From nobody Sun Feb 8 19:02:56 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+102495+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+102495+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1680622850; cv=none; d=zohomail.com; s=zohoarc; b=VIq3BuneIQYawwV5uVAs94PXuHUmg+rxPCAd2Bj1/XmDUugLGrl4FC0Kz5gs3m0OoEkx6/ACIk0MpcMHVdYxoSqtJhRyc8jfPCtgB+VufLPtRG9Voc8lbonf+RJ/BrZPllYiFUOqWk8/nj+mEWDauyIcDtnlQeGHcseZyxbYyR8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1680622850; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=wf973z+fPFajVnrEPtG8/ygDrl8r14cLS7lZHWCsffA=; b=CeY7uKrsMZDsComYqoApdA2UGplaLtu3ZPwIixBgsxyMm5+5waMNJRrt4S9EVdCgMvZm+6lKnZwDkWWoJ5EipwZE1zpcBLttIUASg0puZOYypg1Gwn2VgN4KJAD3wNrFYtx/11yg88LCAx7ukFIllxkd5pSmi+8MK/fCJdJdbnk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+102495+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1680622850141984.7991079464267; Tue, 4 Apr 2023 08:40:50 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id r8CrYY1788612xpr3C0xJ6ok; Tue, 04 Apr 2023 08:40:49 -0700 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.105361.1680622846596069386 for ; Tue, 04 Apr 2023 08:40:46 -0700 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 2BA7F634F5; Tue, 4 Apr 2023 15:40:46 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id DCA0AC433A0; Tue, 4 Apr 2023 15:40:42 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe , =?UTF-8?q?Marvin=20H=C3=A4user?= , Bob Feng , Oliver Smith-Denny Subject: [edk2-devel] [PATCH v3 4/4] MdeModulePkg: Enable forward edge CFI in mem attributes table Date: Tue, 4 Apr 2023 17:40:22 +0200 Message-Id: <20230404154022.2776035-5-ardb@kernel.org> In-Reply-To: <20230404154022.2776035-1-ardb@kernel.org> References: <20230404154022.2776035-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: G0ICa82LFZhobImYff7Vc3K3x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1680622849; bh=BGzUJRSwGPXxyG+EnMK3zoxTyA+lf/4YK0hINV3Ffu4=; h=Cc:Date:From:Reply-To:Subject:To; b=kTdgSwYrasTxHXRdu5rpbh8rjOI4dzqA+Kmv1k7E28oMp6S8BrSLKA4vXf9/J/g0uYz eCAHZAk8G5u3VgIwFWZ7K3EY1pYYHSigkjmumWk4HZBjDkU93sZVUJoBfEtn9f7rDm7up KJ2Iks0EkLi+FpmoUU4GzDgJKXkok91DV6A= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1680622850727100001 Content-Type: text/plain; charset="utf-8" The memory attributes table has been extended with a flag that indicates whether or not the OS is permitted to map the EFI runtime code regions with strict enforcement for IBT/BTI landing pad instructions. Given that the PE/COFF spec now defines a DllCharacteristicsEx flag that indicates whether or not a loaded image is compatible with this, we can wire this up to the flag in the memory attributes table, and set it if all loaded runtime image are compatible with it. Signed-off-by: Ard Biesheuvel Reviewed-by: Leif Lindholm Reviewed-by: Oliver Smith-Denny Reviewed-by: Michael Kubacki --- MdeModulePkg/Core/Dxe/DxeMain.h | 2 ++ MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++++++++++ MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +++++++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMai= n.h index 815a6b4bd844a452..43daa037be441150 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -280,6 +280,8 @@ extern EFI_MEMORY_TYPE_INFORMATION gMemoryTypeInformat= ion[EfiMaxMemoryType + 1] extern BOOLEAN gDispatcherRunning; extern EFI_RUNTIME_ARCH_PROTOCOL gRuntimeTemplate; =20 +extern BOOLEAN gMemoryAttributesTableForwardCfi; + extern EFI_LOAD_FIXED_ADDRESS_CONFIGURATION_TABLE gLoadModuleAtFixAddress= ConfigurationTable; extern BOOLEAN gLoadFixedAddressCodeMe= moryReady; // diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Im= age/Image.c index 8704ebea9a7c88c0..9dbfb2a1fad22ced 100644 --- a/MdeModulePkg/Core/Dxe/Image/Image.c +++ b/MdeModulePkg/Core/Dxe/Image/Image.c @@ -1399,6 +1399,16 @@ CoreLoadImageCommon ( CoreNewDebugImageInfoEntry (EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL, &Image->= Info, Image->Handle); } =20 + // + // Check whether we are loading a runtime image that lacks support for + // IBT/BTI landing pads. + // + if ((Image->ImageContext.ImageCodeMemoryType =3D=3D EfiRuntimeServicesCo= de) && + ((Image->ImageContext.DllCharacteristicsEx & EFI_IMAGE_DLLCHARACTERI= STICS_EX_FORWARD_CFI_COMPAT) =3D=3D 0)) + { + gMemoryAttributesTableForwardCfi =3D FALSE; + } + // // Reinstall loaded image protocol to fire any notifications // diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c b/MdeModule= Pkg/Core/Dxe/Misc/MemoryAttributesTable.c index 82fa026bceb990e5..fd127ee167e1ac9a 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c @@ -89,6 +89,7 @@ BOOLEAN mMemoryAttributesTableEnable= =3D TRUE; BOOLEAN mMemoryAttributesTableEndOfDxe =3D FALSE; EFI_MEMORY_ATTRIBUTES_TABLE *mMemoryAttributesTable =3D NULL; BOOLEAN mMemoryAttributesTableReadyToBoot =3D FALSE; +BOOLEAN gMemoryAttributesTableForwardCfi =3D TRUE; =20 /** Install MemoryAttributesTable. @@ -182,7 +183,12 @@ InstallMemoryAttributesTable ( MemoryAttributesTable->Version =3D EFI_MEMORY_ATTRIBUTES_TABLE_V= ERSION; MemoryAttributesTable->NumberOfEntries =3D RuntimeEntryCount; MemoryAttributesTable->DescriptorSize =3D (UINT32)DescriptorSize; - MemoryAttributesTable->Flags =3D 0; + if (gMemoryAttributesTableForwardCfi) { + MemoryAttributesTable->Flags =3D EFI_MEMORY_ATTRIBUTES_FLAGS_RT_FORWAR= D_CONTROL_FLOW_GUARD; + } else { + MemoryAttributesTable->Flags =3D 0; + } + DEBUG ((DEBUG_VERBOSE, "MemoryAttributesTable:\n")); DEBUG ((DEBUG_VERBOSE, " Version - 0x%08x\n", MemoryAttrib= utesTable->Version)); DEBUG ((DEBUG_VERBOSE, " NumberOfEntries - 0x%08x\n", MemoryAttrib= utesTable->NumberOfEntries)); --=20 2.39.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#102495): https://edk2.groups.io/g/devel/message/102495 Mute This Topic: https://groups.io/mt/98062740/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-