMigrateTemporaryRamFirmwareVolumes = ## CONSUMES =20 # [BootMode] # S3_RESUME ## SOMETIMES_CONSUMES diff --git a/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c b/MdeModulePkg/Core/Pe= i/PeiMain/PeiMain.c index 802cd239e2eb..bc78c3f8ad59 100644 --- a/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c +++ b/MdeModulePkg/Core/Pei/PeiMain/PeiMain.c @@ -419,8 +419,9 @@ PeiCore ( } } else { if ( - (!(PrivateData.HobList.HandoffInformationTable->BootMode =3D=3D BOOT= _ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnBoot)) || - ((PrivateData.HobList.HandoffInformationTable->BootMode =3D=3D BOOT_= ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot)) + ((!(PrivateData.HobList.HandoffInformationTable->BootMode =3D=3D BOO= T_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnBoot)) || + ((PrivateData.HobList.HandoffInformationTable->BootMode =3D=3D BOOT_= ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot))) && + PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes) ) { DEBUG ((DEBUG_VERBOSE, "PPI lists before temporary RAM evacuation:\n= ")); DumpPpiList (&PrivateData); diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 5e25cbe98ada..0a5a167f3e8b 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -1223,6 +1223,11 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @Prompt Shadow Peim and PeiCore on boot gEfiMdeModulePkgTokenSpaceGuid.PcdShadowPeimOnBoot|TRUE|BOOLEAN|0x300010= 29 =20 + ## Indicate if to evacuate from temporary to permanent memory. + # TRUE - Evacuate from temporary memory + # FALSE - Keep the original behavior + gEfiMdeModulePkgTokenSpaceGuid.PcdMigrateTemporaryRamFirmwareVolumes|TRU= E|BOOLEAN|0x3000102A + ## The mask is used to control memory profile behavior.

# BIT0 - Enable UEFI memory profile.
# BIT1 - Enable SMRAM profile.
--=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61948): https://edk2.groups.io/g/devel/message/61948 Mute This Topic: https://groups.io/mt/75252666/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61949+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61949+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666951; cv=none; d=zohomail.com; s=zohoarc; b=O6DII8AG4NdgPSEnEat/136dIFhfWguxkNg6Ftz0+VJ/YrV+oOTtP5cXbriLouGLM3kv0SM1dhbxnUh9nA53d+qVt4Z/s5xJWBSdkPCeBbdlPvoEEFVreA26zBw5o0DMqvwwbm0Q7TV9Qk5+yhlmt640vcLWl/9LtRoasu3c2+c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666951; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=qLto1OlzDWbjm+uPi5He6rxeWetjRyik+Pe/5J7Cy9o=; b=HSP8wQ7DmD1DCZ16jF0g5ALwCWQkE5kGTKO6XRN9nWD2ZTuAF1crkbXlR/ieJ0JX+VHRjoKUDtf/+Z7lBDVC0O6jaO3lcwDjxVHN+SgtKrTr4m3diaLxKt/HxNCaBP7bnnjMaVD2isJSn0KaMhvJiIb0hk/YM9mzIsE3oRFOb0A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61949+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666951005795.843081703235; Wed, 1 Jul 2020 22:15:51 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jHjTYY1788612xI08t5dDPIx; Wed, 01 Jul 2020 22:15:50 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:50 -0700 IronPort-SDR: Kd2sXVXU5RRWTaDIyETNeCLNQVV3pqGV3qsoaYqC4/NrHjFNb6UZyP/ytGvMsLuAE6Zjm3qmaD 37iVyVjd5AZw== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319093" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319093" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:49 -0700 IronPort-SDR: GzVJDPWPqWE23dgye/cyzfJ0twEdF8zQeHJaiWMDgXf772CJeXhVE7UzvBXX7Pw+Fx1FUhzWiL srAClE95hoAA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455385061" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:48 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Laszlo Ersek , Rahul Kumar Subject: [edk2-devel] [PATCH v2 8/9] UefiCpuPkg/SecMigrationPei: Add switch to control if produce PPI (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:24 +0800 Message-Id: <20200702051525.1102-9-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: MR1cdIxfLCIAXlRjmwW1A4vUx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666950; bh=x8+PQ09YttQXqBfLY2fBJSSVTMvhuaM2g3F32gIIdr0=; h=Cc:Date:From:Reply-To:Subject:To; b=ENsgm/S2PB3P4ci08WPyEKLUTB9Jr1OMeqv+o5hDliWGIFsScTl+ZNblMoGld6djRtW L/pOD8hDpPZasIDGhfcBiHRXgdfF6/Q8O2GWOe/qbtl7tGr4J61u76DnZeRClYORX55Ju WSTB7MLogvmHAMilrf8cEsG5Xxz7Mb0SbFM= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 SecMigrationPei create RepublishSecPpi, if the TOCTOU switch is off, the Ppi is meaningless, so relate it with TOCTOU switch to avoid producing useless PPI. Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Cc: Rahul Kumar Signed-off-by: Guomin Jiang --- UefiCpuPkg/SecMigrationPei/SecMigrationPei.c | 8 +++++--- UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf | 4 ++++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c b/UefiCpuPkg/SecM= igrationPei/SecMigrationPei.c index f96013b09b21..ab8066e8e0de 100644 --- a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c @@ -363,10 +363,12 @@ SecMigrationPeiInitialize ( IN CONST EFI_PEI_SERVICES **PeiServices ) { - EFI_STATUS Status; + EFI_STATUS Status =3D EFI_SUCCESS; =20 - Status =3D PeiServicesInstallPpi (&mEdkiiRepublishSecPpiDescriptor); - ASSERT_EFI_ERROR (Status); + if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { + Status =3D PeiServicesInstallPpi (&mEdkiiRepublishSecPpiDescriptor); + ASSERT_EFI_ERROR (Status); + } =20 return Status; } diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf b/UefiCpuPkg/Se= cMigrationPei/SecMigrationPei.inf index e29c04710941..8edbd3aa23a9 100644 --- a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf @@ -60,5 +60,9 @@ [Ppis] ## SOMETIMES_PRODUCES gEfiSecPlatformInformation2PpiGuid =20 +[Pcd] + ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMigrateTemporaryRamFirmwareVolumes + [Depex] TRUE --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61949): https://edk2.groups.io/g/devel/message/61949 Mute This Topic: https://groups.io/mt/75252667/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 23:28:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61950+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61950+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1593666953; cv=none; d=zohomail.com; s=zohoarc; b=SyjITIpxDk7hdne5VJ/NMrWXegN4xEPgyxB928Lu0xSFGv24P3vbQH/+02wShlJKdz2GQD8FGjsE0bS1+y8eByES0yPu8LhO/iNC0wd62XmbBne2Nv83HBzRYmSGe1ckeS5sYy3wBu0cAKcm8vH6GAAMzq4+bCEVnGWdWn/W0L4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1593666953; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=OwdWtjTaA2w+UPOcekOTvf+8SZG/9DNCU7W6hOgP5M4=; b=elUxH5olPrqbG1DseToKm+inV1s0RuQwyCZrmAeBw9Na/WWaHpShNOdKvV7SELQaoKE8k9C1L6YeOOsSQfvq6PAs4G2z95xLyCI/oqrV17SaCPXhZS8NLiU5PD5iFIUOPeP3KJZD/7gMVUBUaYdj4EHCDIazjdV+jZPDTJUSe+E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61950+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1593666953364915.8815658164536; Wed, 1 Jul 2020 22:15:53 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ZJloYY1788612xruQgY3Y4i1; Wed, 01 Jul 2020 22:15:53 -0700 X-Received: from mga06.intel.com (mga06.intel.com []) by mx.groups.io with SMTP id smtpd.web10.360.1593666932487247443 for ; Wed, 01 Jul 2020 22:15:52 -0700 IronPort-SDR: 7h/YKPXjT/+Uc5B00DvbFtUYZhYwSZN+azVgjFJu/LuNrDbz39dwqrzYq7hcpQQ3XW7RJn0MIa 3ZBapKkrPjVA== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="208319104" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="208319104" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 22:15:52 -0700 IronPort-SDR: KSnH+3FrmL4V9Pq2xfUd6u81Zagm/TcMb8eAtFOvGXrZ3JO2XRubux6E6wFrV5D+mcRgX/YA8j pJiu3DCcaMoA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="455385080" X-Received: from guominji-mobl.ccr.corp.intel.com ([10.238.4.95]) by orsmga005.jf.intel.com with ESMTP; 01 Jul 2020 22:15:50 -0700 From: "Guomin Jiang" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Laszlo Ersek , Rahul Kumar Subject: [edk2-devel] [PATCH v2 9/9] UefiCpuPkg/CpuMpPei: Enable paging and set NP flag to avoid TOCTOU (CVE-2019-11098) Date: Thu, 2 Jul 2020 13:15:25 +0800 Message-Id: <20200702051525.1102-10-guomin.jiang@intel.com> In-Reply-To: <20200702051525.1102-1-guomin.jiang@intel.com> References: <20200702051525.1102-1-guomin.jiang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,guomin.jiang@intel.com X-Gm-Message-State: q7ZNcVzfSXgKpm8ktlbEOMecx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1593666953; bh=FFvmnyJj56SV9HeaCuFHxJ45Q7HDgSBEaYHX0Ult8bY=; h=Cc:Date:From:Reply-To:Subject:To; b=J7HpKL4Lg/wC4nYHutSHNIb52sohyjnkS5FPynapDnmwsHvZiBcLaJFuFH/PC7c77/E MSs4NPhL3vQvqdhTaOpcDMVx9sQCUhQDRCWJcdyte1PwDB2hJLSDBJHB9BQAqmJrXNDgX svGY2L3RA5VA8hd3cHlKdhRcLaWcXpB2AQs= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614 To avoid the TOCTOU, enable paging and set Not Present flag so when access any code in the flash range, it will trigger #NP exception. Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Cc: Rahul Kumar Signed-off-by: Guomin Jiang --- UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 3 +++ UefiCpuPkg/CpuMpPei/CpuPaging.c | 17 +++++++++++++++-- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf b/UefiCpuPkg/CpuMpPei/CpuMpPe= i.inf index caead3ce34d4..fd50b55f06cb 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -46,6 +46,9 @@ [LibraryClasses] BaseMemoryLib CpuLib =20 +[Guids] + gEdkiiMigratedFvInfoGuid ## = SOMETIMES_CONSUMES ## HOB + [Ppis] gEfiPeiMpServicesPpiGuid ## PRODUCES gEfiSecPlatformInformationPpiGuid ## SOMETIMES_CONSUMES diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin= g.c index d0cbebf70bbf..af4069b42cdb 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -12,6 +12,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include "CpuMpPei.h" =20 @@ -605,6 +606,8 @@ MemoryDiscoveredPpiNotifyCallback ( EFI_STATUS Status; BOOLEAN InitStackGuard; BOOLEAN InterruptState; + EDKII_MIGRATED_FV_INFO *MigratedFvInfo; + EFI_PEI_HOB_POINTERS Hob; =20 InterruptState =3D SaveAndDisableInterrupts (); Status =3D MigrateGdt (); @@ -617,9 +620,9 @@ MemoryDiscoveredPpiNotifyCallback ( // the task switch (for the sake of stack switch). // InitStackGuard =3D FALSE; - if (IsIa32PaeSupported () && PcdGetBool (PcdCpuStackGuard)) { + if (IsIa32PaeSupported ()) { EnablePaging (); - InitStackGuard =3D TRUE; + InitStackGuard =3D PcdGetBool (PcdCpuStackGuard); } =20 Status =3D InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices= ); @@ -629,6 +632,16 @@ MemoryDiscoveredPpiNotifyCallback ( SetupStackGuardPage (); } =20 + Hob.Raw =3D GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); + while (Hob.Raw !=3D NULL) { + MigratedFvInfo =3D GET_GUID_HOB_DATA (Hob); + ConvertMemoryPageAttributes (MigratedFvInfo->FvOrgBase, MigratedFvInfo= ->FvLength, 0); + + Hob.Raw =3D GET_NEXT_HOB (Hob); + Hob.Raw =3D GetNextGuidHob (&gEdkiiMigratedFvInfoGuid, Hob.Raw); + } + CpuFlushTlb (); + return Status; } =20 --=20 2.25.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61950): https://edk2.groups.io/g/devel/message/61950 Mute This Topic: https://groups.io/mt/75252669/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-