From nobody Sun Feb 8 14:35:28 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108172+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108172+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1693437557; cv=none; d=zohomail.com; s=zohoarc; b=cy+a/DQzXUT55Wz10tnkg2u90atjgEkUFESdKk5qT/VPkGqVNlw0ip7G9xdpcBl01YbI6+fR/hVEinefCuSBApeZ9hrjpDGfDGeJXEakqUpVwS09JxLcCrQt87OGL572TtmzmggyhfIhvVBRbjkyz9EtTLJ5FGa7Lrfj3fRGkr4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1693437557; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=bchRMnimaB5C1D/gYIU9RHZkZA/PB9sDzqVH4mQXdgY=; b=AIkejJGcROQe+G4TXXZ1WpwHcRnAOOGXzKFPOc7MI+lQArFiQltPfcGgmq6+ms0B0tet3S04nsg3Q+oVLXXhzgCjgIGoZ8InZhhZ55OxkJBgSR9B7QY/WQEC6Ak7vA7CgyZqyuVfQ5wx+pv9ORHafSf1PZqhGhVCbAYsFbaC7IM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108172+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1693437557430529.1346342853589; Wed, 30 Aug 2023 16:19:17 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=KOlbYh/xq/dZse6vw7sqsM2rW/V3AsAvVX5VWp0QdSA=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693437557; v=1; b=pqByk2nzzNrYIbdPbzcJlcELubupMsW0wUg5Y6D1ZR96y76gQ7U45MBL8hcK8i2oRRg5suzP O08kI/hLS8g7nlCyYAmKEtIkzo/NHbBQ/jhUuI6wNivpfgl01mWJVXS4KK6TYO3uSe14q2U9IDG gIYt3UyjUR5XIcI+mAqUFjYU= X-Received: by 127.0.0.2 with SMTP id WujoYY1788612xecohAg6n5D; Wed, 30 Aug 2023 16:19:17 -0700 X-Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.4958.1693437556475330254 for ; Wed, 30 Aug 2023 16:19:16 -0700 X-Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-68a41031768so160651b3a.3 for ; Wed, 30 Aug 2023 16:19:16 -0700 (PDT) X-Gm-Message-State: rBgusmI1MzIbcff5fQtbxwY0x1787277AA= X-Google-Smtp-Source: AGHT+IHQljGhsjgTYY9It2j/pTJFgEUBYEIJJTBXf5FqRaOSF+8x9Hb9KF5Vv85F9jeRg0f3BrSG6g== X-Received: by 2002:a05:6a00:24c3:b0:68b:daf4:212f with SMTP id d3-20020a056a0024c300b0068bdaf4212fmr4157135pfv.21.1693437555439; Wed, 30 Aug 2023 16:19:15 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id x16-20020a62fb10000000b0064398fe3451sm102550pfm.217.2023.08.30.16.19.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Aug 2023 16:19:15 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v3 18/26] UefiCpuPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Wed, 30 Aug 2023 16:18:26 -0700 Message-ID: <20230830231851.779-19-taylor.d.beebe@gmail.com> In-Reply-To: <20230830231851.779-1-taylor.d.beebe@gmail.com> References: <20230830231851.779-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1693437557992100071 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/CpuDxe/CpuDxe.c = | 2 +- UefiCpuPkg/CpuDxe/CpuMp.c = | 2 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTest= Common.c | 6 +----- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerU= nitTest.c | 15 ++++++++++++++ UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerU= nitTest.c | 21 ++++++++++++++++++++ UefiCpuPkg/Library/MpInitLib/DxeMpLib.c = | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c = | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c = | 13 ++++++------ UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c = | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c = | 2 +- UefiCpuPkg/CpuDxe/CpuDxe.h = | 11 ++++++---- UefiCpuPkg/CpuDxe/CpuDxe.inf = | 4 +--- UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf = | 3 --- UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf = | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf = | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf= | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf = | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTest= .h | 13 +++++++++++- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerL= ibUnitTest.inf | 2 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerL= ibUnitTest.inf | 2 +- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf = | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf = | 3 +-- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h = | 9 +++++---- UefiCpuPkg/UefiCpuPkg.dec = | 7 +++---- UefiCpuPkg/UefiCpuPkg.dsc = | 2 ++ UefiCpuPkg/UefiCpuPkg.uni = | 10 ++++------ 26 files changed, 90 insertions(+), 51 deletions(-) diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.c b/UefiCpuPkg/CpuDxe/CpuDxe.c index 804ef5d1fe8e..b12c43f4c1d4 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.c +++ b/UefiCpuPkg/CpuDxe/CpuDxe.c @@ -399,7 +399,7 @@ CpuSetMemoryAttributes ( // During memory attributes updating, new pages may be allocated to setup // smaller granularity of page table. Page allocation action might then = cause // another calling of CpuSetMemoryAttributes() recursively, due to memory - // protection policy configured (such as PcdDxeNxMemoryProtectionPolicy). + // protection policy configured (such as the DXE NX Protection Policy). // Since this driver will always protect memory used as page table by it= self, // there's no need to apply protection policy requested from memory serv= ice. // So it's safe to just return EFI_SUCCESS if this time of calling is ca= used diff --git a/UefiCpuPkg/CpuDxe/CpuMp.c b/UefiCpuPkg/CpuDxe/CpuMp.c index e7575d9b8062..d8f978eec09d 100644 --- a/UefiCpuPkg/CpuDxe/CpuMp.c +++ b/UefiCpuPkg/CpuDxe/CpuMp.c @@ -734,7 +734,7 @@ InitializeMpExceptionHandlers ( // // Setup stack switch for Stack Guard feature. // - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { InitializeMpExceptionStackSwitchHandlers (); } } diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptio= nHandlerTestCommon.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/C= puExceptionHandlerTestCommon.c index 9ba70c5b7340..fe74b0e0eaae 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTestCommon.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTestCommon.c @@ -743,10 +743,6 @@ TestCpuStackGuardInBspAndAp ( VOID *NewIdtr; UINTN *CpuStackBaseBuffer; =20 - if (!PcdGetBool (PcdCpuStackGuard)) { - return UNIT_TEST_PASSED; - } - // // Get MP Service Protocol // @@ -846,7 +842,7 @@ AddCommonTestCase ( AddTestCase (CpuExceptionLibUnitTestSuite, "Check if exception handler c= an be registered/unregistered for GP and PF", "TestRegisterHandlerForGPAndP= F", TestRegisterHandlerForGPAndPF, NULL, NULL, NULL); =20 AddTestCase (CpuExceptionLibUnitTestSuite, "Check if Cpu Context is cons= istent before and after exception.", "TestCpuContextConsistency", TestCpuCo= ntextConsistency, NULL, NULL, NULL); - AddTestCase (CpuExceptionLibUnitTestSuite, "Check if stack overflow is c= aptured by CpuStackGuard in Bsp and AP", "TestCpuStackGuardInBspAndAp", Tes= tCpuStackGuardInBspAndAp, NULL, NULL, NULL); + AddTestCase (CpuExceptionLibUnitTestSuite, "Check if stack overflow is c= aptured by CpuStackGuard in Bsp and AP", "TestCpuStackGuardInBspAndAp", Tes= tCpuStackGuardInBspAndAp, IsStackGuardEnabled, NULL, NULL); =20 return EFI_SUCCESS; } diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExcep= tionHandlerUnitTest.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/= DxeCpuExceptionHandlerUnitTest.c index 1cec3ed809d9..c1de3a6663ae 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerUnitTest.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerUnitTest.c @@ -8,6 +8,7 @@ =20 #include "CpuExceptionHandlerTest.h" #include +#include #include =20 /** @@ -145,6 +146,20 @@ GetMpServices ( return gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **)&= MpServices->Protocol); } =20 +/** + Checks if stack guard is enabled. + + @param[in] Context The unit test context +**/ +UNIT_TEST_STATUS +EFIAPI +IsStackGuardEnabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + return gMps.Dxe.CpuStackGuardEnabled; +} + /** Entry for CpuExceptionHandlerDxeTest driver. =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExcep= tionHandlerUnitTest.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/= PeiCpuExceptionHandlerUnitTest.c index d9408d2f5e2f..763268f55314 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerUnitTest.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerUnitTest.c @@ -10,6 +10,7 @@ #include #include #include +#include =20 /** Initialize Bsp Idt with a new Idt table and return the IA32_DESCRIPTOR b= uffer. @@ -152,6 +153,26 @@ GetMpServices ( return PeiServicesLocatePpi (&gEdkiiPeiMpServices2PpiGuid, 0, NULL, (VOI= D **)&MpServices->Ppi); } =20 +/** + Checks if stack guard is enabled. + + @param[in] Context The unit test context +**/ +UNIT_TEST_STATUS +EFIAPI +IsStackGuardEnabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + MEMORY_PROTECTION_SETTINGS Mps; + + if (!EFI_ERROR (GetCurrentMemoryProtectionSettings (&Mps))) { + return Mps.Dxe.CpuStackGuardEnabled; + } + + return FALSE; +} + /** Entry point of CpuExceptionHandlerPeiTest PEIM. =20 diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M= pInitLib/DxeMpLib.c index 57ddb86600a7..551a7924fad3 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include =20 @@ -497,7 +498,7 @@ InitMpGlobalData ( return; } =20 - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { // // One extra page at the bottom of the stack is needed for Guard page. // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/PageTbl.c index b11264ce4aa7..7e6c9899b069 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -160,7 +160,7 @@ SmiPFHandler ( // // If NULL pointer was just accessed // - if (((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) && + if (gMps.Mm.NullPointerDetection.Enabled && (PFAddress < EFI_PAGE_SIZE)) { DumpCpuContext (InterruptType, SystemContext); diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 6f498666157e..4c02749c174e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -1679,7 +1679,7 @@ GenSmmPageTable ( } } =20 - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) { + if (gMps.Mm.NullPointerDetection.Enabled) { // // Mark [0, 4k] as non-present // @@ -1834,13 +1834,13 @@ IfReadOnlyPageTableNeeded ( // // Don't mark page table memory as read-only if // - no restriction on access to non-SMRAM memory; or - // - SMM heap guard feature enabled; or - // BIT2: SMM page guard enabled - // BIT3: SMM pool guard enabled + // - SMM page guard enabled + // - SMM pool guard enabled // - SMM profile feature enabled // if (!IsRestrictedMemoryAccess () || - ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) !=3D 0) || + IS_MM_PAGE_GUARD_ACTIVE || + IS_MM_POOL_GUARD_ACTIVE || FeaturePcdGet (PcdCpuSmmProfileEnable)) { if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { @@ -1849,7 +1849,8 @@ IfReadOnlyPageTableNeeded ( // ASSERT ( !(IsRestrictedMemoryAccess () && - (PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) !=3D 0) + (IS_MM_PAGE_GUARD_ACTIVE || + IS_MM_POOL_GUARD_ACTIVE)) ); =20 // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index 7ac3c66f911c..4f48e0c4f399 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -610,7 +610,7 @@ InitPaging ( // // [0, 4k] may be non-present. // - PreviousAddress =3D ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BI= T1) !=3D 0) ? BASE_4KB : 0; + PreviousAddress =3D (gMps.Mm.NullPointerDetection.Enabled) ? BASE_4KB : = 0; =20 DEBUG ((DEBUG_INFO, "Patch page table start ...\n")); if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index ddd9be66b53f..10e26cd72f6d 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -932,7 +932,7 @@ SmiPFHandler ( // // If NULL pointer was just accessed // - if (((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) && + if (gMps.Mm.NullPointerDetection.Enabled && (PFAddress < EFI_PAGE_SIZE)) { DumpCpuContext (InterruptType, SystemContext); diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.h b/UefiCpuPkg/CpuDxe/CpuDxe.h index 0e7d88dd357c..a0284c562fa1 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.h +++ b/UefiCpuPkg/CpuDxe/CpuDxe.h @@ -35,15 +35,18 @@ #include #include #include +#include =20 #include #include =20 -#define HEAP_GUARD_NONSTOP_MODE \ - ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT6|BIT4|BIT1|BIT0)) > BI= T6) +#define HEAP_GUARD_NONSTOP_MODE (gMps.Dxe.HeapGuard.NonstopModeEnable= d && \ + (IS_DXE_PAGE_GUARD_ACTIVE = || \ + IS_DXE_POOL_GUARD_ACTIVE = || \ + gMps.Dxe.HeapGuard.FreedMemoryGuardE= nabled)) \ =20 -#define NULL_DETECTION_NONSTOP_MODE \ - ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT6|BIT0)) > B= IT6) +#define NULL_DETECTION_NONSTOP_MODE (gMps.Dxe.NullPointerDetection.Enable= d && \ + gMps.Dxe.NullPointerDetection.Nonsto= pModeEnabled) =20 /** Flush CPU data cache. If the instruction cache is fully coherent diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf index 1d3e9f8cdb29..85387c3ecdf2 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.inf +++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf @@ -40,6 +40,7 @@ [LibraryClasses] MpInitLib TimerLib PeCoffGetEntryPointLib + GetMemoryProtectionsLib =20 [Sources] CpuDxe.c @@ -74,9 +75,6 @@ [Ppis] =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask ##= CONSUMES diff --git a/UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf b/UefiCpuPkg/CpuDxe= RiscV64/CpuDxeRiscV64.inf index 9d9a5ef8f247..262f9e6d9d5a 100644 --- a/UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf +++ b/UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf @@ -56,9 +56,6 @@ [Ppis] gEfiSecPlatformInformationPpiGuid ## UNDEFINED # HOB =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuCoreCrystalClockFrequency ##= CONSUMES diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandl= erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandle= rLib.inf index fdbebadab93d..1fddf15b70bd 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.i= nf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.i= nf @@ -39,7 +39,6 @@ [Sources.common] DxeException.c =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandl= erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandle= rLib.inf index 3bcaff5c5fe4..348f7ed56c99 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.i= nf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.i= nf @@ -55,7 +55,6 @@ [LibraryClasses] CcExitLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard # CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHa= ndlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException= HandlerLib.inf index e7b1144f6941..0217c983d7c6 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLi= b.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLi= b.inf @@ -51,7 +51,6 @@ [LibraryClasses] CcExitLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandl= erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandle= rLib.inf index 27f0b96fa9e9..6dc09b447ff0 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.i= nf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.i= nf @@ -54,7 +54,6 @@ [LibraryClasses] CcExitLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptio= nHandlerTest.h b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExce= ptionHandlerTest.h index bad3387db5bc..47bde8574b32 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTest.h +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTest.h @@ -27,7 +27,7 @@ In this test case, stack overflow is triggered by a funtion which call= s itself continuously. This test case triggers stack overflow in both BSP and AP. All AP use same Idt with Bsp. The expecta= tion is: 1. PF exception is triggered (leading to a DF if sepereated stack is= not prepared for PF) when Rsp <=3D StackBase + SIZE_4KB - since [StackBase, StackBase + SIZE_4KB] is marked as not present = in page table when PcdCpuStackGuard is TRUE. + since [StackBase, StackBase + SIZE_4KB] is marked as not present = in page table when CpuStackGuard is TRUE. 2. Stack for PF/DF exception handler in both Bsp and AP is succussfu= lly switched by InitializeSeparateExceptionStacks. =20 **/ @@ -342,4 +342,15 @@ CpuStackGuardExceptionHandler ( IN EFI_SYSTEM_CONTEXT SystemContext ); =20 +/** + Checks if stack guard is enabled. + + @param[in] Context The unit test context +**/ +UNIT_TEST_STATUS +EFIAPI +IsStackGuardEnabled ( + IN UNIT_TEST_CONTEXT Context + ); + #endif diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExcep= tionHandlerLibUnitTest.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Unit= Test/DxeCpuExceptionHandlerLibUnitTest.inf index a904eb250475..09c00fce8627 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerLibUnitTest.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerLibUnitTest.inf @@ -43,12 +43,12 @@ [LibraryClasses] HobLib UefiBootServicesTableLib CpuPageTableLib + GetMemoryProtectionsLib =20 [Guids] gEfiHobMemoryAllocStackGuid =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize ## CONSUMES =20 [Protocols] diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExcep= tionHandlerLibUnitTest.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Unit= Test/PeiCpuExceptionHandlerLibUnitTest.inf index 25f8f8dbe0e9..41fa759bf31e 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerLibUnitTest.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerLibUnitTest.inf @@ -48,9 +48,9 @@ [LibraryClasses] PeiServicesLib CpuPageTableLib PeiServicesTablePointerLib + SetMemoryProtectionsLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize ## CONSUMES =20 [Ppis] diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index 55e46d4a1fad..8edc7227d108 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -58,6 +58,8 @@ [LibraryClasses] PcdLib CcExitLib MicrocodeLib + GetMemoryProtectionsLib + [LibraryClasses.X64] CpuPageTableLib =20 @@ -82,6 +84,5 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures ## = CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ## = SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi ## = CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## = CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## = CONSUMES gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## = CONSUMES diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSm= mCpuDxeSmm/PiSmmCpuDxeSmm.inf index 5d52ed7d1329..56f64873fe50 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf @@ -103,6 +103,7 @@ [LibraryClasses] PerformanceLib CpuPageTableLib MmSaveStateLib + GetMemoryProtectionsLib =20 [Protocols] gEfiSmmAccess2ProtocolGuid ## CONSUMES @@ -146,8 +147,6 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesInitOnS3Resume ## CONS= UMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ## CONS= UMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask ##= CONSUMES =20 [FixedPcd] diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h b/UefiCpuPkg/Pi= SmmCpuDxeSmm/SmmProfileInternal.h index 964dd5281780..1ac91d9d3ce4 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h @@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include "SmmProfileArch.h" =20 @@ -57,11 +58,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define MSR_DEBUG_CTL_BTINT 0x100 #define MSR_DS_AREA 0x600 =20 -#define HEAP_GUARD_NONSTOP_MODE \ - ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT6|BIT3|BIT2)) > BIT6) +#define HEAP_GUARD_NONSTOP_MODE (gMps.Mm.HeapGuard.NonstopModeEnabled = && \ + (IS_MM_PAGE_GUARD_ACTIVE || IS_MM_POOL_G= UARD_ACTIVE)) =20 -#define NULL_DETECTION_NONSTOP_MODE \ - ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT6|BIT1)) > B= IT6) +#define NULL_DETECTION_NONSTOP_MODE (gMps.Mm.NullPointerDetection.Nonstop= ModeEnabled && \ + gMps.Mm.NullPointerDetection.Enabled) =20 typedef struct { EFI_PHYSICAL_ADDRESS Base; diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 68473fc640e6..8c667269ad7f 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -192,13 +192,13 @@ [PcdsFeatureFlag] =20 [PcdsFixedAtBuild] ## List of exception vectors which need switching stack. - # This PCD will only take into effect if PcdCpuStackGuard is enabled. + # This PCD will only take into effect if the CPU Stack Guard is enabled. # By default exception #DD(8), #PF(14) are supported. # @Prompt Specify exception vectors which need switching stack. gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList|{0x08, 0x0E}|VO= ID*|0x30002000 =20 ## Size of good stack for an exception. - # This PCD will only take into effect if PcdCpuStackGuard is enabled. + # This PCD will only take into effect if the CPU Stack Guard is enabled. # @Prompt Specify size of good stack of exception which need switching s= tack. gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize|2048|UINT32|0x30002001 =20 @@ -388,9 +388,8 @@ [PcdsFixedAtBuild.X64, PcdsPatchableInModule.X64, PcdsD= ynamic.X64, PcdsDynamicEx # and the memory occupied by page table is protected by page table itse= lf as read-only. # In X64 build, it cannot be enabled at the same time with SMM profile = feature (PcdCpuSmmProfileEnable). # In X64 build, it could not be enabled also at the same time with heap= guard feature for SMM - # (PcdHeapGuardPropertyMask in MdeModulePkg). # In IA32 build, page table memory is not marked as read-only when eith= er SMM profile feature (PcdCpuSmmProfileEnable) - # or heap guard feature for SMM (PcdHeapGuardPropertyMask in MdeModuleP= kg) is enabled. + # or heap guard feature for SMM is enabled. # TRUE - Access to non-SMRAM memory is restricted to reserved, runtim= e and ACPI NVS type after SmmReadyToLock.
# FALSE - Access to any type of non-SMRAM memory after SmmReadyToLock = is allowed.
# @Prompt Access to non-SMRAM memory is restricted to reserved, runtime = and ACPI NVS type after SmmReadyToLock. diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index 074fd774616d..2dbb8394b382 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -66,6 +66,8 @@ [LibraryClasses] UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceL= ibNull/UnitTestPersistenceLibNull.inf UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultRepor= tLib/UnitTestResultReportLibDebugLib.inf + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Get= MemoryProtectionsLibNull.inf + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLibNull.inf =20 [LibraryClasses.common.SEC] PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.= inf diff --git a/UefiCpuPkg/UefiCpuPkg.uni b/UefiCpuPkg/UefiCpuPkg.uni index d17bcfd10c7a..5719917a041e 100644 --- a/UefiCpuPkg/UefiCpuPkg.uni +++ b/UefiCpuPkg/UefiCpuPkg.uni @@ -170,8 +170,7 @@ = "If enabled, SMM will not use on-demand paging. SMM will build s= tatic page table for all memory.\n" = "This flag only impacts X64 build, because SMM always builds sta= tic page table for IA32.\n" = "It could not be enabled at the same time with SMM profile featu= re (PcdCpuSmmProfileEnable).\n" - = "It could not be enabled also at the same time with heap guard f= eature for SMM\n" - = "(PcdHeapGuardPropertyMask in MdeModulePkg).

\n" + = "It could not be enabled also at the same time with heap guard f= eature for SMM.

\n" = "TRUE - SMM uses static page table for all memory.
\n" = "FALSE - SMM uses static page table for below 4G memory and use = on-demand paging for above 4G memory.
" =20 @@ -217,9 +216,8 @@ = "and the memory occupied by page table is protected by pa= ge table itself as read-only.
\n" = "In X64 build, it cannot be enabled at the same time with= SMM profile feature (PcdCpuSmmProfileEnable).
\n" = "In X64 build, it could not be enabled also at the same t= ime with heap guard feature for SMM
\n" - = "(PcdHeapGuardPropertyMask in MdeModulePkg).
\n" = "In IA32 build, page table memory is not marked as read-o= nly when either SMM profile feature (PcdCpuSmmProfileEnable)
\n" - = "or heap guard feature for SMM (PcdHeapGuardPropertyMask = in MdeModulePkg) is enabled.
\n" + = "or heap guard feature for SMM is enabled.
\n" = "TRUE - Access to non-SMRAM memory is restricted to rese= rved, runtime and ACPI NVS type after SmmReadyToLock.
\n" = "FALSE - Access to any type of non-SMRAM memory after Smm= ReadyToLock is allowed.
" =20 @@ -266,13 +264,13 @@ #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuStackSwitchExceptionList_PROMP= T #language en-US "Specify exception vectors which need switching stack." =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuStackSwitchExceptionList_HELP = #language en-US "List of exception vectors which need switching stack.\n" - = "This PCD will only take into effect if PcdCpuStackGuard i= s enabled.n" + = "This PCD will only take into effect if the CPU Stack Guar= d is enabled.n" = "By default exception #DD(8), #PF(14) are supported.n" =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuKnownGoodStackSize_PROMPT #la= nguage en-US "Specify size of good stack of exception which need switching = stack." =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuKnownGoodStackSize_HELP #lang= uage en-US "Size of good stack for an exception.\n" - = "This PCD will only take into effect if PcdCpuStackGuard is enab= led.\n" + = "This PCD will only take into effect if the CPU Stack Guard is e= nabled.\n" =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuCoreCrystalClockFrequency_PROM= PT #language en-US "Specifies CPUID Leaf 0x15 Time Stamp Counter and Nomin= al Core Crystal Clock Frequency." =20 --=20 2.42.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108172): https://edk2.groups.io/g/devel/message/108172 Mute This Topic: https://groups.io/mt/101064092/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-