From nobody Sun Feb 8 17:21:17 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108173+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108173+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1693437557; cv=none; d=zohomail.com; s=zohoarc; b=QW86ZSKRG15gANyhREf6z9AQrihBGyLohsHhqMhJRm4vXuw9rDrjd6JoUYvw3Y+CIwJTIsmCEmV7NkHx1b+0ALq+VvhGbJqnEWH04b4sFbMW60ilcKWZaAZtnAe5gmIOJ3QhdKZbcleu4GL01TYgrwdSsdquvz/ol9/kIenlquU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1693437557; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=rfwfOdvDYO5XJGqJ55aHRf36GzXc/LLedIXF+7NNKrA=; b=bsCZrTeD2PVf2nZ11mfmw4xZG1j5JAXbLmvMWePcd8TH86r7Kx7BVslQqg4IEw0ADstrOM+3Sa4CAXPFhfm0AFpaBLJbvQamySyoF21y6BGMYzKG2J4MUC8h0BSg9KOcV4uEIDbCEOMpwz9jqzwZZ33F6mpyogS/olTUySc3VZY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108173+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1693437557882340.6523087964441; Wed, 30 Aug 2023 16:19:17 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=bvMrRHuTR4NUpNhEvGRH5go3RbSHxRcOyEAMCDVzoec=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693437557; v=1; b=gwVtIqZUiTCw0CnSxXnZGcMOPEze+l4g0oLLWbbJ14SUvNSbbMFoQzAPy+ofbzYLQTvB6k3Y x0n1M/4IuHb01tGzPrEnNQlWGSIZDpMey+6/q8wZJpvrAdo9fBoavF+B+6+6gCeSff+Oe6Gzy4s r5IT9aO9ql8loRo+R7qeLyxg= X-Received: by 127.0.0.2 with SMTP id 4AXdYY1788612x9MJd10HldS; Wed, 30 Aug 2023 16:19:17 -0700 X-Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web11.4960.1693437557024411516 for ; Wed, 30 Aug 2023 16:19:17 -0700 X-Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-68a529e1974so149903b3a.3 for ; Wed, 30 Aug 2023 16:19:16 -0700 (PDT) X-Gm-Message-State: 9VGF8uIyqR0c51hvroMC5wjDx1787277AA= X-Google-Smtp-Source: AGHT+IEjdoiLB7vh0bKeS3iXOXFYG7xw4LW9gXU1/h6XbEvRve/3MyAD9QBWCM9WhoL5+MUfPFnHkw== X-Received: by 2002:a05:6a20:1447:b0:147:5ab9:8496 with SMTP id a7-20020a056a20144700b001475ab98496mr4352343pzi.55.1693437556210; Wed, 30 Aug 2023 16:19:16 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id x16-20020a62fb10000000b0064398fe3451sm102550pfm.217.2023.08.30.16.19.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Aug 2023 16:19:15 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v3 19/26] MdeModulePkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Wed, 30 Aug 2023 16:18:27 -0700 Message-ID: <20230830231851.779-20-taylor.d.beebe@gmail.com> In-Reply-To: <20230830231851.779-1-taylor.d.beebe@gmail.com> References: <20230830231851.779-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1693437559037100076 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 4 +- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 46 ++++++++------ MdeModulePkg/Core/Dxe/Mem/Page.c | 2 +- MdeModulePkg/Core/Dxe/Mem/Pool.c | 4 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 67 +++++++++++--------- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 29 ++++----- MdeModulePkg/Core/PiSmmCore/Pool.c | 4 +- MdeModulePkg/Core/Dxe/DxeMain.h | 1 + MdeModulePkg/Core/Dxe/DxeMain.inf | 8 +-- MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 + MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 4 +- 11 files changed, 87 insertions(+), 83 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 0e0f9769b99d..66cb2fcf2ff7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -256,10 +256,12 @@ DxeMain ( Status =3D InitializeCpuExceptionHandlers (VectorInfoList); ASSERT_EFI_ERROR (Status); =20 + PopulateMpsGlobal (); + // // Setup Stack Guard // - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { Status =3D InitializeSeparateExceptionStacks (NULL, NULL); ASSERT_EFI_ERROR (Status); } diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.c index 0c0ca61872b4..59d8f36c89b7 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c @@ -553,7 +553,7 @@ UnsetGuardPage ( // memory. // Attributes =3D 0; - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & (1 << EfiConventionalMe= mory)) !=3D 0) { + if (gMps.Dxe.ExecutionProtection.EnabledForType[EfiConventionalMemory]) { Attributes |=3D EFI_MEMORY_XP; } =20 @@ -590,38 +590,48 @@ IsMemoryTypeToGuard ( IN UINT8 PageOrPool ) { - UINT64 TestBit; + UINT32 MpsMemoryType; UINT64 ConfigBit; =20 if (AllocateType =3D=3D AllocateAddress) { return FALSE; } =20 - if ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) =3D=3D 0) { + ConfigBit =3D gMps.Dxe.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAG= E : 0; + ConfigBit |=3D gMps.Dxe.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POO= L : 0; + ConfigBit |=3D gMps.Dxe.HeapGuard.FreedMemoryGuardEnabled ? GUARD_HEAP_T= YPE_FREED : 0; + + if ((PageOrPool & ConfigBit) =3D=3D 0) { return FALSE; } =20 - if (PageOrPool =3D=3D GUARD_HEAP_TYPE_POOL) { - ConfigBit =3D PcdGet64 (PcdHeapGuardPoolType); - } else if (PageOrPool =3D=3D GUARD_HEAP_TYPE_PAGE) { - ConfigBit =3D PcdGet64 (PcdHeapGuardPageType); - } else { - ConfigBit =3D (UINT64)-1; + if (((PageOrPool & GUARD_HEAP_TYPE_FREED) !=3D 0) && gMps.Dxe.HeapGuard.= FreedMemoryGuardEnabled) { + return TRUE; } =20 if ((UINT32)MemoryType >=3D MEMORY_TYPE_OS_RESERVED_MIN) { - TestBit =3D BIT63; + MpsMemoryType =3D OS_RESERVED_MPS_MEMORY_TYPE; } else if ((UINT32)MemoryType >=3D MEMORY_TYPE_OEM_RESERVED_MIN) { - TestBit =3D BIT62; + MpsMemoryType =3D OEM_RESERVED_MPS_MEMORY_TYPE; } else if (MemoryType < EfiMaxMemoryType) { - TestBit =3D LShiftU64 (1, MemoryType); + MpsMemoryType =3D MemoryType; } else if (MemoryType =3D=3D EfiMaxMemoryType) { - TestBit =3D (UINT64)-1; + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && IS_DXE_PAGE_GU= ARD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && IS_DXE_POOL_GU= ARD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_FREED) !=3D 0) && gMps.Dxe.Heap= Guard.FreedMemoryGuardEnabled); } else { - TestBit =3D 0; + return FALSE; } =20 - return ((ConfigBit & TestBit) !=3D 0); + if (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && gMps.Dxe.PageGuard.E= nabledForType[MpsMemoryType]) { + return TRUE; + } + + if (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && gMps.Dxe.PoolGuard.E= nabledForType[MpsMemoryType]) { + return TRUE; + } + + return FALSE; } =20 /** @@ -835,7 +845,7 @@ AdjustMemoryS ( // indicated to put the pool near the Tail Guard, we need extra bytes to // make sure alignment of the returned pool address. // - if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0) { + if (gMps.Dxe.HeapGuard.GuardAlignedToTail) { SizeRequested =3D ALIGN_VALUE (SizeRequested, 8); } =20 @@ -1019,7 +1029,7 @@ AdjustPoolHeadA ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // @@ -1050,7 +1060,7 @@ AdjustPoolHeadF ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index 41af50b3d5ab..5cdc2b0c1927 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -181,7 +181,7 @@ CoreAddRange ( // used for other purposes. // if ((Type =3D=3D EfiConventionalMemory) && (Start =3D=3D 0) && (End >=3D= EFI_PAGE_SIZE - 1)) { - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) =3D=3D 0) { + if (!gMps.Dxe.NullPointerDetection.Enabled) { SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); } } diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/P= ool.c index 716dd045f9fd..ae1e8b67db10 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Pool.c +++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c @@ -385,7 +385,7 @@ CoreAllocatePoolI ( // =20 HasPoolTail =3D !(NeedGuard && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Dxe.HeapGuard.GuardAlignedToTail); PageAsPool =3D (IsHeapGuardEnabled (GUARD_HEAP_TYPE_FREED) && !mOnGuardi= ng); =20 // @@ -717,7 +717,7 @@ CoreFreePoolI ( IsGuarded =3D IsPoolTypeToGuard (Head->Type) && IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)Head); HasPoolTail =3D !(IsGuarded && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Dxe.HeapGuard.GuardAlignedToTail); PageAsPool =3D (Head->Signature =3D=3D POOLPAGE_HEAD_SIGNATURE); =20 if (HasPoolTail) { diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index 94ed3111688b..215a9f254065 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -9,7 +9,7 @@ 2) This policy is applied only if the UEFI image meets the page alignment requirement. 3) This policy is applied only if the Source UEFI image matches the - PcdImageProtectionPolicy definition. + Image Protection Policy definition. 4) This policy is not applied to the non-PE image region. =20 The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect @@ -60,7 +60,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define PREVIOUS_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \ ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) - (Size))) =20 -UINT32 mImageProtectionPolicy; +STATIC BOOLEAN mIsExecutionProtectionActive =3D FALSE; + +STATIC BOOLEAN mIsPageOrPoolGuardActive =3D FALSE; =20 extern LIST_ENTRY mGcdMemorySpaceMap; =20 @@ -149,11 +151,13 @@ GetProtectionPolicyFromImageType ( IN UINT32 ImageType ) { - if ((ImageType & mImageProtectionPolicy) =3D=3D 0) { - return DO_NOT_PROTECT; - } else { + if (((ImageType =3D=3D IMAGE_UNKNOWN) && gMps.Dxe.ImageProtection.Protec= tImageFromUnknown) || + ((ImageType =3D=3D IMAGE_FROM_FV) && gMps.Dxe.ImageProtection.Protec= tImageFromFv)) + { return PROTECT_IF_ALIGNED_ELSE_ALLOW; } + + return DO_NOT_PROTECT; } =20 /** @@ -611,7 +615,7 @@ UnprotectUefiImage ( IMAGE_PROPERTIES_RECORD *ImageRecord; LIST_ENTRY *ImageRecordLink; =20 - if (PcdGet32 (PcdImageProtectionPolicy) !=3D 0) { + if (IS_DXE_IMAGE_PROTECTION_ACTIVE) { for (ImageRecordLink =3D mProtectedImageRecordList.ForwardLink; ImageRecordLink !=3D &mProtectedImageRecordList; ImageRecordLink =3D ImageRecordLink->ForwardLink) @@ -648,21 +652,23 @@ GetPermissionAttributeForMemoryType ( IN EFI_MEMORY_TYPE MemoryType ) { - UINT64 TestBit; + UINT32 TestMemoryType; =20 if ((UINT32)MemoryType >=3D MEMORY_TYPE_OS_RESERVED_MIN) { - TestBit =3D BIT63; + TestMemoryType =3D OS_RESERVED_MPS_MEMORY_TYPE; } else if ((UINT32)MemoryType >=3D MEMORY_TYPE_OEM_RESERVED_MIN) { - TestBit =3D BIT62; + TestMemoryType =3D OEM_RESERVED_MPS_MEMORY_TYPE; + } else if (MemoryType >=3D EfiMaxMemoryType) { + return EFI_MEMORY_XP; } else { - TestBit =3D LShiftU64 (1, MemoryType); + TestMemoryType =3D MemoryType; } =20 - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & TestBit) !=3D 0) { + if (gMps.Dxe.ExecutionProtection.EnabledForType[TestMemoryType]) { return EFI_MEMORY_XP; - } else { - return 0; } + + return 0; } =20 /** @@ -772,7 +778,7 @@ MergeMemoryMapForProtectionPolicy ( =20 /** Remove exec permissions from all regions whose type is identified by - PcdDxeNxMemoryProtectionPolicy. + the DXE Execution Protection Policy. **/ STATIC VOID @@ -827,7 +833,7 @@ InitializeDxeNxMemoryProtectionPolicy ( ASSERT_EFI_ERROR (Status); =20 StackBase =3D 0; - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { // // Get the base of stack from Hob. // @@ -885,7 +891,7 @@ InitializeDxeNxMemoryProtectionPolicy ( // enabled. // if ((MemoryMapEntry->PhysicalStart =3D=3D 0) && - (PcdGet8 (PcdNullPointerDetectionPropertyMask) !=3D 0)) + (gMps.Dxe.NullPointerDetection.Enabled)) { ASSERT (MemoryMapEntry->NumberOfPages > 0); SetUefiImageMemoryAttributes ( @@ -903,7 +909,7 @@ InitializeDxeNxMemoryProtectionPolicy ( ((StackBase >=3D MemoryMapEntry->PhysicalStart) && (StackBase < MemoryMapEntry->PhysicalStart + LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT))) && - PcdGetBool (PcdCpuStackGuard)) + gMps.Dxe.CpuStackGuardEnabled) { SetUefiImageMemoryAttributes ( StackBase, @@ -1024,7 +1030,7 @@ MemoryProtectionCpuArchProtocolNotify ( // // Apply the memory protection policy on non-BScode/RTcode regions. // - if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) !=3D 0) { + if (IS_DXE_EXECUTION_PROTECTION_ACTIVE) { InitializeDxeNxMemoryProtectionPolicy (); } =20 @@ -1036,7 +1042,7 @@ MemoryProtectionCpuArchProtocolNotify ( // Mark the HOB list XP and RO. ProtectHobList (); =20 - if (mImageProtectionPolicy =3D=3D 0) { + if (!IS_DXE_IMAGE_PROTECTION_ACTIVE) { goto Done; } =20 @@ -1099,7 +1105,7 @@ MemoryProtectionExitBootServicesCallback ( // delay setting protections on RT code pages until after SetVirtualAddr= essMap(). // OS may set protection on RT based upon EFI_MEMORY_ATTRIBUTES_TABLE la= ter. // - if (mImageProtectionPolicy !=3D 0) { + if (IS_DXE_IMAGE_PROTECTION_ACTIVE) { for (Link =3D gRuntime->ImageHead.ForwardLink; Link !=3D &gRuntime->Im= ageHead; Link =3D Link->ForwardLink) { RuntimeImage =3D BASE_CR (Link, EFI_RUNTIME_IMAGE_ENTRY, Link); SetUefiImageMemoryAttributes ((UINT64)(UINTN)RuntimeImage->ImageBase= , ALIGN_VALUE (RuntimeImage->ImageSize, EFI_PAGE_SIZE), 0); @@ -1173,19 +1179,20 @@ CoreInitializeMemoryProtection ( EFI_EVENT EndOfDxeEvent; VOID *Registration; =20 - mImageProtectionPolicy =3D PcdGet32 (PcdImageProtectionPolicy); + mIsExecutionProtectionActive =3D IS_DXE_EXECUTION_PROTECTION_ACTIVE; + mIsPageOrPoolGuardActive =3D IS_DXE_PAGE_GUARD_ACTIVE || IS_DXE_POOL= _GUARD_ACTIVE; =20 InitializeListHead (&mProtectedImageRecordList); =20 // - // Sanity check the PcdDxeNxMemoryProtectionPolicy setting: + // Sanity check the DXE NX protection policy setting: // - code regions should have no EFI_MEMORY_XP attribute // - EfiConventionalMemory and EfiBootServicesData should use the // same attribute // - ASSERT ((GetPermissionAttributeForMemoryType (EfiBootServicesCode) & EFI= _MEMORY_XP) =3D=3D 0); - ASSERT ((GetPermissionAttributeForMemoryType (EfiRuntimeServicesCode) & = EFI_MEMORY_XP) =3D=3D 0); - ASSERT ((GetPermissionAttributeForMemoryType (EfiLoaderCode) & EFI_MEMOR= Y_XP) =3D=3D 0); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiLoaderCode]); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiBootServicesCode= ]); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiRuntimeServicesC= ode]); ASSERT ( GetPermissionAttributeForMemoryType (EfiBootServicesData) =3D=3D GetPermissionAttributeForMemoryType (EfiConventionalMemory) @@ -1213,9 +1220,7 @@ CoreInitializeMemoryProtection ( // // Register a callback to disable NULL pointer detection at EndOfDxe // - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7)) - =3D=3D (BIT0|BIT7)) - { + if (gMps.Dxe.NullPointerDetection.Enabled && gMps.Dxe.NullPointerDetecti= on.DisableEndOfDxe) { Status =3D CoreCreateEventEx ( EVT_NOTIFY_SIGNAL, TPL_NOTIFY, @@ -1279,7 +1284,7 @@ ApplyMemoryProtectionPolicy ( UINT64 NewAttributes; =20 // - // The policy configured in PcdDxeNxMemoryProtectionPolicy + // The policy configured in DXE Execution Protection Policy // does not apply to allocations performed in SMM mode. // if (IsInSmm ()) { @@ -1298,7 +1303,7 @@ ApplyMemoryProtectionPolicy ( // // Check if a DXE memory protection policy has been configured // - if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) =3D=3D 0) { + if (!mIsExecutionProtectionActive) { return EFI_SUCCESS; } =20 @@ -1306,7 +1311,7 @@ ApplyMemoryProtectionPolicy ( // Don't overwrite Guard pages, which should be the first and/or last pa= ge, // if any. // - if (IsHeapGuardEnabled (GUARD_HEAP_TYPE_PAGE|GUARD_HEAP_TYPE_POOL)) { + if (mIsPageOrPoolGuardActive) { if (IsGuardPage (Memory)) { Memory +=3D EFI_PAGE_SIZE; Length -=3D EFI_PAGE_SIZE; diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c b/MdeModulePkg/Core/Pi= SmmCore/HeapGuard.c index 25310122ca1b..eac38e699c30 100644 --- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c +++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c @@ -592,36 +592,29 @@ IsMemoryTypeToGuard ( IN UINT8 PageOrPool ) { - UINT64 TestBit; UINT64 ConfigBit; =20 - if ( ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) =3D=3D 0) + ConfigBit =3D gMps.Mm.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAGE= : 0; + ConfigBit |=3D gMps.Mm.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POOL= : 0; + + if ( ((ConfigBit & PageOrPool) =3D=3D 0) || mOnGuarding || (AllocateType =3D=3D AllocateAddress)) { return FALSE; } =20 - ConfigBit =3D 0; - if ((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) { - ConfigBit |=3D PcdGet64 (PcdHeapGuardPoolType); - } - - if ((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) { - ConfigBit |=3D PcdGet64 (PcdHeapGuardPageType); - } - if ((MemoryType =3D=3D EfiRuntimeServicesData) || (MemoryType =3D=3D EfiRuntimeServicesCode)) { - TestBit =3D LShiftU64 (1, MemoryType); + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && gMps.Mm.PageGu= ard.EnabledForType[MemoryType]) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && gMps.Mm.PoolGu= ard.EnabledForType[MemoryType]); } else if (MemoryType =3D=3D EfiMaxMemoryType) { - TestBit =3D (UINT64)-1; - } else { - TestBit =3D 0; + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && IS_MM_PAGE_GUA= RD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && IS_MM_POOL_GUA= RD_ACTIVE); } =20 - return ((ConfigBit & TestBit) !=3D 0); + return FALSE; } =20 /** @@ -951,7 +944,7 @@ AdjustPoolHeadA ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // @@ -977,7 +970,7 @@ AdjustPoolHeadF ( IN EFI_PHYSICAL_ADDRESS Memory ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // diff --git a/MdeModulePkg/Core/PiSmmCore/Pool.c b/MdeModulePkg/Core/PiSmmCo= re/Pool.c index e1ff40a8ea55..991efaf33bdd 100644 --- a/MdeModulePkg/Core/PiSmmCore/Pool.c +++ b/MdeModulePkg/Core/PiSmmCore/Pool.c @@ -258,7 +258,7 @@ SmmInternalAllocatePool ( =20 NeedGuard =3D IsPoolTypeToGuard (PoolType); HasPoolTail =3D !(NeedGuard && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Mm.HeapGuard.GuardAlignedToTail); =20 // // Adjust the size by the pool header & tail overhead @@ -392,7 +392,7 @@ SmmInternalFreePool ( MemoryGuarded =3D IsHeapGuardEnabled () && IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)FreePoolHd= r); HasPoolTail =3D !(MemoryGuarded && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Mm.HeapGuard.GuardAlignedToTail); =20 if (HasPoolTail) { PoolTail =3D HEAD_TO_TAIL (&FreePoolHdr->Header); diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMai= n.h index 43daa037be44..8b8b97666f38 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -84,6 +84,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 // // attributes for reserved memory before it is promoted to system memory diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 6c896a0e7f0f..ddbbee5f68ce 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -94,6 +94,7 @@ [LibraryClasses] DebugAgentLib CpuExceptionHandlerLib PcdLib + GetMemoryProtectionsLib =20 [Guids] gEfiEventMemoryMapChangeGuid ## PRODUCES ##= Event @@ -179,13 +180,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileMemoryType = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth = ## CONSUMES gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel = ## CONSUMES =20 diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h b/MdeModulePkg/Core/Pi= SmmCore/PiSmmCore.h index b8a490a8c3b5..2fabed0670e0 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h @@ -55,6 +55,7 @@ #include #include #include +#include =20 #include "PiSmmCorePrivateData.h" #include "HeapGuard.h" diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf b/MdeModulePkg/Core/= PiSmmCore/PiSmmCore.inf index 3df44b38f13c..4586ec39d7c7 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf @@ -61,6 +61,7 @@ [LibraryClasses] HobLib SmmMemLib SafeIntLib + GetMemoryProtectionsLib =20 [Protocols] gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerR= egister @@ -94,9 +95,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdSmiHandlerProfilePropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ##= CONSUMES =20 [Guids] --=20 2.42.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108173): https://edk2.groups.io/g/devel/message/108173 Mute This Topic: https://groups.io/mt/101064093/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-