From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108863+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108863+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171487; cv=none; d=zohomail.com; s=zohoarc; b=RPeOyWJfJAR/1UwUHDwrs4hE3ejbfP48rd80eeVpjlcaJie9H6aRZ/TXOI2ry0Dx0QP3rB1nfBg81lwIKQYbnuR0m3FczbGW1qcBxzL4LxMMrFZMysrHaYsCt7IwE+y+9YToN54zqrA/JjduDRJDKgCLTehyhJHF7HBFXSFFqZU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171487; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=iOXhtxULsYKFXemKxwI058qwgC1t1xhKFOwESUGCWic=; b=V34IeMoihY7H5P3b+Z6dfV/SOS1gIIzYnn6iSwnoAb8/8fNB2U6pkXSgQc5hDXWznf5ehWZCO6Oxi+NlEx6vJVZP7DHlhe073C6ta/oReYA4ASKyqy8pn0z3vG5bBh5kAuYZuehkOgLwcEMx3Y0umP3DrpiXNgtS6z/fzu0BiBg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108863+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171487503171.38630918806894; Tue, 19 Sep 2023 17:58:07 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=WNx/0RGKapNPuK9/9DHhStEymMqxhcoOFJhlcBCF+zQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171487; v=1; b=aHctFXBD4d3cqMf8g2eFHkrxP1W+fMhBLS8YEN9MVg8wLMre2umEohwW03OTsmE8yYGIsh/t ItmRwxvjrx0H1klPQFoTPSW05+RKabiLMZHM/dFAVw5ux49KwWwHJWPWSB7Esfw1l7FsdjJQQql +yIjljYTzOHIlHyuGUpU73v0= X-Received: by 127.0.0.2 with SMTP id cKw3YY1788612xfJ7wgGagcV; Tue, 19 Sep 2023 17:58:07 -0700 X-Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web11.26914.1695171486290433260 for ; Tue, 19 Sep 2023 17:58:06 -0700 X-Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1c1ff5b741cso58993875ad.2 for ; Tue, 19 Sep 2023 17:58:06 -0700 (PDT) X-Gm-Message-State: azugiwscN7NDmAXkrZVDYZbyx1787277AA= X-Google-Smtp-Source: AGHT+IE6m9HRwRi1rrgoXHuCuPHDA2jFvZvNKj891QwuTTA7/6aALoV9kUsMXy1GC2A+yaano9zEbw== X-Received: by 2002:a17:902:d4d0:b0:1c4:636:51ef with SMTP id o16-20020a170902d4d000b001c4063651efmr1133155plg.30.1695171485388; Tue, 19 Sep 2023 17:58:05 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:05 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 01/28] MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions Date: Tue, 19 Sep 2023 17:57:24 -0700 Message-ID: <20230920005752.2041-2-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171487966100005 Content-Type: text/plain; charset="utf-8" These headers provide settings definitions for memory protections, settings profiles for easily enabling memory protections, and the GUIDs used for producing the memory protection HOB entry. The settings options are functionally 1:1 with the existing PCD bitfield definitions. Instead of setting a fixed at build PCD, memory protections will be set via a HOB at runtime. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/Include/Guid/MemoryProtectionSettings.h | 216 +++++++++++++++= +++++ MdeModulePkg/MdeModulePkg.dec | 5 + 2 files changed, 221 insertions(+) diff --git a/MdeModulePkg/Include/Guid/MemoryProtectionSettings.h b/MdeModu= lePkg/Include/Guid/MemoryProtectionSettings.h new file mode 100644 index 000000000000..889e87011fbf --- /dev/null +++ b/MdeModulePkg/Include/Guid/MemoryProtectionSettings.h @@ -0,0 +1,216 @@ +/** @file +Defines memory protection settings guid and struct for DXE and MM. + +Copyright (C) Microsoft Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef MEMORY_PROTECTION_SETTINGS_H_ +#define MEMORY_PROTECTION_SETTINGS_H_ + +#define OEM_RESERVED_MPS_MEMORY_TYPE EfiMaxMemoryType +#define OS_RESERVED_MPS_MEMORY_TYPE (EfiMaxMemoryType + 1) +#define MAX_MPS_MEMORY_TYPE (EfiMaxMemoryType + 2) +#define MPS_MEMORY_TYPE_BUFFER_SIZE (MAX_MPS_MEMORY_TYPE * sizeof (BOOLE= AN)) + +// Current DXE iteration of MEMORY_PROTECTION_SETTINGS +#define DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION 1 + +// Current MM iteration of MEMORY_PROTECTION_SETTINGS +#define MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION 1 + +#define DXE_MEMORY_PROTECTION_SIGNATURE SIGNATURE_32('D', 'M', 'P', 'S') +#define MM_MEMORY_PROTECTION_SIGNATURE SIGNATURE_32('M', 'M', 'P', 'S') + +typedef UINT8 MEMORY_PROTECTION_SETTINGS_VERSION; +typedef UINT32 MEMORY_PROTECTION_SETTINGS_SIGNATURE; + +typedef struct { + BOOLEAN Enabled : 1; + BOOLEAN DisableEndOfDxe : 1; + BOOLEAN NonstopModeEnabled : 1; +} DXE_NULL_DETECTION_POLICY; + +typedef struct { + BOOLEAN ProtectImageFromUnknown : 1; + BOOLEAN ProtectImageFromFv : 1; +} DXE_IMAGE_PROTECTION_POLICY; + +typedef struct { + BOOLEAN PageGuardEnabled : 1; + BOOLEAN PoolGuardEnabled : 1; + BOOLEAN FreedMemoryGuardEnabled : 1; + BOOLEAN NonstopModeEnabled : 1; + BOOLEAN GuardAlignedToTail : 1; +} DXE_HEAP_GUARD_POLICY; + +typedef struct { + BOOLEAN Enabled : 1; + BOOLEAN NonstopModeEnabled : 1; +} MM_NULL_DETECTION_POLICY; + +typedef struct { + BOOLEAN PageGuardEnabled : 1; + BOOLEAN PoolGuardEnabled : 1; + BOOLEAN NonstopModeEnabled : 1; + BOOLEAN GuardAlignedToTail : 1; +} MM_HEAP_GUARD_POLICY; + +typedef struct { + BOOLEAN EnabledForType[MAX_MPS_MEMORY_TYPE]; +} MPS_MEMORY_TYPES; + +// +// Memory Protection Settings struct +// +typedef struct { + // This signature is used to identify the memory protection settings str= ucture. + MEMORY_PROTECTION_SETTINGS_SIGNATURE Signature; + + // The current version of the structure definition. This is used to ensu= re there isn't a + // definition mismatch if modules have differing iterations of this head= er. When creating + // this struct, use the DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION m= acro. + MEMORY_PROTECTION_SETTINGS_VERSION StructVersion; + + // If enabled, the page at the top of the stack will be invalidated to c= atch stack overflow. + BOOLEAN CpuStackGuardEnabled; + + // If enabled, the stack will be marked non-executable. + BOOLEAN StackExecutionProtectionEnabled; + + // If enabled, accessing the NULL address in UEFI will be caught by mark= ing + // the NULL page as not present. + // .NullDetectionEnabled : Enable NULL pointer detection. + // .DisableEndOfDxe : Disable NULL pointer detection just afte= r EndOfDxe. + // This is a workaround for those unsolvabl= e NULL access issues in + // OptionROM, boot loader, etc. It can also= help to avoid unnecessary + // exception caused by legacy memory (0-409= 5) access after EndOfDxe, + // such as Windows 7 boot on Qemu. + // .NonstopModeEnabled : If enabled the debug flag will be raised= when a fault occurs + // to break into debugger. + DXE_NULL_DETECTION_POLICY NullPointerDetection; + + // Set image protection policy. + // + // .ProtectImageFromUnknown : If set, images from unknown devi= ces will be protected by + // DxeCore if they are aligned. The= code section becomes + // read-only, and the data section = becomes non-executable. + // .ProtectImageFromFv : If set, images from firmware vol= umes will be protected by + // DxeCore if they are aligned. The= code section becomes + // read-only, and the data section = becomes non-executable. + DXE_IMAGE_PROTECTION_POLICY ImageProtection; + + // If a bit is set, memory regions of the associated type will be mapped= non-executable. + // + // The execution protection setting for EfiBootServicesData and EfiConve= ntionalMemory must + // be the same. + MPS_MEMORY_TYPES ExecutionProtection; + + // Configures general heap guard behavior. + // + // .PageGuardEnabled : Enable page guard. + // .PoolGuardEnabled : Enable pool guard. + // .FreedMemoryGuardEnabled : Enable freed-memory guard (Use-After-Fre= e memory detection). + // .NonstopModeEnabled : If enabled the debug flag will be raised= when a fault occurs + // to break into debugger. + // .GuardAlignedToTail : TRUE if the pool is aligned to tail guar= d page. If FALSE, the + // pool is aligned to head guard page. + // + // Note: + // a) Due to the limit of pool memory implementation and the alignment + // requirement of UEFI spec, HeapGuard.GuardAlignedToTail is a try-b= est + // setting which cannot guarantee that the returned pool is exactly + // adjacent to head or tail guard page. + // b) Freed-memory guard and pool/page guard cannot be enabled + // at the same time. + DXE_HEAP_GUARD_POLICY HeapGuard; + + // Indicates which type allocation need guard page. + // + // If bit is set, a head guard page and a tail guard page will be added = just + // before and after corresponding type of pages which the allocated pool= occupies, + // if there's enough free memory for all of them. + // + // These settings are only valid if HeapGuard.PoolGuardEnabled is TRUE. + MPS_MEMORY_TYPES PoolGuard; + + // Indicates which type allocation need guard page. + // + // If a bit is set, a head guard page and a tail guard page will be adde= d just + // before and after corresponding type of pages allocated if there's eno= ugh + // free pages for all of them. + // + // These settings are only valid if HeapGuard.PageGuardEnabled is TRUE. + MPS_MEMORY_TYPES PageGuard; +} DXE_MEMORY_PROTECTION_SETTINGS; + +// +// Memory Protection Settings struct +// +typedef struct { + // This signature is used to identify the memory protection settings str= ucture. + MEMORY_PROTECTION_SETTINGS_SIGNATURE Signature; + + // The current version of the structure definition. This is used to ensu= re there isn't a + // definition mismatch if modules have differing iterations of this head= er. When creating + // this struct, use the MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION ma= cro. + MEMORY_PROTECTION_SETTINGS_VERSION StructVersion; + + // If enabled, accessing the NULL address in MM will be caught by marking + // the NULL page as not present. + // .NullDetectionEnabled : Enable NULL pointer detection. + // .NonstopModeEnabled : If enabled the debug flag will be raised= when a fault occurs + // to break into debugger. + MM_NULL_DETECTION_POLICY NullPointerDetection; + + // Configures general heap guard behavior. + // + // Note: + // a) Due to the limit of pool memory implementation and the alignment + // requirement of UEFI spec, HeapGuard.GuardAlignedToTail is a try-b= est + // setting which cannot guarantee that the returned pool is exactly + // adjacent to head or tail guard page. + // + // .PageGuardEnabled : Enable page guard. + // .PoolGuardEnabled : Enable pool guard. + // .NonstopModeEnabled : If enabled the debug flag will be raise= d when a fault occurs + // to break into debugger. + // .GuardAlignedToTail : TRUE if the pool is aligned to tail gua= rd page. If FALSE, the + // pool is aligned to head guard page. + MM_HEAP_GUARD_POLICY HeapGuard; + + // Indicates which type allocation need guard page. + // + // If bit is set, a head guard page and a tail guard page will be added = just + // before and after corresponding type of pages which the allocated pool= occupies, + // if there's enough free memory for all of them. + // + // These settings are only valid if PoolGuardEnabled is TRUE in HeapGuar= d. + MPS_MEMORY_TYPES PoolGuard; + + // Indicates which type allocation need guard page. + // + // If a bit is set, a head guard page and a tail guard page will be adde= d just + // before and after corresponding type of pages allocated if there's eno= ugh + // free pages for all of them. + // + // This bitfield is only valid if PageGuardEnabled is TRUE in HeapGuard. + MPS_MEMORY_TYPES PageGuard; +} MM_MEMORY_PROTECTION_SETTINGS; + +typedef struct { + // The memory protection settings in the SMM and Standalone MM environme= nt + MM_MEMORY_PROTECTION_SETTINGS Mm; + // The memory protection settings in the DXE environment + DXE_MEMORY_PROTECTION_SETTINGS Dxe; +} MEMORY_PROTECTION_SETTINGS; + +#define MEMORY_PROTECTION_SETTINGS_GUID \ + { \ + { 0x9ABFD639, 0xD1D0, 0x4EFF, { 0xBD, 0xB6, 0x7E, 0xC4, 0x19, 0x0D, 0x= 17, 0xD5 } } \ + } + +extern GUID gMemoryProtectionSettingsGuid; + +#endif diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index dd182c02fdf6..5e1a0388bed3 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -399,6 +399,11 @@ [Guids] ## Include/Guid/EndofS3Resume.h gEdkiiEndOfS3ResumeGuid =3D { 0x96f5296d, 0x05f7, 0x4f3c, {0x84, 0x67, 0= xe4, 0x56, 0x89, 0x0e, 0x0c, 0xb5 } } =20 + ## Memory Protection Settings Guid. Used to create and fetch the memory = protection settings HOB entry. + # + # Include/Guid/MemoryProtectionSettings + gMemoryProtectionSettingsGuid =3D { 0x9ABFD639, 0xD1D0, 0x4EFF, { 0xBD, = 0xB6, 0x7E, 0xC4, 0x19, 0x0D, 0x17, 0xD5 }} + ## Used (similar to Variable Services) to communicate policies to the en= forcement engine. # {DA1B0D11-D1A7-46C4-9DC9-F3714875C6EB} gVarCheckPolicyLibMmiHandlerGuid =3D { 0xda1b0d11, 0xd1a7, 0x46c4, { 0x9= d, 0xc9, 0xf3, 0x71, 0x48, 0x75, 0xc6, 0xeb }} --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108863): https://edk2.groups.io/g/devel/message/108863 Mute This Topic: https://groups.io/mt/101469938/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108864+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108864+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171487; cv=none; d=zohomail.com; s=zohoarc; b=eoaOsCdfDS+Vd2wYF9CBEPb6NkPLzVEkCOERhhPf82o7A+cmpeFdhQ0qqM8O2bzG1uG+IReJTsPR1ZwPnNm1acB8yvR260buN8zmFzv8Klffa/L/LHPBmerc7zSPTAu9CiIYa5J19Xlm1z7fmbsrxoXgM85ZeKHIoZzieqbzZDk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171487; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=F60JSBsPL6vlAdKIx1K4+8tTQiSWYO63T+MnhLNaC1I=; b=jc++wwe47bBs86nH5xm2j6/GuljV07fN/8xVSscC9ZVFbISnZBlxjgzTIDNihphDgG/EQthDkSRWT6vjs6awFnlQVhEHzTvyFNPy2F1GzF4lQbMiacF/0V/9q1jKgV4dKBKvdAzwyWUXkv3bV4F4954MUt7lVJlDQD7MrYyAMRI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108864+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171487618222.04970974756304; Tue, 19 Sep 2023 17:58:07 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=4vr5c1t69xsBXWDQYLoElz7CuDiZh86ZwuWw5ntmar4=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171487; v=1; b=vRccn8n9tfmBy6wP4P7WWLChlmXrRhwnsYuPE+4mUokt9P+5MQOBp1bHEZdgKlVFPVORX5fJ GDbHLTTC1eI5AbDF8DLmFkLIiwc3vGd4B2BfFcUSzM6SwVf+RwC38Q21fig581mV0uldyHxBxp6 yQeuSoQJcwfHDPdUe8l14TJQ= X-Received: by 127.0.0.2 with SMTP id w7PgYY1788612x1O2eTCE0jU; Tue, 19 Sep 2023 17:58:07 -0700 X-Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com [209.85.215.182]) by mx.groups.io with SMTP id smtpd.web11.26915.1695171486818405766 for ; Tue, 19 Sep 2023 17:58:06 -0700 X-Received: by mail-pg1-f182.google.com with SMTP id 41be03b00d2f7-573e67cc6eeso4852944a12.2 for ; Tue, 19 Sep 2023 17:58:06 -0700 (PDT) X-Gm-Message-State: MUog4JufKQJUmE8SrMFp4T72x1787277AA= X-Google-Smtp-Source: AGHT+IG+kMAt8F6p3TZSP5YUACBfWtu+6AzipMxkr0Y1aUn6TSjTeQKGNHIbEGAE+fluitHV/FZeBw== X-Received: by 2002:a05:6a21:271c:b0:14c:c393:402d with SMTP id rm28-20020a056a21271c00b0014cc393402dmr893483pzb.34.1695171485924; Tue, 19 Sep 2023 17:58:05 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:05 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 02/28] MdeModulePkg: Define SetMemoryProtectionsLib and GetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:25 -0700 Message-ID: <20230920005752.2041-3-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171489439100009 Content-Type: text/plain; charset="utf-8" SetMemoryProtectionsLib is a PEIM which allows platforms to apply memory protection settings to the current boot. GetMemoryProtectionsLib has DXE and MM implementations to allow platforms to query the current memory protection settings via a global variable populated by the library Implementations. The global variable is a union of the MM and DXE settings. the DXE struct is only valid in a DXE module and the MM struct is only valid in an SMM or Stanalone MM module. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h | 83 +++++++++++ MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h | 152 +++++++++++++= +++++++ MdeModulePkg/MdeModulePkg.dec | 8 ++ 3 files changed, 243 insertions(+) diff --git a/MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h b/MdeMo= dulePkg/Include/Library/GetMemoryProtectionsLib.h new file mode 100644 index 000000000000..c8f7084e9c80 --- /dev/null +++ b/MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h @@ -0,0 +1,83 @@ +/** @file +Library for accessing the platform memory protection settings. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef GET_MEMORY_PROTECTION_SETTINGS_LIB_H_ +#define GET_MEMORY_PROTECTION_SETTINGS_LIB_H_ + +#include +#include + +#pragma pack(1) + +typedef union { + DXE_MEMORY_PROTECTION_SETTINGS Dxe; + MM_MEMORY_PROTECTION_SETTINGS Mm; +} MEMORY_PROTECTION_SETTINGS_UNION; + +#pragma pack() + +// The global used to access current Memory Protection Settings +extern MEMORY_PROTECTION_SETTINGS_UNION gMps; + +#define MPS_IS_DXE_SIGNATURE_VALID (gMps.Dxe.Signature =3D=3D DXE_MEMORY_= PROTECTION_SIGNATURE) +#define MPS_IS_MM_SIGNATURE_VALID (gMps.Mm.Signature =3D=3D MM_MEMORY_PR= OTECTION_SIGNATURE) + +#define IS_DXE_PAGE_GUARD_ACTIVE (MPS_IS_DXE_SIGNATURE_VALID = && \ + !IsZeroBuffer (&gMps.Dxe.PageGuard.Enabl= edForType, MPS_MEMORY_TYPE_BUFFER_SIZE) && \ + gMps.Dxe.HeapGuard.PageGuardEnabled) + +#define IS_DXE_POOL_GUARD_ACTIVE (MPS_IS_DXE_SIGNATURE_VALID = && \ + !IsZeroBuffer (&gMps.Dxe.PoolGuard.Enabl= edForType, MPS_MEMORY_TYPE_BUFFER_SIZE) && \ + gMps.Dxe.HeapGuard.PoolGuardEnabled) + +#define IS_DXE_EXECUTION_PROTECTION_ACTIVE (MPS_IS_DXE_SIGNATURE_VALID = && \ + !IsZeroBuffer (&gMps.Dxe.Execu= tionProtection.EnabledForType, MPS_MEMORY_TYPE_BUFFER_SIZE)) + +#define IS_DXE_IMAGE_PROTECTION_ACTIVE (MPS_IS_DXE_SIGNATURE_VALID = && \ + (gMps.Dxe.ImageProtection.ProtectI= mageFromFv || \ + gMps.Dxe.ImageProtection.ProtectI= mageFromUnknown)) + +#define IS_DXE_MEMORY_PROTECTION_ACTIVE (MPS_IS_DXE_SIGNATURE_VALID = && \ + (IS_DXE_PAGE_GUARD_ACTIVE = || \ + IS_DXE_POOL_GUARD_ACTIVE = || \ + IS_DXE_EXECUTION_PROTECTION_ACTI= VE || \ + IS_DXE_IMAGE_PROTECTION_ACTIVE = || \ + gMps.Dxe.CpuStackGuardEnabled = || \ + gMps.Dxe.StackExecutionProtectio= nEnabled || \ + gMps.Dxe.NullPointerDetection.En= abled || \ + gMps.Dxe.HeapGuard.FreedMemoryGu= ardEnabled)) + +#define IS_MM_PAGE_GUARD_ACTIVE (MPS_IS_MM_SIGNATURE_VALID = && \ + gMps.Mm.HeapGuard.PageGuardEnabled = && \ + !IsZeroBuffer (&gMps.Mm.PageGuard.Enabl= edForType, MPS_MEMORY_TYPE_BUFFER_SIZE)) + +#define IS_MM_POOL_GUARD_ACTIVE (MPS_IS_MM_SIGNATURE_VALID = && \ + gMps.Mm.HeapGuard.PoolGuardEnabled = && \ + !IsZeroBuffer (&gMps.Mm.PoolGuard.Enable= dForType, MPS_MEMORY_TYPE_BUFFER_SIZE)) + +#define IS_MM_MEMORY_PROTECTION_ACTIVE (MPS_IS_MM_SIGNATURE_VALID = && \ + (IS_MM_PAGE_GUARD_ACTIVE = || \ + IS_MM_POOL_GUARD_ACTIVE = || \ + gMps.Mm.NullPointerDetection.Enab= led)); + +/** + Populates gMps global. This function is invoked by the library construct= or and only needs to be + called if library contructors have not yet been invoked. + + @retval EFI_SUCCESS gMps global was populated. + @retval EFI_NOT_FOUND The gMemoryProtectionSettingsGuid HOB was not = found. + @retval EFI_ABORTED The version number of the DXE or MM memory pro= tection settings was invalid. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +PopulateMpsGlobal ( + VOID + ); + +#endif diff --git a/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h b/MdeMo= dulePkg/Include/Library/SetMemoryProtectionsLib.h new file mode 100644 index 000000000000..023c987c3c7e --- /dev/null +++ b/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h @@ -0,0 +1,152 @@ +/** @file +Library for creating the MM and DXE memory protection HOB entries. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef SET_MEMORY_PROTECTION_SETTINGS_LIB_H_ +#define SET_MEMORY_PROTECTION_SETTINGS_LIB_H_ + +#include + +typedef struct { + CHAR8 *Name; + CHAR8 *Description; + DXE_MEMORY_PROTECTION_SETTINGS Settings; +} DXE_MEMORY_PROTECTION_PROFILES; + +typedef enum { + DxeMemoryProtectionSettingsPcd, + DxeMemoryProtectionSettingsMax +} DXE_MEMORY_PROTECTION_PROFILE_INDEX; + +typedef struct { + CHAR8 *Name; + CHAR8 *Description; + MM_MEMORY_PROTECTION_SETTINGS Settings; +} MM_MEMORY_PROTECTION_PROFILES; + +typedef enum { + MmMemoryProtectionSettingsPcd, + MmMemoryProtectionSettingsMax +} MM_MEMORY_PROTECTION_PROFILE_INDEX; + +extern DXE_MEMORY_PROTECTION_PROFILES DxeMemoryProtectionProfiles[DxeMemo= ryProtectionSettingsMax]; +extern MM_MEMORY_PROTECTION_PROFILES MmMemoryProtectionProfiles[MmMemory= ProtectionSettingsMax]; + +/** + Prevent further changes to the memory protection settings via this + library API. + + @retval EFI_SUCCESS The memory protection settings are locked. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +LockMemoryProtectionSettings ( + VOID + ); + +/** + Sets the DXE memory protection settings. If DxeMps is NULL, the settings= will be set based + on ProfileIndex. + + @param[in] DxeMps Pointer to the memory protection settings to pu= blish. If NULL, the + settings will be created based on ProfileIndex. + @param[in] ProfileIndex The index of the memory protection profile to u= se if DxeMps is NULL. + + @retval EFI_SUCCESS The memory protection HOB was successfully= created. + @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the versio= n number of the + input DxeMps was not equal to the version = currently present + in the settings. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_ACCESS_DENIED The memory protection settings are locked. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +SetDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps OPTIONAL, + IN DXE_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex + ); + +/** + Sets the MM memory protection HOB entry. If MmMps is NULL, the settings = will be set based + on ProfileIndex. + + @param[in] MmMps Pointer to the memory protection settings to pu= blish. If NULL, the + settings will be created based on ProfileIndex. + @param[in] ProfileIndex The index of the memory protection profile to u= se if MmMps is NULL. + + @retval EFI_SUCCESS The memory protection HOB was successfully= created. + @retval EFI_OUT_OF_RESOURCES There was insufficient memory to create th= e HOB. + @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the versio= n number of the + input MmMps was not equal to the version c= urrently present + in the settings. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_ACCESS_DENIED The memory protection settings are locked. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +SetMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmMps OPTIONAL, + IN MM_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex + ); + +/** + Copies the current memory protection settings into the input buffer. + + NOTE: The returned settings may not be the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @param[out] Mps The memory protection settings pointer to populate. + + @retval EFI_SUCCESS The memory protection settings were copied + into the input buffer. + @retval EFI_INVALID_PARAMETER Mps was NULL. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +GetCurrentMemoryProtectionSettings ( + OUT MEMORY_PROTECTION_SETTINGS *Mps + ); + +/** + Returns TRUE any form of DXE memory protection is currently active. + + NOTE: The returned value may reflect the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @retval TRUE DXE Memory protection is active. + @retval FALSE DXE Memory protection is not active. +**/ +BOOLEAN +EFIAPI +IsDxeMemoryProtectionActive ( + VOID + ); + +/** + Returns TRUE any form of MM memory protection is currently active. + + NOTE: The returned value may reflect the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @retval TRUE MM Memory protection is active. + @retval FALSE MM Memory protection is not active. +**/ +BOOLEAN +EFIAPI +IsMmMemoryProtectionActive ( + VOID + ); + +#endif diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 5e1a0388bed3..6ad0902a1bff 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -164,6 +164,14 @@ [LibraryClasses] # VariableFlashInfoLib|Include/Library/VariableFlashInfoLib.h =20 + ## @libraryclass Provides a global for consuming memory protection setti= ngs + # + GetMemoryProtectionsLib|Include/Library/GetMemoryProtectionsLib.h + + ## @libraryclass Library for creating the memory protection settings HOB + # + SetMemoryProtectionsLib|Include/Library/SetMemoryProtectionsLib.h + [Guids] ## MdeModule package token space guid # Include/Guid/MdeModulePkgTokenSpace.h --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108864): https://edk2.groups.io/g/devel/message/108864 Mute This Topic: https://groups.io/mt/101469939/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108865+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108865+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171488; cv=none; d=zohomail.com; s=zohoarc; b=Yw0hIQwUbC+p3qRFe0YYbGkYxIGc8yMBiqa0yldhZ6CZDGgSBkr6ndLM/IbxhLSWYY5xQEvIHTZZRIg61QEIuxJulbO0bLensPdoW/4g1vE0Fo3FdU26qMY/mJBMZLfwIBn4CyYGdjQvj5tgqPah+a0eDESJzVnlugO557zxk5A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171488; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=bk3TpA0bRq04hs7i9iKbUa2p9hgyKf+YlvhJDIdN0xU=; b=C79CpysADaCCwP6b0FlpukCrxKUobqOGIJSoql0nyP8/DIHVwzHf/uHqBhe+SaugAiBSO58FV4zTfH/eUtXsrZ96x/07+yiqNMVwdlX04hqts274UotZKtBEvyck70zOOE3iUiKQyEX40OUcKRuCQPjSj1Z6yPQmBK8eShvbJ2g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108865+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 169517148824320.92736284594025; Tue, 19 Sep 2023 17:58:08 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=si0MfJNM3Wo4G4KcR5TBqEh8JclCayU6SC7Bd+96DnQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171487; v=1; b=wDuzCAwGSI2PJP9zRwe/QMbD2HncELE9xQLJ4KHbGssdgYrgI/Zt/iTZ7I+FYLCB6vii90uP 74oXl0jj/rrpA+LnbKlN0+uQzKF7kyFZl+Gk2znKSK7BAPjFv0MFNwfc4HA0gNcSebl3nfgvE8W 5TgPJPO13zb1Fx0CELV6Roe8= X-Received: by 127.0.0.2 with SMTP id TyPJYY1788612xh8e5XUPEcQ; Tue, 19 Sep 2023 17:58:07 -0700 X-Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web11.26916.1695171487283380486 for ; Tue, 19 Sep 2023 17:58:07 -0700 X-Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-68fb6fd2836so5790395b3a.0 for ; Tue, 19 Sep 2023 17:58:07 -0700 (PDT) X-Gm-Message-State: ekUaFBBmCIPNWlTPOE3aKeKfx1787277AA= X-Google-Smtp-Source: AGHT+IGbUetmd9khbKLylQMHN/HGDDBHgSRt9+zyb1q/Fwh48Iy6NMh9RAEopLTonX7iehWVBYG7uA== X-Received: by 2002:a05:6a21:99a6:b0:134:4f86:7990 with SMTP id ve38-20020a056a2199a600b001344f867990mr1384171pzb.3.1695171486431; Tue, 19 Sep 2023 17:58:06 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:06 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 03/28] MdeModulePkg: Add NULL Instances for Get/SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:26 -0700 Message-ID: <20230920005752.2041-4-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171489947100017 Content-Type: text/plain; charset="utf-8" The NULL instances for GetMemoryProtectionsLib and SetMemoryProtectionsLib just zero out the memory protections structure effectively disabling memory protections. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c= | 29 ++++ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c= | 144 ++++++++++++++++++++ MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.i= nf | 25 ++++ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.i= nf | 25 ++++ MdeModulePkg/MdeModulePkg.dsc = | 4 + 5 files changed, 227 insertions(+) diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtecti= onsLibNull.c b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtec= tionsLibNull.c new file mode 100644 index 000000000000..af341c2c893d --- /dev/null +++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibN= ull.c @@ -0,0 +1,29 @@ +/** @file +NULL implementation for GetMemoryProtectionsLib + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include + +MEMORY_PROTECTION_SETTINGS_UNION gMps =3D { 0 }; + +/** + Populates gMps global. This function is invoked by the library construct= or and only needs to be + called if library contructors have not yet been invoked. + + @retval EFI_SUCCESS gMps global was populated. + @retval EFI_NOT_FOUND The gMemoryProtectionSettingsGuid HOB was not = found. + @retval EFI_ABORTED The version number of the DXE or MM memory pro= tection settings was invalid. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +PopulateMpsGlobal ( + VOID + ) +{ + return EFI_UNSUPPORTED; +} diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLibNull.c b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtec= tionsLibNull.c new file mode 100644 index 000000000000..0d3a32d70209 --- /dev/null +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibN= ull.c @@ -0,0 +1,144 @@ +/** @file +Library for setting the memory protection settings for DXE. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include + +DXE_MEMORY_PROTECTION_PROFILES DxeMemoryProtectionProfiles[DxeMemoryProte= ctionSettingsMax] =3D { 0 }; +MM_MEMORY_PROTECTION_PROFILES MmMemoryProtectionProfiles[MmMemoryProtect= ionSettingsMax] =3D { 0 }; + +/** + Prevent further changes to the memory protection settings via this + library API. + + @retval EFI_SUCCESS The memory protection settings are locked. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +LockMemoryProtectionSettings ( + VOID + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Sets the DXE memory protection settings. If DxeMps is NULL, the settings= will be set based + on ProfileIndex. + + @param[in] DxeMps Pointer to the memory protection settings to pu= blish. If NULL, the + settings will be created based on ProfileIndex. + @param[in] ProfileIndex The index of the memory protection profile to u= se if DxeMps is NULL. + + @retval EFI_SUCCESS The memory protection HOB was successfully= created. + @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the versio= n number of the + input DxeMps was not equal to the version = currently present + in the settings. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_ACCESS_DENIED The memory protection settings are locked. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +SetDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps OPTIONAL, + IN DXE_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Sets the MM memory protection HOB entry. If MmMps is NULL, the settings = will be set based + on ProfileIndex. + + @param[in] MmMps Pointer to the memory protection settings to pu= blish. If NULL, the + settings will be created based on ProfileIndex. + @param[in] ProfileIndex The index of the memory protection profile to u= se if MmMps is NULL. + + @retval EFI_SUCCESS The memory protection HOB was successfully= created. + @retval EFI_OUT_OF_RESOURCES There was insufficient memory to create th= e HOB. + @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the versio= n number of the + input MmMps was not equal to the version c= urrently present + in the settings. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_ACCESS_DENIED The memory protection settings are locked. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +SetMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmMps OPTIONAL, + IN MM_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Copies the current memory protection settings into the input buffer. + + NOTE: The returned settings may not be the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @param[out] Mps The memory protection settings pointer to populate. + + @retval EFI_SUCCESS The memory protection settings were copied + into the input buffer. + @retval EFI_INVALID_PARAMETER Mps was NULL. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +GetCurrentMemoryProtectionSettings ( + OUT MEMORY_PROTECTION_SETTINGS *Mps + ) +{ + return EFI_UNSUPPORTED; +} + +/** + Returns TRUE any form of DXE memory protection is currently active. + + NOTE: The returned value may reflect the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @retval TRUE DXE Memory protection is active. + @retval FALSE DXE Memory protection is not active. +**/ +BOOLEAN +EFIAPI +IsDxeMemoryProtectionActive ( + VOID + ) +{ + return FALSE; +} + +/** + Returns TRUE any form of MM memory protection is currently active. + + NOTE: The returned value may reflect the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @retval TRUE MM Memory protection is active. + @retval FALSE MM Memory protection is not active. +**/ +BOOLEAN +EFIAPI +IsMmMemoryProtectionActive ( + VOID + ) +{ + return FALSE; +} diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtecti= onsLibNull.inf b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProt= ectionsLibNull.inf new file mode 100644 index 000000000000..e7161412d9dc --- /dev/null +++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibN= ull.inf @@ -0,0 +1,25 @@ +## @file +# NULL implementation for GetMemoryProtectionsLib +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D GetMemoryProtectionsLibNull + FILE_GUID =3D C21A27EE-37DD-4024-8EDA-8BF5088C8CB1 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D GetMemoryProtectionsLib + +# +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 +# + +[Sources] + GetMemoryProtectionsLibNull.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLibNull.inf b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProt= ectionsLibNull.inf new file mode 100644 index 000000000000..fa660abe3b64 --- /dev/null +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibN= ull.inf @@ -0,0 +1,25 @@ +## @file +# Library for setting the memory protection settings for DXE. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D SetMemoryProtectionsLibNull + FILE_GUID =3D CBD02C10-1F4B-4374-A7B2-BB2547C08433 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D SetMemoryProtectionsLib|SEC PEI_CORE = PEIM + +# +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 +# + +[Sources] + SetMemoryProtectionsLibNull.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index c7af921782ee..0b5f2414dd72 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -106,6 +106,8 @@ [LibraryClasses] MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibN= ull.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseV= ariableFlashInfoLib.inf IpmiCommandLib|MdeModulePkg/Library/BaseIpmiCommandLibNull/BaseIpmiComma= ndLibNull.inf + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Get= MemoryProtectionsLibNull.inf + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLibNull.inf =20 [LibraryClasses.EBC.PEIM] IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf @@ -231,6 +233,8 @@ [Components] MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf + MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull= .inf + MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull= .inf MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTa= bleLib.inf MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108865): https://edk2.groups.io/g/devel/message/108865 Mute This Topic: https://groups.io/mt/101469940/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108866+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108866+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171489; cv=none; d=zohomail.com; s=zohoarc; b=PgRPDLhlJQkL0Ob/0DbOt/0FsyGORNIj9UAD8k7rWIJperHj9MZuJ0VPZFGelNbUXINVaU+4QyCpZBWG/tbOageXlhWmn5H7uRtntIn8vl61MC7LYa7mT6Wp7MRIw28R+ppDP6O3TyBcHIoHsZiaK8pmaZHXyIFYSKmuWkK0oe0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171489; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=MCFnmc7dUTR5Z20nyEFtj+nS3pkhw8gfNIgHGCHLcQ4=; b=MvNEFX4YujeObtLr3JEkmGn0jkRgm7KQoYyXrpm7pXDe24jcA0Z/Fa98Eztard8JPTkzw8RmFmWt3nxvl1aOoBSQqQsdPWOOUu4mpi2t1MocokRHYV3B/TG2USPSrdlJpI38pF2Hvq16YdnaPP88N0w15OmnMEquhYJnmvRRgUA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108866+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171489000741.2177177857623; Tue, 19 Sep 2023 17:58:09 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=C3jO+uSlhgFUgmyE1EZWp/10LYr2m2wv1zyIQvxO7og=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171488; v=1; b=KcgIsamnINchzz3sLEVJEF9BmndbUXOCTSCfw2hZa7ewIcjZLmnShJJ5WU2d+S7dXjLxqqdO pzmcBgbS3+l1nIYiMRqrmRTHIp3QkaUPE2eyImi60Z7PilNw6cU0UE2QcXodvlFoaSP9yE7CLgg 6+n2J37ZjVN5rIti/dJWLnSY= X-Received: by 127.0.0.2 with SMTP id ATUoYY1788612xpiQsXZQuBf; Tue, 19 Sep 2023 17:58:08 -0700 X-Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web10.26777.1695171488096167066 for ; Tue, 19 Sep 2023 17:58:08 -0700 X-Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1c47309a8ccso2601285ad.1 for ; Tue, 19 Sep 2023 17:58:08 -0700 (PDT) X-Gm-Message-State: ithsg7OWn1rut1mtF9vxhYbnx1787277AA= X-Google-Smtp-Source: AGHT+IFXEL9uGEye4dimy83Am7X+ZNeCu6fMSNWmI1I1iM3hXI46ReWABvZnM1e5zUeNjs778TJXBg== X-Received: by 2002:a17:902:e5ce:b0:1c3:868f:5958 with SMTP id u14-20020a170902e5ce00b001c3868f5958mr5317237plf.20.1695171486951; Tue, 19 Sep 2023 17:58:06 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:06 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 04/28] MdeModulePkg: Implement SetMemoryProtectionsLib and GetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:27 -0700 Message-ID: <20230920005752.2041-5-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171489982100018 Content-Type: text/plain; charset="utf-8" The SetMemoryProtectionsLib implementation has functionality for setting protections based on a preset profile or a custom DXE/MM profile passed in by the caller. The implementation also supports locking the protections (tracked via an extra boolean stored in the HOB entry) which prevents the protections from being changed by any other SetMemoryProtectionsLib calls. The GetMemoryProtectionsLib implementation populates the gMps global in the library consructor. For cases where the global needs to be accessed before the constructor is called, PopulateMpsGlobal() will manually fill out the gMps global. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.c = | 158 ++++++ MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.c = | 124 +++++ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c = | 534 ++++++++++++++++++++ MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.in= f | 34 ++ MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf= | 34 ++ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf = | 48 ++ MdeModulePkg/MdeModulePkg.dsc = | 3 + 7 files changed, 935 insertions(+) diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProte= ctionsLib.c b/MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProt= ectionsLib.c new file mode 100644 index 000000000000..c622a7b99f42 --- /dev/null +++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsL= ib.c @@ -0,0 +1,158 @@ +/** @file +Library fills out gMps global for accessing the platform memory protection= settings + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +#include +#include +#include + +MEMORY_PROTECTION_SETTINGS_UNION gMps =3D { 0 }; + +/** + This function checks the memory protection settings for conflicts. + + @param[in] Mps Pointer to the memory protection settings to check. + + @retval EFI_SUCCESS The memory protection settings are consist= ent. + @retval EFI_INVALID_PARAMETER The memory protection settings are not con= sistent. +**/ +STATIC +EFI_STATUS +DxeMemoryProtectionSettingsConsistencyCheck ( + IN MEMORY_PROTECTION_SETTINGS *Mps + ) +{ + if ((Mps->Dxe.HeapGuard.PoolGuardEnabled || Mps->Dxe.HeapGuard.PageGuard= Enabled) && + Mps->Dxe.HeapGuard.FreedMemoryGuardEnabled) + { + DEBUG (( + DEBUG_WARN, + "%a: - HeapGuard.FreedMemoryGuardEnabled and " + "UEFI HeapGuard.PoolGuardEnabled/HeapGuard.PageGuardEnabled " + "cannot be active at the same time. Setting all three to ZERO in " + "the memory protection settings global.\n", + __func__ + )); + ASSERT ( + !(Mps->Dxe.HeapGuard.FreedMemoryGuardEnabled && + (Mps->Dxe.HeapGuard.PoolGuardEnabled || Mps->Dxe.HeapGuard.PageGua= rdEnabled)) + ); + return EFI_INVALID_PARAMETER; + } + + if (!IsZeroBuffer (&Mps->Dxe.PoolGuard, MPS_MEMORY_TYPE_BUFFER_SIZE) && + (!(Mps->Dxe.HeapGuard.PoolGuardEnabled))) + { + DEBUG (( + DEBUG_WARN, + "%a: - PoolGuard protections are active " + "but HeapGuard.PoolGuardEnabled is inactive.\n", + __func__ + )); + } + + if (!IsZeroBuffer (&Mps->Dxe.PageGuard, MPS_MEMORY_TYPE_BUFFER_SIZE) && + (!(Mps->Dxe.HeapGuard.PageGuardEnabled))) + { + DEBUG (( + DEBUG_WARN, + "%a: - PageGuard protections are active " + "but HeapGuard.PageGuardEnabled is inactive\n", + __func__ + )); + } + + if (Mps->Dxe.ExecutionProtection.EnabledForType[EfiBootServicesData] != =3D + Mps->Dxe.ExecutionProtection.EnabledForType[EfiConventionalMemory]) + { + DEBUG (( + DEBUG_WARN, + "%a: - EfiBootServicesData and EfiConventionalMemory must have the s= ame " + "ExecutionProtection value. Setting both to ZERO in the memory prote= ction " + "settings global.\n", + __func__ + )); + ASSERT ( + Mps->Dxe.ExecutionProtection.EnabledForType[EfiBootServicesData] =3D= =3D + Mps->Dxe.ExecutionProtection.EnabledForType[EfiConventionalMemory] + ); + return EFI_INVALID_PARAMETER; + } + + return EFI_SUCCESS; +} + +/** + Populates gMps global. This function is invoked by the library construct= or and only needs to be + called if library contructors have not yet been invoked. + + @retval EFI_SUCCESS gMps global was populated. + @retval EFI_NOT_FOUND The gMemoryProtectionSettingsGuid HOB was not = found. + @retval EFI_ABORTED The version number of the DXE or MM memory pro= tection settings was invalid. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +PopulateMpsGlobal ( + VOID + ) +{ + VOID *Ptr; + MEMORY_PROTECTION_SETTINGS *Mps; + + Ptr =3D GetFirstGuidHob (&gMemoryProtectionSettingsGuid); + + if (Ptr !=3D NULL) { + Mps =3D (MEMORY_PROTECTION_SETTINGS *)GET_GUID_HOB_DATA (Ptr); + if (Mps->Dxe.StructVersion !=3D DXE_MEMORY_PROTECTION_SETTINGS_CURRENT= _VERSION) { + DEBUG (( + DEBUG_ERROR, + "%a: - Version number of the DXE Memory Protection Settings is inv= alid!\n", + __func__ + )); + ASSERT (Mps->Dxe.StructVersion =3D=3D DXE_MEMORY_PROTECTION_SETTINGS= _CURRENT_VERSION); + return EFI_ABORTED; + } else if (Mps->Dxe.Signature !=3D DXE_MEMORY_PROTECTION_SIGNATURE) { + DEBUG (( + DEBUG_ERROR, + "%a: - Signature of the DXE Memory Protection Settings is invalid!= \n", + __func__ + )); + ASSERT (Mps->Dxe.Signature =3D=3D DXE_MEMORY_PROTECTION_SIGNATURE); + return EFI_ABORTED; + } + + if (!EFI_ERROR (DxeMemoryProtectionSettingsConsistencyCheck (Mps))) { + CopyMem (&gMps.Dxe, &Mps->Dxe, sizeof (DXE_MEMORY_PROTECTION_SETTING= S)); + } + } else { + DEBUG (( + DEBUG_WARN, + "%a: - Memory Protection Settings not found!\n", + __func__ + )); + return EFI_NOT_FOUND; + } + + return EFI_SUCCESS; +} + +/** + Library constructor used to populate gMps global. + + @retval EFI_SUCCESS Constructor always returns success; +**/ +EFI_STATUS +EFIAPI +GetDxeMemoryProtectionSettingsConstructor ( + VOID + ) +{ + PopulateMpsGlobal (); + return EFI_SUCCESS; +} diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtec= tionsLib.c b/MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtec= tionsLib.c new file mode 100644 index 000000000000..09c289dd8d15 --- /dev/null +++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLi= b.c @@ -0,0 +1,124 @@ +/** @file +Library fills out gMps global for accessing the platform memory protection= settings + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +#include +#include +#include + +MEMORY_PROTECTION_SETTINGS_UNION gMps =3D { 0 }; + +/** + This function checks the memory protection settings for conflicts. + + @param[in] Mps Pointer to the memory protection settings to check. + + @retval EFI_SUCCESS The memory protection settings are consist= ent. + @retval EFI_INVALID_PARAMETER The memory protection settings are not con= sistent. +**/ +STATIC +EFI_STATUS +MmMemoryProtectionSettingsConsistencyCheck ( + IN MEMORY_PROTECTION_SETTINGS *Mps + ) +{ + if (!IsZeroBuffer (&Mps->Mm.PoolGuard, MPS_MEMORY_TYPE_BUFFER_SIZE) && + (!Mps->Mm.HeapGuard.PoolGuardEnabled)) + { + DEBUG (( + DEBUG_WARN, + "%a: - PoolGuard protections are active " + "but HeapGuard.PoolGuardEnabled is inactive.\n", + __func__ + )); + } + + if (!IsZeroBuffer (&Mps->Mm.PageGuard, MPS_MEMORY_TYPE_BUFFER_SIZE) && + (!Mps->Mm.HeapGuard.PageGuardEnabled)) + { + DEBUG (( + DEBUG_WARN, + "%a: - PageGuard protections are active " + "but HeapGuard.PageGuardEnabled is inactive\n", + __func__ + )); + } + + return EFI_SUCCESS; +} + +/** + Populates gMps global. This function is invoked by the library construct= or and only needs to be + called if library contructors have not yet been invoked. + + @retval EFI_SUCCESS gMps global was populated. + @retval EFI_NOT_FOUND The gMemoryProtectionSettingsGuid HOB was not = found. + @retval EFI_ABORTED The version number of the DXE or MM memory pro= tection settings was invalid. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +PopulateMpsGlobal ( + VOID + ) +{ + VOID *Ptr; + MEMORY_PROTECTION_SETTINGS *Mps; + + Ptr =3D GetFirstGuidHob (&gMemoryProtectionSettingsGuid); + + if (Ptr !=3D NULL) { + Mps =3D (MEMORY_PROTECTION_SETTINGS *)GET_GUID_HOB_DATA (Ptr); + + if (Mps->Mm.StructVersion !=3D MM_MEMORY_PROTECTION_SETTINGS_CURRENT_V= ERSION) { + DEBUG (( + DEBUG_ERROR, + "%a: - Version number of the MM Memory Protection Settings is inva= lid!\n", + __func__ + )); + ASSERT (Mps->Mm.StructVersion =3D=3D MM_MEMORY_PROTECTION_SETTINGS_C= URRENT_VERSION); + return EFI_ABORTED; + } else if (Mps->Mm.Signature !=3D MM_MEMORY_PROTECTION_SIGNATURE) { + DEBUG (( + DEBUG_ERROR, + "%a: - Signature of the MM Memory Protection Settings is invalid!\= n", + __func__ + )); + ASSERT (Mps->Mm.Signature =3D=3D MM_MEMORY_PROTECTION_SIGNATURE); + return EFI_ABORTED; + } + + if (!EFI_ERROR (MmMemoryProtectionSettingsConsistencyCheck (Mps))) { + CopyMem (&gMps.Mm, &Mps->Mm, sizeof (MM_MEMORY_PROTECTION_SETTINGS)); + } + } else { + DEBUG (( + DEBUG_WARN, + "%a: - Memory Protection Settings not found!\n", + __func__ + )); + return EFI_NOT_FOUND; + } + + return EFI_SUCCESS; +} + +/** + Library constructor used to populate gMps global. + + @retval EFI_SUCCESS Constructor always returns success; +**/ +EFI_STATUS +EFIAPI +GetMmMemoryProtectionSettingsConstructor ( + VOID + ) +{ + PopulateMpsGlobal (); + return EFI_SUCCESS; +} diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.c b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtection= sLib.c new file mode 100644 index 000000000000..13032ec80fbf --- /dev/null +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c @@ -0,0 +1,534 @@ +/** @file +Library for setting the memory protection settings for DXE. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include +#include +#include +#include +#include + +#pragma pack(1) + +typedef struct { + // Protection settings + MEMORY_PROTECTION_SETTINGS Mps; + // Extra byte for tracking if protection settings have been locked + BOOLEAN MemoryProtectionSettingsLocked; +} MEMORY_PROTECTION_SETTINGS_PRIVATE; + +#pragma pack() + +///////////////////////////// +// DXE PROFILE DEFINITIONS // +///////////////////////////// + +// +// A memory profile which uses the fixed at build PCDs defined in MdeModu= lePkg.dec +// +#define DXE_MEMORY_PROTECTION_SETTINGS_PCD = \ +{ = \ + DXE_MEMORY_PROTECTION_SIGNATURE, = \ + DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, = \ + FixedPcdGetBool (PcdCpuStackGuard), /* Stack Guard */ = \ + TRUE, /* Stack Execution Protection (MUST = BE POPULATED) */ \ + { /* NULL Pointer Detection */ = \ + .Enabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT0) !=3D 0), \ + .DisableEndOfDxe =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT7) !=3D 0), \ + .NonstopModeEnabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT6) !=3D 0) \ + }, = \ + { /* Image Protection */ = \ + .ProtectImageFromUnknown =3D ((FixedPcdGet32 (PcdImageProtectionPolicy= ) & BIT0) !=3D 0), \ + .ProtectImageFromFv =3D ((FixedPcdGet32 (PcdImageProtectionPolicy= ) & BIT1) !=3D 0) \ + }, = \ + { /* Execution Protection */ = \ + .EnabledForType =3D { = \ + [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiReservedMemoryType) !=3D 0), \ + [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiLoaderCode) !=3D 0), \ + [EfiLoaderData] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiLoaderData) !=3D 0), \ + [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiBootServicesCode) !=3D 0), \ + [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiBootServicesData) !=3D 0), \ + [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiRuntimeServicesCode) !=3D 0), \ + [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiRuntimeServicesData) !=3D 0), \ + [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiConventionalMemory) !=3D 0), \ + [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiUnusableMemory) !=3D 0), \ + [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiACPIReclaimMemory) !=3D 0), \ + [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiACPIMemoryNVS) !=3D 0), \ + [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiMemoryMappedIO) !=3D 0), \ + [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiMemoryMappedIOPortSpace) !=3D 0), \ + [EfiPalCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiPalCode) !=3D 0), \ + [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiPersistentMemory) !=3D 0), \ + [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiUnacceptedMemoryType) !=3D 0), \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & BIT62) !=3D 0), \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & BIT63) !=3D 0) \ + } = \ + }, = \ + { /* Heap Guard */ = \ + .PageGuardEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT0) !=3D 0), \ + .PoolGuardEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT1) !=3D 0), \ + .FreedMemoryGuardEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT4) !=3D 0), \ + .NonstopModeEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT6) !=3D 0), \ + .GuardAlignedToTail =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT7) =3D=3D 0) \ + }, = \ + { /* Pool Guard */ = \ + .EnabledForType =3D { = \ + [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiReservedMemoryType) !=3D 0), \ + [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderCode) !=3D 0), \ + [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderData) !=3D 0), \ + [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesCode) !=3D 0), \ + [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesData) !=3D 0), \ + [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesCode) !=3D 0), \ + [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesData) !=3D 0), \ + [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiConventionalMemory) !=3D 0), \ + [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnusableMemory) !=3D 0), \ + [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIReclaimMemory) !=3D 0), \ + [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIMemoryNVS) !=3D 0), \ + [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIO) !=3D 0), \ + [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ + [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPalCode) !=3D 0), \ + [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPersistentMemory) !=3D 0), \ + [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnacceptedMemoryType) !=3D 0), \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT62) !=3D 0), \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT63) !=3D 0) \ + } = \ + }, = \ + { /* Page Guard */ = \ + .EnabledForType =3D { = \ + [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiReservedMemoryType) !=3D 0), \ + [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderCode) !=3D 0), \ + [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderData) !=3D 0), \ + [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesCode) !=3D 0), \ + [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesData) !=3D 0), \ + [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesCode) !=3D 0), \ + [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesData) !=3D 0), \ + [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiConventionalMemory) !=3D 0), \ + [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnusableMemory) !=3D 0), \ + [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIReclaimMemory) !=3D 0), \ + [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIMemoryNVS) !=3D 0), \ + [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIO) !=3D 0), \ + [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ + [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPalCode) !=3D 0), \ + [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPersistentMemory) !=3D 0), \ + [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnacceptedMemoryType) !=3D 0), \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT62) !=3D 0), \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT63) !=3D 0) \ + } = \ + } = \ +} + +//////////////////////////// +// MM PROFILE DEFINITIONS // +//////////////////////////// + +// +// A memory profile which uses the fixed at build PCDs defined in MdeModu= lePkg.dec +// +#define MM_MEMORY_PROTECTION_SETTINGS_PCD = \ +{ = \ + MM_MEMORY_PROTECTION_SIGNATURE, = \ + MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, = \ + { /* NULL Pointer Detection */ = \ + .Enabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT1) !=3D 0), \ + .NonstopModeEnabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT6) !=3D 0) \ + }, = \ + { /* Heap Guard */ = \ + .PageGuardEnabled =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT2) !=3D 0), \ + .PoolGuardEnabled =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT3) !=3D 0), \ + .NonstopModeEnabled =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT6) !=3D 0), \ + .GuardAlignedToTail =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT7) =3D=3D 0) \ + }, = \ + { /* Pool Guard */ = \ + .EnabledForType =3D { = \ + [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiReservedMemoryType) !=3D 0), \ + [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderCode) !=3D 0), \ + [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderData) !=3D 0), \ + [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesCode) !=3D 0), \ + [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesData) !=3D 0), \ + [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesCode) !=3D 0), \ + [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesData) !=3D 0), \ + [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiConventionalMemory) !=3D 0), \ + [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnusableMemory) !=3D 0), \ + [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIReclaimMemory) !=3D 0), \ + [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIMemoryNVS) !=3D 0), \ + [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIO) !=3D 0), \ + [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ + [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPalCode) !=3D 0), \ + [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPersistentMemory) !=3D 0), \ + [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnacceptedMemoryType) !=3D 0), \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT62) !=3D 0), \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT63) !=3D 0) \ + } = \ + }, = \ + { /* Page Guard */ = \ + .EnabledForType =3D { = \ + [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiReservedMemoryType) !=3D 0), \ + [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderCode) !=3D 0), \ + [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderData) !=3D 0), \ + [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesCode) !=3D 0), \ + [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesData) !=3D 0), \ + [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesCode) !=3D 0), \ + [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesData) !=3D 0), \ + [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiConventionalMemory) !=3D 0), \ + [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnusableMemory) !=3D 0), \ + [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIReclaimMemory) !=3D 0), \ + [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIMemoryNVS) !=3D 0), \ + [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIO) !=3D 0), \ + [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ + [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPalCode) !=3D 0), \ + [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPersistentMemory) !=3D 0), \ + [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnacceptedMemoryType) !=3D 0), \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT62) !=3D 0), \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT63) !=3D 0) \ + } = \ + } = \ +} + +//////////////////////////// +// PROFILE CONFIGURATIONS // +//////////////////////////// + +DXE_MEMORY_PROTECTION_PROFILES DxeMemoryProtectionProfiles[DxeMemoryProte= ctionSettingsMax] =3D { + [DxeMemoryProtectionSettingsPcd] =3D { + .Name =3D "Pcd", + .Description =3D "Memory protection settings from PCDs", + .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_PCD + }, +}; + +MM_MEMORY_PROTECTION_PROFILES MmMemoryProtectionProfiles[MmMemoryProtecti= onSettingsMax] =3D { + [MmMemoryProtectionSettingsPcd] =3D { + .Name =3D "Pcd", + .Description =3D "Memory protection settings from PCDs", + .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_PCD + }, +}; + +///////////////////////////////////// +// GET/SET SUPPORT FUNCTIONS // +///////////////////////////////////// + +/** + Gets the memory protection HOB entry. This function will create the entry + if it is not found. + + @retval NULL Unable to create the memory protection HOB entry. + @retval Other Pointer to the memory protection HOB entry. +**/ +STATIC +MEMORY_PROTECTION_SETTINGS_PRIVATE * +GetOrCreateMemoryProtectionSettings ( + VOID + ) +{ + VOID *Ptr; + MEMORY_PROTECTION_SETTINGS_PRIVATE Mpsp; + + Ptr =3D GetFirstGuidHob (&gMemoryProtectionSettingsGuid); + + if (Ptr !=3D NULL) { + return (MEMORY_PROTECTION_SETTINGS_PRIVATE *)GET_GUID_HOB_DATA (Ptr); + } + + ZeroMem (&Mpsp, sizeof (Mpsp)); + Mpsp.Mps.Dxe =3D DxeMemoryProtectionProf= iles[DxeMemoryProtectionSettingsPcd].Settings; + Mpsp.Mps.Mm =3D MmMemoryProtectionProfi= les[MmMemoryProtectionSettingsPcd].Settings; + Mpsp.Mps.Dxe.StackExecutionProtectionEnabled =3D PcdGetBool (PcdSetNxFor= Stack); + + Ptr =3D BuildGuidDataHob ( + &gMemoryProtectionSettingsGuid, + &Mpsp, + sizeof (Mpsp) + ); + + return (MEMORY_PROTECTION_SETTINGS_PRIVATE *)Ptr; +} + +/** + Gets the memory protection HOB entry and checks the version number + to ensure it is compatible with this module. + + @retval NULL Unable to create the memory protection HOB entry. + @retval Other Pointer to the memory protection HOB entry. +**/ +STATIC +MEMORY_PROTECTION_SETTINGS_PRIVATE * +FetchAndCheckMpsp ( + VOID + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + Mpsp =3D GetOrCreateMemoryProtectionSettings (); + + if (Mpsp =3D=3D NULL) { + return NULL; + } + + if (Mpsp->Mps.Dxe.StructVersion !=3D DXE_MEMORY_PROTECTION_SETTINGS_CURR= ENT_VERSION) { + DEBUG (( + DEBUG_ERROR, + "%a: - Version number of the DXE Memory Protection Settings is inval= id!\n" + "This module was compiled with version %d but the current version is= %d.\n", + __func__, + Mpsp->Mps.Dxe.StructVersion, + DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION + )); + ASSERT (Mpsp->Mps.Dxe.StructVersion =3D=3D DXE_MEMORY_PROTECTION_SETTI= NGS_CURRENT_VERSION); + return NULL; + } + + if (Mpsp->Mps.Mm.StructVersion !=3D MM_MEMORY_PROTECTION_SETTINGS_CURREN= T_VERSION) { + DEBUG (( + DEBUG_ERROR, + "%a: - Version number of the MM Memory Protection Settings is invali= d!\n" + "This module was compiled with version %d but the current version is= %d.\n", + __func__, + Mpsp->Mps.Mm.StructVersion, + MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION + )); + ASSERT (Mpsp->Mps.Mm.StructVersion =3D=3D MM_MEMORY_PROTECTION_SETTING= S_CURRENT_VERSION); + return NULL; + } + + return Mpsp; +} + +/** + Prevent further changes to the memory protection settings via this + library API. + + @retval EFI_SUCCESS The memory protection settings are locked. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +LockMemoryProtectionSettings ( + VOID + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + Mpsp =3D FetchAndCheckMpsp (); + + if (Mpsp =3D=3D NULL) { + ASSERT (Mpsp !=3D NULL); + return EFI_ABORTED; + } + + Mpsp->MemoryProtectionSettingsLocked =3D TRUE; + + return EFI_SUCCESS; +} + +/** + Sets the DXE memory protection settings. If DxeMps is NULL, the settings= will be set based + on ProfileIndex. + + @param[in] DxeMps Pointer to the memory protection settings to pu= blish. If NULL, the + settings will be created based on ProfileIndex. + @param[in] ProfileIndex The index of the memory protection profile to u= se if DxeMps is NULL. + + @retval EFI_SUCCESS The memory protection HOB was successfully= created. + @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the versio= n number of the + input DxeMps was not equal to the version = currently present + in the settings. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_ACCESS_DENIED The memory protection settings are locked. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +SetDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps OPTIONAL, + IN DXE_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + Mpsp =3D FetchAndCheckMpsp (); + + if (Mpsp =3D=3D NULL) { + ASSERT (Mpsp !=3D NULL); + return EFI_ABORTED; + } + + if (Mpsp->MemoryProtectionSettingsLocked) { + return EFI_ACCESS_DENIED; + } + + if (DxeMps =3D=3D NULL) { + if (ProfileIndex >=3D DxeMemoryProtectionSettingsMax) { + return EFI_INVALID_PARAMETER; + } + + DxeMps =3D &DxeMemoryProtectionProfiles[ProfileIndex].Settings; + } else if (DxeMps->StructVersion !=3D Mpsp->Mps.Dxe.StructVersion) { + ASSERT (DxeMps->StructVersion =3D=3D Mpsp->Mps.Dxe.StructVersion); + return EFI_INVALID_PARAMETER; + } + + CopyMem (&Mpsp->Mps.Dxe, DxeMps, sizeof (DXE_MEMORY_PROTECTION_SETTINGS)= ); + return EFI_SUCCESS; +} + +/** + Sets the MM memory protection HOB entry. If MmMps is NULL, the settings = will be set based + on ProfileIndex. + + @param[in] MmMps Pointer to the memory protection settings to pu= blish. If NULL, the + settings will be created based on ProfileIndex. + @param[in] ProfileIndex The index of the memory protection profile to u= se if MmMps is NULL. + + @retval EFI_SUCCESS The memory protection HOB was successfully= created. + @retval EFI_OUT_OF_RESOURCES There was insufficient memory to create th= e HOB. + @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the versio= n number of the + input MmMps was not equal to the version c= urrently present + in the settings. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_ACCESS_DENIED The memory protection settings are locked. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +SetMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmMps OPTIONAL, + IN MM_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + Mpsp =3D FetchAndCheckMpsp (); + + if (Mpsp =3D=3D NULL) { + ASSERT (Mpsp !=3D NULL); + return EFI_ABORTED; + } + + if (Mpsp->MemoryProtectionSettingsLocked) { + return EFI_ACCESS_DENIED; + } + + if (MmMps =3D=3D NULL) { + if (ProfileIndex >=3D MmMemoryProtectionSettingsMax) { + return EFI_INVALID_PARAMETER; + } + + MmMps =3D &MmMemoryProtectionProfiles[ProfileIndex].Settings; + } else if (MmMps->StructVersion !=3D Mpsp->Mps.Mm.StructVersion) { + ASSERT (MmMps->StructVersion =3D=3D Mpsp->Mps.Mm.StructVersion); + return EFI_INVALID_PARAMETER; + } + + CopyMem (&Mpsp->Mps.Mm, MmMps, sizeof (MM_MEMORY_PROTECTION_SETTINGS)); + return EFI_SUCCESS; +} + +/** + Copies the current memory protection settings into the input buffer. + + NOTE: The returned settings may not be the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @param[out] Mps The memory protection settings pointer to populate. + + @retval EFI_SUCCESS The memory protection settings were copied + into the input buffer. + @retval EFI_INVALID_PARAMETER Mps was NULL. + @retval EFI_ABORTED Unable to get/create the memory protection= settings. + @retval EFI_UNSUPPORTED NULL implementation called. +**/ +EFI_STATUS +EFIAPI +GetCurrentMemoryProtectionSettings ( + OUT MEMORY_PROTECTION_SETTINGS *Mps + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + if (Mps =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + Mpsp =3D FetchAndCheckMpsp (); + + if (Mpsp =3D=3D NULL) { + ASSERT (Mpsp !=3D NULL); + return EFI_ABORTED; + } + + CopyMem (Mps, &Mpsp->Mps, sizeof (MEMORY_PROTECTION_SETTINGS)); + return EFI_SUCCESS; +} + +/** + Returns TRUE any form of DXE memory protection is currently active. + + NOTE: The returned value may reflect the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @retval TRUE DXE Memory protection is active. + @retval FALSE DXE Memory protection is not active. +**/ +BOOLEAN +EFIAPI +IsDxeMemoryProtectionActive ( + VOID + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + Mpsp =3D FetchAndCheckMpsp (); + + if (Mpsp =3D=3D NULL) { + ASSERT (Mpsp !=3D NULL); + return FALSE; + } + + return Mpsp->Mps.Dxe.CpuStackGuardEnabled = || + Mpsp->Mps.Dxe.StackExecutionProtectionEnabled = || + Mpsp->Mps.Dxe.NullPointerDetection.Enabled = || + Mpsp->Mps.Dxe.HeapGuard.FreedMemoryGuardEnabled = || + Mpsp->Mps.Dxe.ImageProtection.ProtectImageFromFv = || + Mpsp->Mps.Dxe.ImageProtection.ProtectImageFromUnknown = || + !IsZeroBuffer (&Mpsp->Mps.Dxe.ExecutionProtection.EnabledForType,= MPS_MEMORY_TYPE_BUFFER_SIZE) || + (Mpsp->Mps.Dxe.HeapGuard.PageGuardEnabled && !IsZeroBuffer (&Mpsp= ->Mps.Dxe.PageGuard.EnabledForType, MPS_MEMORY_TYPE_BUFFER_SIZE)) || + (Mpsp->Mps.Dxe.HeapGuard.PoolGuardEnabled && !IsZeroBuffer (&Mpsp= ->Mps.Dxe.PoolGuard.EnabledForType, MPS_MEMORY_TYPE_BUFFER_SIZE)); +} + +/** + Returns TRUE any form of MM memory protection is currently active. + + NOTE: The returned value may reflect the final settings used by the + platform on this boot. Unless LockMemoryProtectionSettings() has + been called, settings may be modified by drivers until DXE handoff. + + @retval TRUE MM Memory protection is active. + @retval FALSE MM Memory protection is not active. +**/ +BOOLEAN +EFIAPI +IsMmMemoryProtectionActive ( + VOID + ) +{ + MEMORY_PROTECTION_SETTINGS_PRIVATE *Mpsp; + + Mpsp =3D FetchAndCheckMpsp (); + + if (Mpsp =3D=3D NULL) { + ASSERT (Mpsp !=3D NULL); + return FALSE; + } + + return Mpsp->Mps.Mm.NullPointerDetection.Enabled = || + (Mpsp->Mps.Mm.HeapGuard.PageGuardEnabled && !IsZeroBuffer (&Mpsp-= >Mps.Mm.PageGuard.EnabledForType, MPS_MEMORY_TYPE_BUFFER_SIZE)) || + (Mpsp->Mps.Dxe.HeapGuard.PoolGuardEnabled && !IsZeroBuffer (&Mpsp= ->Mps.Mm.PoolGuard.EnabledForType, MPS_MEMORY_TYPE_BUFFER_SIZE)); +} diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProte= ctionsLib.inf b/MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryPr= otectionsLib.inf new file mode 100644 index 000000000000..b2949a8a5b0b --- /dev/null +++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsL= ib.inf @@ -0,0 +1,34 @@ +## @file +# Library fills out gMps global for accessing the platform memory protecti= on settings +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D DxeGetMemoryProtectionsLib + FILE_GUID =3D 723A3FA5-1B77-4E83-8978-C768829F7BE4 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D GetMemoryProtectionsLib|DXE_CORE DXE_= DRIVER UEFI_APPLICATION UEFI_DRIVER + CONSTRUCTOR =3D GetDxeMemoryProtectionSettingsConstru= ctor + +# +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 +# + +[Sources] + DxeGetMemoryProtectionsLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + HobLib + DebugLib + BaseMemoryLib + +[Guids] + gMemoryProtectionSettingsGuid diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtec= tionsLib.inf b/MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProt= ectionsLib.inf new file mode 100644 index 000000000000..328eb4c78139 --- /dev/null +++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLi= b.inf @@ -0,0 +1,34 @@ +## @file +# Library fills out gMps global for accessing the platform memory protecti= on settings +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D MmGetMemoryProtectionsLib + FILE_GUID =3D 719D6FAE-7EF1-429B-9A00-D5C50E4BB15A + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D GetMemoryProtectionsLib|SMM_CORE DXE_= SMM_DRIVER MM_CORE_STANDALONE MM_STANDALONE + CONSTRUCTOR =3D GetMmMemoryProtectionSettingsConstruc= tor + +# +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 +# + +[Sources] + MmGetMemoryProtectionsLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + HobLib + DebugLib + BaseMemoryLib + +[Guids] + gMemoryProtectionSettingsGuid diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.inf b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.inf new file mode 100644 index 000000000000..2e4a9a66ac68 --- /dev/null +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.= inf @@ -0,0 +1,48 @@ +## @file +# Library for setting the memory protection settings for DXE. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D SetMemoryProtectionsLib + FILE_GUID =3D DDA7DD34-0D3E-48FC-B4AE-A25581A40317 + MODULE_TYPE =3D PEIM + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D SetMemoryProtectionsLib|SEC PEI_CORE = PEIM + +# +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 +# + +[Sources] + SetMemoryProtectionsLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + BaseMemoryLib + BaseLib + HobLib + DebugLib + PcdLib + +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask + gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType + gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType + gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy + +[Guids] + gMemoryProtectionSettingsGuid + +[BuildOptions] + GCC:*_*_*_CC_FLAGS =3D -Wno-missing-braces diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 0b5f2414dd72..919379b2a1b9 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -233,7 +233,10 @@ [Components] MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf + MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.= inf + MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.i= nf MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull= .inf + MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull= .inf MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTa= bleLib.inf --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108866): https://edk2.groups.io/g/devel/message/108866 Mute This Topic: https://groups.io/mt/101469941/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108867+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108867+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171489; cv=none; d=zohomail.com; s=zohoarc; b=O0Bkvz4HTt2OdM8htuuwpBGpNbpbZ6H7WKO2BBKGcyJ7Z2MDHhwORRLpZLnQ5i5zL6VqK35wl5fIrZNcAYctoCGCkrXDiE2G/2/U/kJqqzsH6YOPrZ12m5a85KsuBafvJ15DtB94EPXwGSi5FhUxBf+52CNf9FjD0VpcmErLGEA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171489; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=kvRFHIdJ95N8JHedL+bbrpAt2hT6BXYeo6AYLxTu8Qo=; b=dDAFTwP0RkWT7/5rgDFyDmpMFxQW2kTPnbYDxyraL+Z7wD0lFGpmI1S1sUljjw0dVRMcV6bFgt8IZXTQXP8WFG9A+g5UP8vbkJknydZyb/Bnelg7kzo231pGA24MB5+JQeP1+MFwpnKxg4+GYcSjd6JewCrT3s71AZS18Dl52s4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108867+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171489421663.9463322044224; Tue, 19 Sep 2023 17:58:09 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=4n05ureXT95ICprA7McyZ9hVOsM/gWT6nbz4Vy918TI=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171489; v=1; b=jSXnvcnsK6i1Hhfb1+mjSgnKxD4kzAWUWuh4bB3XqOmOq+lT36IsCa1YRSxUq+eutJOdPPCt CZ3Ein3pAcNEcp+It7ITAqVMDiYrEceViGSqHMPgq/nCLYDc4Mrh+b4VLdpOZd6RXwCY2srWkB1 hKAe72rjR5aEn+UcC7W4UzkM= X-Received: by 127.0.0.2 with SMTP id jVPEYY1788612xZmSz1ICsge; Tue, 19 Sep 2023 17:58:09 -0700 X-Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web10.26778.1695171488202460673 for ; Tue, 19 Sep 2023 17:58:08 -0700 X-Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-1c453379020so27759025ad.1 for ; Tue, 19 Sep 2023 17:58:08 -0700 (PDT) X-Gm-Message-State: Y3yqA60YEws3XU8nw1hMUoOpx1787277AA= X-Google-Smtp-Source: AGHT+IGzP5Qy55J8OH5LipncvLQddN6te4OGxipZ3AdklX97rziDR6ze6rMtZlOQ0ylli38+EWPYpQ== X-Received: by 2002:a17:902:f551:b0:1c3:f023:9823 with SMTP id h17-20020a170902f55100b001c3f0239823mr1106857plf.6.1695171487514; Tue, 19 Sep 2023 17:58:07 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:07 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v4 05/28] MdeModulePkg: Copy PEI PCD Database Into New Buffer Date: Tue, 19 Sep 2023 17:57:28 -0700 Message-ID: <20230920005752.2041-6-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171491252100022 Content-Type: text/plain; charset="utf-8" HOB memory should not be written to in DXE phase. This patch copies the PCD database from PEI into a new buffer so updates to dynamic PCDs don't write to HOB memory. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Universal/PCD/Dxe/Service.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Universal/PCD/Dxe/Service.c b/MdeModulePkg/Univer= sal/PCD/Dxe/Service.c index 1ae06a639c43..0feb11142545 100644 --- a/MdeModulePkg/Universal/PCD/Dxe/Service.c +++ b/MdeModulePkg/Universal/PCD/Dxe/Service.c @@ -885,15 +885,17 @@ BuildPcdDxeDataBase ( // be NULL. If it is NULL, we just copy over the DXE Default // Value to PCD Database. // - PeiDatabase =3D (PEI_PCD_DATABASE *)GET_GUID_HOB_DATA (GuidHob); + PeiDatabase =3D AllocateCopyPool ((UINTN)GET_GUID_HOB_DATA_SIZE (GuidH= ob), GET_GUID_HOB_DATA (GuidHob)); + ASSERT (PeiDatabase !=3D NULL); =20 // // Get next one that stores full PEI data // GuidHob =3D GetNextGuidHob (&gPcdDataBaseHobGuid, GET_NEXT_HOB (GuidHo= b)); if (GuidHob !=3D NULL) { - mPeiPcdDbBinary =3D (PEI_PCD_DATABASE *)GET_GUID_HOB_DATA (GuidHob); mPeiPcdDbSize =3D (UINTN)GET_GUID_HOB_DATA_SIZE (GuidHob); + mPeiPcdDbBinary =3D (PEI_PCD_DATABASE *)AllocateCopyPool (mPeiPcdDbS= ize, GET_GUID_HOB_DATA (GuidHob)); + ASSERT (mPeiPcdDbBinary !=3D NULL); } =20 // --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108867): https://edk2.groups.io/g/devel/message/108867 Mute This Topic: https://groups.io/mt/101469942/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108868+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108868+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171489; cv=none; d=zohomail.com; s=zohoarc; b=CoWZlfY9cfPr2WUaB6cjyiPjkewY2xG2O1BK0HzQFnlpODsE5j0QKTyGqUxw1WcifkRyfYOGi0x92uYlWW79AozjbVaaoVWoXRdj06fJbMpoHCVPMWfpMFoqk5yLDYmObI/Cyi+xiUWEY1EbRY2o1Djw78fie/qJfdW8d+adxIk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171489; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=OO6kCCtW4kctSQpRGkAyS0e4adNyHQbYNaSdtZkPf4c=; b=YZbkzvik0leuzkx/IwTW/Pu4D044sqf3Fnrt9wm9xfoneUb01EyG9a4SssG8H4vRnjMhZpMJCWx5N/s3W+xCpCboLVGx6PncH8W/n8ZkGYgNmvufbkqWjEm5Z5ATV8x42FYKhKrO9gJq9R/tH0oeFDSqJLk6UV4lTIAiZ6ofi4A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108868+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 169517148978691.8244237126952; Tue, 19 Sep 2023 17:58:09 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=+J2Og0NjBs456ur3ri8M5MsKAczhqPRn1K+sXMR/uIw=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171489; v=1; b=DApufl+QcrF5u3++QegSS2gwcdVbpjGbrK2jmLcHmqteL8E/cwjjc6lY1UqEyXqWhcHBL15z 8WbbiJM/j80R3Kt0GffiPcJWj7zccevgVzw+yARjtkCblpJdbY++eJgdFuBevXJiaGlE+ymZgiS odEyZSmC0/3OPKwYpITp6ciM= X-Received: by 127.0.0.2 with SMTP id UiDSYY1788612xnPT9nPAE14; Tue, 19 Sep 2023 17:58:09 -0700 X-Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web10.26779.1695171488848256323 for ; Tue, 19 Sep 2023 17:58:08 -0700 X-Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1c465d59719so25654895ad.1 for ; Tue, 19 Sep 2023 17:58:08 -0700 (PDT) X-Gm-Message-State: OpcqvMutY01QEfAGpjUpPZSfx1787277AA= X-Google-Smtp-Source: AGHT+IHD+ku1Zc7AKW0mhv5UzjL+9jxclRmds2Itgd1kHy1ilPUT91HFj4o5DwAZpmyH50g+0UESRw== X-Received: by 2002:a17:903:1cb:b0:1b7:e86f:7631 with SMTP id e11-20020a17090301cb00b001b7e86f7631mr1198343plh.19.1695171488217; Tue, 19 Sep 2023 17:58:08 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:07 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v4 06/28] MdeModulePkg: Apply Protections to the HOB List Date: Tue, 19 Sep 2023 17:57:29 -0700 Message-ID: <20230920005752.2041-7-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171492012100031 Content-Type: text/plain; charset="utf-8" Because the platform memory protection settings will be stored in the HOB, the HOB list should be marked read-only and non-executable as soon as possible in boot. This patch page-aligns the allocated HOB list in DXE and marks it RO/NX during memory protection initialization. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 18 ++++++------ MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 29 ++++++++++++++++++++ 2 files changed, 38 insertions(+), 9 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c b/MdeModulePkg/Core/Dxe/Gcd/Gc= d.c index 792cd2e0af23..72bd036eab1e 100644 --- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c +++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c @@ -2764,21 +2764,21 @@ CoreInitializeGcdServices ( } =20 // - // Relocate HOB List to an allocated pool buffer. + // Relocate HOB List to allocated pages. // The relocation should be at after all the tested memory resources add= ed // (except the memory space that covers HOB List) to the memory services, // because the memory resource found in CoreInitializeMemoryServices() // may have not enough remaining resource for HOB List. // - NewHobList =3D AllocateCopyPool ( - (UINTN)PhitHob->EfiFreeMemoryBottom - (UINTN)(*HobStart), - *HobStart - ); - ASSERT (NewHobList !=3D NULL); - - *HobStart =3D NewHobList; - gHobList =3D NewHobList; + NewHobList =3D AllocatePages (EFI_SIZE_TO_PAGES ((UINTN)PhitHob->EfiFree= MemoryBottom - (UINTN)(*HobStart))); + if (NewHobList !=3D NULL) { + CopyMem (NewHobList, *HobStart, (UINTN)PhitHob->EfiFreeMemoryBottom - = (UINTN)(*HobStart)); + *HobStart =3D NewHobList; + } else { + ASSERT (NewHobList !=3D NULL); + } =20 + gHobList =3D *HobStart; if (MemorySpaceMapHobList !=3D NULL) { // // Add and allocate the memory space that covers HOB List to the memor= y services diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index 7cc829b17402..94ed3111688b 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -967,6 +967,32 @@ InitializeDxeNxMemoryProtectionPolicy ( } } =20 +/** + Mark the HOB list as read-only and non-executable. +**/ +STATIC +VOID +ProtectHobList ( + VOID + ) +{ + EFI_PEI_HOB_POINTERS Hob; + + Hob.Raw =3D GetHobList (); + + // Find the end of the HOB list. + while (!END_OF_HOB_LIST (Hob)) { + Hob.Raw =3D GET_NEXT_HOB (Hob); + } + + // Protect the HOB list. + SetUefiImageMemoryAttributes ( + (UINTN)gHobList, + ALIGN_VALUE (((UINTN)Hob.Raw + GET_HOB_LENGTH (Hob)) - (UINTN)GetHobLi= st (), EFI_PAGE_SIZE), + EFI_MEMORY_XP | EFI_MEMORY_RO + ); +} + /** A notification for CPU_ARCH protocol. =20 @@ -1007,6 +1033,9 @@ MemoryProtectionCpuArchProtocolNotify ( // HeapGuardCpuArchProtocolNotify (); =20 + // Mark the HOB list XP and RO. + ProtectHobList (); + if (mImageProtectionPolicy =3D=3D 0) { goto Done; } --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108868): https://edk2.groups.io/g/devel/message/108868 Mute This Topic: https://groups.io/mt/101469943/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108869+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108869+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171490; cv=none; d=zohomail.com; s=zohoarc; b=AfR4YxcIRq7EM763lUfWpZAQqtBJSnaSjGsWyHG0n5KTuyzz/VjQqhnaUwtRZ40pYI1A0Dy4n0M3nDxudfGSyrnKjaeA87sMYZZFd732QJHuv9mcWlFvzheeKxxbP6p+IzkGT0qz3OHObogfEWCjpXVSHdOEUvXAkvVhL+ckTKA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171490; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=8o5F2YbfUftTXEETbOYjyXZYE+N8s+9AsmuYAqNdewQ=; b=N8pIEtBhM0njgR/jfKV2Nt2/fcgifPioOcxpwxq+zrEG1AET99TbnW3MABqWAugKkwrJ5OP8Q9cuWfkXUq5DePVz4n0pb1mexK+oJTLufG+PiUZs9efQvSmHzj5yWUNXuFe3GwoCT21xeVZTcNl7deKq2mrq85EDRkMIWNWYVNA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108869+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171490733737.5490496462141; Tue, 19 Sep 2023 17:58:10 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=JOv5Fzxpq4aGl436teJmFnI+rFcdeXD7dP0sfoT2P9Q=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171490; v=1; b=gtYqYSOm2QOhKJ1mpnsrkkzq+KPvDwO7eu09wxRTqIiEqrfyrY4NtuSk7YTFzy3/+ehbw0zP ksPejhYfkEpbCHyRaJ7ecP8DKn7DK7kYEm5tn+u5tkXz/0KJj2YaATQHYJ4BKbJzPc9zcp/xv2m iYYg03+HS4dkTzlmiSD6uy6I= X-Received: by 127.0.0.2 with SMTP id FjhkYY1788612xj33iHKMs4C; Tue, 19 Sep 2023 17:58:10 -0700 X-Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by mx.groups.io with SMTP id smtpd.web11.26917.1695171489832550180 for ; Tue, 19 Sep 2023 17:58:09 -0700 X-Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-68fcb4dc8a9so5799749b3a.2 for ; Tue, 19 Sep 2023 17:58:09 -0700 (PDT) X-Gm-Message-State: I0OWDf5gHQvxZAwPsTIBHLVJx1787277AA= X-Google-Smtp-Source: AGHT+IHkyLVMNkKcx0rBfGxXIsFWwVT8ZBDQ7GRILNdAJBCpKt9/DpgG/ebqavGvqxTyzMNEZWHakg== X-Received: by 2002:a05:6a21:4881:b0:14c:9a61:a310 with SMTP id av1-20020a056a21488100b0014c9a61a310mr991089pzc.24.1695171489216; Tue, 19 Sep 2023 17:58:09 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:08 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v4 07/28] MdeModulePkg: Check Print Level Before Dumping GCD Memory Map Date: Tue, 19 Sep 2023 17:57:30 -0700 Message-ID: <20230920005752.2041-8-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171491440100025 Content-Type: text/plain; charset="utf-8" When page/pool protections are active, the GCD sync process takes quite a bit longer than normal. This behavior is primarily due to a function which dumps the GCD memory map to the console. This dump function runs only on DEBUG builds but will iterate through the GCD memory map dozens of times even when the print level doesn't include DEBUG_GCD. This patch adds a check for the DEBUG_GCD print level before dumping the GCD memory map which saves several seconds during boot when page/pool protections are active. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 4 ++++ MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + 2 files changed, 5 insertions(+) diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c b/MdeModulePkg/Core/Dxe/Gcd/Gc= d.c index 72bd036eab1e..392586d5b17c 100644 --- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c +++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c @@ -150,6 +150,10 @@ CoreDumpGcdMemorySpaceMap ( EFI_GCD_MEMORY_SPACE_DESCRIPTOR *MemorySpaceMap; UINTN Index; =20 + if ((PcdGet32 (PcdDebugPrintErrorLevel) & DEBUG_GCD) =3D=3D 0) { + return; + } + Status =3D CoreGetMemorySpaceMap (&NumberOfDescriptors, &MemorySpaceMap); ASSERT (Status =3D=3D EFI_SUCCESS && MemorySpaceMap !=3D NULL); =20 diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 35d5bf0dee6f..6c896a0e7f0f 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -187,6 +187,7 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth = ## CONSUMES + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel = ## CONSUMES =20 # [Hob] # RESOURCE_DESCRIPTOR ## CONSUMES --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108869): https://edk2.groups.io/g/devel/message/108869 Mute This Topic: https://groups.io/mt/101469944/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108870+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108870+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171491; cv=none; d=zohomail.com; s=zohoarc; b=U6x3kTrExzn/BH4qUQu8qOd4SDPxXMKkqntHLuCEYFqgGa8rRvYxatcQ2H7z3XZbsbtS+1MKjmO9Loryn5gPZ38qHt8T8lXAj8BojCYGV0rTPn4K2U3vpvYNkRYamw94rshLij3rWOZYBgw3//7CX/0UstRTVRoZfKZWBx83R6U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171491; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=YU+M7cwDJeNiEXVLaIJMUZS1zvvtuVZ9QFvE4u2tQgk=; b=Hazeczyy/wjcf7r/V6oyjZRbrExqbLlyuXKs1VEEyWPZ2PfIp7GdILl8loamAYdim1/5fkR+m04dIkCBbx8LpwAuvfAttYGyctiSpqag/58zpaJt0wcEq4HFtRnszDuKgxnJ+BFhTBOOBYOl2w2rCh2gej3XYnHRvKTV5Y2bWnM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108870+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 169517149183542.492602716863644; Tue, 19 Sep 2023 17:58:11 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=1e6mEACJObm2jVuE6yH1574rFEqqhieQd/VSvlzDY40=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171491; v=1; b=RCAfD7Escu1RUbhp4IoG6Jmsm2n7mph3aSDN976SToJgWOBlpcQT2Bzxwey5CB8B3YqXQcZX OS+OQ7JeZANG7wJQ/+fA5pEpqc7bbpa0J8UA3VHm/WGlJhJYQZ6Fp1yR/5uAyb9Y7zDjRqn88Un LA6Pd35ldmXAK2PBmYJM/dbE= X-Received: by 127.0.0.2 with SMTP id NxmlYY1788612xtCHjcC2AnS; Tue, 19 Sep 2023 17:58:11 -0700 X-Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web11.26919.1695171490961591401 for ; Tue, 19 Sep 2023 17:58:11 -0700 X-Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1c572c9c852so21111585ad.2 for ; Tue, 19 Sep 2023 17:58:10 -0700 (PDT) X-Gm-Message-State: QWtImKT1ZAqawRsHRWWsgMlax1787277AA= X-Google-Smtp-Source: AGHT+IH969CuN20GL9neAZv5S3tSmwRxCwn5380WnWT28zZRk1RKuh+nZXC+8j4dsAfUs1tqjODLoA== X-Received: by 2002:a17:902:f54e:b0:1c3:39f8:3e67 with SMTP id h14-20020a170902f54e00b001c339f83e67mr1145472plf.20.1695171490138; Tue, 19 Sep 2023 17:58:10 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:09 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 08/28] UefiCpuPkg: Always Set Stack Guard in MpPei Init Date: Tue, 19 Sep 2023 17:57:31 -0700 Message-ID: <20230920005752.2041-9-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171494090100043 Content-Type: text/plain; charset="utf-8" Memory protection is not set in PEI and ingested during and after DXE handoff. This paradigm means that the platform cannot reliably query the stack guard setting during MpInit. Because the execution path of PEI consistent and no third party code is executed, setting the stack guard in MpInit on every boot should be fine. Signed-off-by: Taylor Beebe Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/CpuMpPei/CpuMpPei.c | 8 +++----- UefiCpuPkg/CpuMpPei/CpuPaging.c | 16 ++++++++-------- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 3 ++- UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 - 4 files changed, 13 insertions(+), 15 deletions(-) diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.c b/UefiCpuPkg/CpuMpPei/CpuMpPei.c index b504bea3cfeb..ca0c6bdb4b21 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.c +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.c @@ -469,10 +469,6 @@ InitializeMpExceptionStackSwitchHandlers ( EFI_STATUS Status; UINT8 *Buffer; =20 - if (!PcdGetBool (PcdCpuStackGuard)) { - return; - } - Status =3D MpInitLibGetNumberOfProcessors (&NumberOfProcessors, NULL); ASSERT_EFI_ERROR (Status); =20 @@ -589,7 +585,9 @@ InitializeCpuMpWorker ( // // Special initialization for the sake of Stack Guard // - InitializeMpExceptionStackSwitchHandlers (); + if (mInitStackGuard) { + InitializeMpExceptionStackSwitchHandlers (); + } =20 // // Update and publish CPU BIST information diff --git a/UefiCpuPkg/CpuMpPei/CpuPaging.c b/UefiCpuPkg/CpuMpPei/CpuPagin= g.c index b7ddb0005b6f..0ab8ceeee8a6 100644 --- a/UefiCpuPkg/CpuMpPei/CpuPaging.c +++ b/UefiCpuPkg/CpuMpPei/CpuPaging.c @@ -68,6 +68,8 @@ EFI_PEI_NOTIFY_DESCRIPTOR mPostMemNotifyList[] =3D { } }; =20 +BOOLEAN mInitStackGuard =3D FALSE; + /** The function will check if IA32 PAE is supported. =20 @@ -532,7 +534,7 @@ SetupStackGuardPage ( } =20 /** - Enable/setup stack guard for each processor if PcdCpuStackGuard is set t= o TRUE. + Enable/setup stack guard for each processor. =20 Doing this in the memory-discovered callback is to make sure the Stack G= uard feature to cover as most PEI code as possible. @@ -553,7 +555,6 @@ MemoryDiscoveredPpiNotifyCallback ( ) { EFI_STATUS Status; - BOOLEAN InitStackGuard; EDKII_MIGRATED_FV_INFO *MigratedFvInfo; EFI_PEI_HOB_POINTERS Hob; IA32_CR0 Cr0; @@ -563,11 +564,10 @@ MemoryDiscoveredPpiNotifyCallback ( // initialization later will not contain paging information and then fail // the task switch (for the sake of stack switch). // - InitStackGuard =3D FALSE; - Hob.Raw =3D NULL; + Hob.Raw =3D NULL; if (IsIa32PaeSupported ()) { - Hob.Raw =3D GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); - InitStackGuard =3D PcdGetBool (PcdCpuStackGuard); + Hob.Raw =3D GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid); + mInitStackGuard =3D TRUE; } =20 // @@ -575,7 +575,7 @@ MemoryDiscoveredPpiNotifyCallback ( // is to enable paging if it is not enabled (only in 32bit mode). // Cr0.UintN =3D AsmReadCr0 (); - if ((Cr0.Bits.PG =3D=3D 0) && (InitStackGuard || (Hob.Raw !=3D NULL))) { + if ((Cr0.Bits.PG =3D=3D 0) && (mInitStackGuard || (Hob.Raw !=3D NULL))) { ASSERT (sizeof (UINTN) =3D=3D sizeof (UINT32)); =20 Status =3D EnablePaePageTable (); @@ -588,7 +588,7 @@ MemoryDiscoveredPpiNotifyCallback ( Status =3D InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices= ); ASSERT_EFI_ERROR (Status); =20 - if (InitStackGuard) { + if (mInitStackGuard) { SetupStackGuardPage (); } =20 diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.h b/UefiCpuPkg/CpuMpPei/CpuMpPei.h index 1b9a94e18fdf..d0db4e480e13 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.h +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.h @@ -31,6 +31,7 @@ #include =20 extern EFI_PEI_PPI_DESCRIPTOR mPeiCpuMpPpiDesc; +extern BOOLEAN mInitStackGuard; =20 /** This service retrieves the number of logical processor in the platform @@ -426,7 +427,7 @@ InitializeCpuMpWorker ( ); =20 /** - Enable/setup stack guard for each processor if PcdCpuStackGuard is set t= o TRUE. + Enable/setup stack guard for each processor. =20 Doing this in the memory-discovered callback is to make sure the Stack G= uard feature to cover as most PEI code as possible. diff --git a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf b/UefiCpuPkg/CpuMpPei/CpuMpPe= i.inf index 865be5627e85..6a987754120a 100644 --- a/UefiCpuPkg/CpuMpPei/CpuMpPei.inf +++ b/UefiCpuPkg/CpuMpPei/CpuMpPei.inf @@ -64,7 +64,6 @@ [Ppis] =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ##= SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ##= SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize ##= SOMETIMES_CONSUMES --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108870): https://edk2.groups.io/g/devel/message/108870 Mute This Topic: https://groups.io/mt/101469946/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108871+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108871+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171492; cv=none; d=zohomail.com; s=zohoarc; b=HhmUp4vgoObeJS+s8MGqh18h5aZjTwP+5dmyXfnHGYm6p9nqNoStN0ImWcwtG/EoQxKPe2eg3eUX8YcACXqbgwm4aL3RfKc8Vfj+YXJ+OqrZBW84BhaGbal1nB/wZzVU2doD2D2gAKG/qCAnmbCkZbfyXaSfrjSNYPQPIXxKesE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171492; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=x3wH2kFc0so5BpdcuIG+tV3OHjHj2yYAda/YZ4yyf7M=; b=kKn8T3dsc3S8YWbyJkAlWZg3PvNqWN2zPaE3+BH3AuF4QNkP5X85qJ5xNJVqtYmNNxbg6wpmu14OX2uV2pAs0seOhJHJJ8gYIhxpi6DmHQMLOR0+kLJmhhUjUKntIeo3aAWAfv1+xm6GbSwWp9RCF2Hf7XarlMhZ1DC8tGw9qSI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108871+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171492369754.7152791113739; Tue, 19 Sep 2023 17:58:12 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=wQIPaoqwu6N1KO0RczFnnQftTDiSr8lp7HckBwPDFOs=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171492; v=1; b=l6l4N8+OqKzaeaylSWHJNB9ofkoZFHiueZWi3inwXl7NlOefzJb96dxco9QgpKu+BxM1No+K Yo1LCyNZj5kPdJufzCEUvrJN7f/3PAWgPc6pfAsqliLBgLbxz4YTaxZ/13B4QCjeHQC3Aj43eIg /8gcPr4ESPwiem15CfzZkb7Q= X-Received: by 127.0.0.2 with SMTP id mSzBYY1788612xFI6w0O0cNX; Tue, 19 Sep 2023 17:58:12 -0700 X-Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by mx.groups.io with SMTP id smtpd.web11.26920.1695171491581246503 for ; Tue, 19 Sep 2023 17:58:11 -0700 X-Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1c0c6d4d650so56514535ad.0 for ; Tue, 19 Sep 2023 17:58:11 -0700 (PDT) X-Gm-Message-State: fafxhEOi1irnedZXGOdovXisx1787277AA= X-Google-Smtp-Source: AGHT+IF0cHBOmGs6QQ2+z8XOrdtFky3USDnEY/sRU3GK4xruvQ6qMjr7NWQ/1cYyJLCCN+lViXT6Rg== X-Received: by 2002:a17:902:82c4:b0:1c3:758d:32de with SMTP id u4-20020a17090282c400b001c3758d32demr1094234plz.12.1695171490909; Tue, 19 Sep 2023 17:58:10 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:10 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann , Julien Grall Subject: [edk2-devel] [PATCH v4 09/28] ArmVirtPkg: Add Memory Protection Library Definitions to Platforms Date: Tue, 19 Sep 2023 17:57:32 -0700 Message-ID: <20230920005752.2041-10-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171493242100037 Content-Type: text/plain; charset="utf-8" Add library classes for SetMemoryProtectionsLib and GetMemoryProtectionsLib to ArmVirtPkg. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann Cc: Julien Grall --- ArmVirtPkg/ArmVirt.dsc.inc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 3f7bac6bf33a..f76601503cd9 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -156,6 +156,12 @@ [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf =20 + # + # Memory Protection Libraries for setting and getting memory protection = settings + # + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLib.inf + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Dxe= GetMemoryProtectionsLib.inf + # # Secure Boot dependencies # --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108871): https://edk2.groups.io/g/devel/message/108871 Mute This Topic: https://groups.io/mt/101469947/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108872+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108872+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171493; cv=none; d=zohomail.com; s=zohoarc; b=QV3BuhlXfs6tfQSSOPWn4j1qWHKItdOt6C2e4O0H269ddFZnS2bOXAm80stMNu4HQ5dnpIYVU2XaOhuQNGj/hijG8HAZixOur6ytY5nqqnhlCN/Pqmng9DjGgzqJnnZ2ZMIa5PDJUScDc9BHU8aXUDOGHPUbC6pyMSr+q0wCfeA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171493; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=pdJhnxutul/kHEuPsGOyn+nEgEt3BcIHgZgHVJU8NPg=; b=htjn2SgTPnkuQqbMDooZfcVWvzVdEuD5gqdPBBucnK7JChn0nd1WTLWuJiTw2B9cwjAqm6hRXOL8bOySFT9tNH6+scUWLHjA/60GLICXsweAPp5WDzLq9n+1Y499uhXTg90INayxICktGlVMJCvv9R01Tf90nCZYjX0yH4Lq2C0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108872+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171493173945.4239683809506; Tue, 19 Sep 2023 17:58:13 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=3/eB0J83k5xl6w+1fegAPY68OPKsW0VCflCQIvR4NyQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1695171492; v=1; b=Mq1elvgzAe8RsLktGheWYFVAqiBaPzkZIBRSYQ0I4MlfGrDGgoWRb/RPbTSMy70kPzz4y9B3 hJ0nROHkko7phlobp53io5SkVtL3e9jQfok7On7thtTrHkMFRoAYQvGiza6Q+s42YwQ5QCGe5UE zmc0GpjWEsI8Gd+4hmSwASh4= X-Received: by 127.0.0.2 with SMTP id OQc3YY1788612xKrGr7wRSkv; Tue, 19 Sep 2023 17:58:12 -0700 X-Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.26781.1695171492326677650 for ; Tue, 19 Sep 2023 17:58:12 -0700 X-Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-1c465d59719so25655245ad.1 for ; Tue, 19 Sep 2023 17:58:12 -0700 (PDT) X-Gm-Message-State: fGDx6ZRWUH0Yo3UR3uzKMLeex1787277AA= X-Google-Smtp-Source: AGHT+IFDgnt4uXAJwIXWfnNFy44kyNdfydoWiNgQ9BydJY7avzSUiGivbhBHc3UZFB3CTXofic7oXw== X-Received: by 2002:a17:902:d48f:b0:1c3:bc2a:f6b4 with SMTP id c15-20020a170902d48f00b001c3bc2af6b4mr1205104plg.42.1695171491666; Tue, 19 Sep 2023 17:58:11 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:11 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Rebecca Cran , Peter Grehan , =?UTF-8?q?Corvin=20K=C3=B6hne?= , Jianyong Wu , Anatol Belski , Anthony Perard , Julien Grall Subject: [edk2-devel] [PATCH v4 10/28] OvmfPkg: Add Memory Protection Library Definitions to Platforms Date: Tue, 19 Sep 2023 17:57:33 -0700 Message-ID: <20230920005752.2041-11-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171493899100041 Add library classes for SetMemoryProtectionsLib and GetMemoryProtectionsLib to OvmfPkg platfomrs. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Rebecca Cran Cc: Peter Grehan Cc: Corvin K=C3=B6hne Cc: Jianyong Wu Cc: Anatol Belski Cc: Anthony Perard Cc: Julien Grall --- OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/Bhyve/BhyveX64.dsc | 1 + OvmfPkg/CloudHv/CloudHvX64.dsc | 1 + OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc | 15 +++++++++++++++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 ++ OvmfPkg/Microvm/MicrovmX64.dsc | 2 ++ OvmfPkg/OvmfPkgIa32.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + OvmfPkg/OvmfXen.dsc | 2 ++ OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc | 2 ++ 11 files changed, 29 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 302c90e7c2b4..b67b50b833b9 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -203,6 +203,7 @@ [LibraryClasses] S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScrip= tLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc index 6693342c5f6e..5af5831196f6 100644 --- a/OvmfPkg/Bhyve/BhyveX64.dsc +++ b/OvmfPkg/Bhyve/BhyveX64.dsc @@ -229,6 +229,7 @@ [LibraryClasses] XenPlatformLib|OvmfPkg/Library/XenPlatformLib/XenPlatformLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index 35942e02df93..c550ebcd659e 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -239,6 +239,7 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc b/OvmfPk= g/Include/Dsc/MemoryProtectionLibraries.dsc.inc new file mode 100644 index 000000000000..049fdef3f0c1 --- /dev/null +++ b/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc @@ -0,0 +1,15 @@ +## +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +# +# Memory Protection Libraries +# +[LibraryClasses.common] + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLib.inf + +[LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER, Lib= raryClasses.common.MM_CORE_STANDALONE, LibraryClasses.common.MM_STANDALONE] + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/MmG= etMemoryProtectionsLib.inf + +[LibraryClasses.common.DXE_CORE, LibraryClasses.common.DXE_DRIVER, Library= Classes.common.UEFI_APPLICATION, LibraryClasses.common.UEFI_DRIVER] + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Dxe= GetMemoryProtectionsLib.inf diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index 182ec3705dd3..a3370f45940c 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -211,6 +211,8 @@ [LibraryClasses] Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasure= mentLib.inf =20 +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc + [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index 0f26f2a9a97d..da5a4862bfdc 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -238,6 +238,8 @@ [LibraryClasses] Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeT= cg2PhysicalPresenceLib.inf TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurem= entLibNull.inf =20 +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc + [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index fcd3a3fda5f2..d4d14b69ef1d 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -246,6 +246,7 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index d0ae0b996d66..674010323df1 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -251,6 +251,7 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index a6811eee557e..08b70d76d292 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -267,6 +267,7 @@ [LibraryClasses] OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib= /BaseOrderedCollectionRedBlackTreeLib.inf =20 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc =20 [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index ccd3a873c714..d80e20a151d7 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -231,6 +231,8 @@ [LibraryClasses] DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i= nf !endif =20 +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc + [LibraryClasses.common] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf diff --git a/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc b/OvmfPkg/RiscVVirt/RiscVV= irtQemu.dsc index 34b2037824f1..dd25a34796e5 100644 --- a/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc +++ b/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc @@ -112,6 +112,8 @@ [LibraryClasses.common] TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLi= bNull/PeiDxeTpmPlatformHierarchyLib.inf !endif =20 +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc + [LibraryClasses.common.DXE_DRIVER] AcpiPlatformLib|OvmfPkg/Library/AcpiPlatformLib/DxeAcpiPlatformLib.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108872): https://edk2.groups.io/g/devel/message/108872 Mute This Topic: https://groups.io/mt/101469948/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108873+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108873+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171493; cv=none; d=zohomail.com; s=zohoarc; b=BsRbCELmg10qEOlTLk4MAEYHyCUVpf6ls5LMOKX5nsC7IgOO6TDGoOIrpGN/6H6Hb/h7w+dfm7pJmueMGWFNfpGJEZBqY/h/2xLjEz3gUY3Jtmd1CdLj+rqoIMCPspeLGCq4UDRIgHr/vPwlnPwbkWQY2653awkUPZjQzWcCqXU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171493; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=VbvrEST92FoFAi4iK9cINy+DuToQwleLIk30Fs8ZtWo=; b=luOc9x4kVc2e/kjC9yCuEvVwF/wYSPmKCVJTh7uCDFnnUsyXQy5pfnLd4cIpr5zwYxm6tcNu+ASub2r38KGBnbU+xBuXuFDIILhzBmr8sMrD4/hxVLWPzuvp2rzRqV8yq1bwwOWsjtucFs2QhGd2KrV7h9q9wGPKSWp8icidHVI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108873+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171493986614.7616537926507; Tue, 19 Sep 2023 17:58:13 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=n5ZHV1wUMcSvdzhR6pHLPf79JuXzGO/eR6ybtf+m0xU=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171493; v=1; b=GDfohEJ3pXn/fCBiD8cShqzNb1BkS9jpG7LlpjUB5MFBu0kVyL+Jli3jBqlCak80oFFGIILz GNFodkywtJmYa0M1QqSk3fJwKxUBoWxo7ZP1WF6uMj5lMCjiBL8HLyFgZrv9j5XW7KLlTiBmTEt rJXomFB2dgbBaDINbIqA0w9A= X-Received: by 127.0.0.2 with SMTP id A6k0YY1788612xsQ4EnOeTkv; Tue, 19 Sep 2023 17:58:13 -0700 X-Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web11.26922.1695171493119287273 for ; Tue, 19 Sep 2023 17:58:13 -0700 X-Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-690bf8fdd1aso1523941b3a.2 for ; Tue, 19 Sep 2023 17:58:13 -0700 (PDT) X-Gm-Message-State: Ue1AwWnQdPINUaP6MGmxJwQZx1787277AA= X-Google-Smtp-Source: AGHT+IEohLE+bh4SK6H6o3bR3giXUx0mhmoU0axskQSfFPr9fvXpxe5FA7pL7LLM5+DvxTpb2QknaQ== X-Received: by 2002:a05:6a21:a597:b0:155:1a5a:9e31 with SMTP id gd23-20020a056a21a59700b001551a5a9e31mr1446208pzc.16.1695171492333; Tue, 19 Sep 2023 17:58:12 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:11 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 11/28] OvmfPkg: Apply Memory Protections via SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:34 -0700 Message-ID: <20230920005752.2041-12-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171496055100049 Content-Type: text/plain; charset="utf-8" Use SetMemoryProtectionsLib to set the memory protections for the platform in both normal and PEI-less boot. The protections set are equivalent to the PCD settings and the ability to set NxForStack via QemuCfg is preserved. Once the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete in the rest of EDK2, the mechanics of setting protections in OvmfPkg will be updated and the memory protection PCDs will be deleted. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann --- OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c | 15 +++++++++++++= -- OvmfPkg/PlatformPei/Platform.c | 15 +++++++++++++= -- OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 3 +++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + 4 files changed, 30 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c b/OvmfPkg/L= ibrary/PeilessStartupLib/PeilessStartup.c index 1632a2317718..cf645aad3246 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c @@ -14,10 +14,13 @@ #include #include #include +#include #include #include #include #include +#include +#include #include #include #include @@ -42,7 +45,9 @@ InitializePlatform ( EFI_HOB_PLATFORM_INFO *PlatformInfoHob ) { - VOID *VariableStore; + VOID *VariableStore; + DXE_MEMORY_PROTECTION_SETTINGS DxeSettings; + MM_MEMORY_PROTECTION_SETTINGS MmSettings; =20 DEBUG ((DEBUG_INFO, "InitializePlatform in Pei-less boot\n")); PlatformDebugDumpCmos (); @@ -104,7 +109,13 @@ InitializePlatform ( =20 PlatformMemMapInitialization (PlatformInfoHob); =20 - PlatformNoexecDxeInitialization (PlatformInfoHob); + DxeSettings =3D DxeMemoryProtectionProfi= les[DxeMemoryProtectionSettingsPcd].Settings; + MmSettings =3D MmMemoryProtectionProfil= es[MmMemoryProtectionSettingsPcd].Settings; + DxeSettings.StackExecutionProtectionEnabled =3D PcdGetBool (PcdSetNxForS= tack); + QemuFwCfgParseBool ("opt/ovmf/PcdSetNxForStack", &DxeSettings.StackExecu= tionProtectionEnabled); + + SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sPcd); + SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsPc= d); =20 if (TdIsEnabled ()) { PlatformInfoHob->PcdConfidentialComputingGuestAttr =3D CCAttrIntelTdx; diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c index f5dc41c3a8c4..bcd8d3a1be14 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c @@ -38,6 +38,7 @@ #include #include #include +#include =20 #include "Platform.h" =20 @@ -304,8 +305,10 @@ InitializePlatform ( IN CONST EFI_PEI_SERVICES **PeiServices ) { - EFI_HOB_PLATFORM_INFO *PlatformInfoHob; - EFI_STATUS Status; + EFI_HOB_PLATFORM_INFO *PlatformInfoHob; + EFI_STATUS Status; + DXE_MEMORY_PROTECTION_SETTINGS DxeSettings; + MM_MEMORY_PROTECTION_SETTINGS MmSettings; =20 DEBUG ((DEBUG_INFO, "Platform PEIM Loaded\n")); PlatformInfoHob =3D BuildPlatformInfoHob (); @@ -342,6 +345,14 @@ InitializePlatform ( =20 PublishPeiMemory (PlatformInfoHob); =20 + DxeSettings =3D DxeMemoryProtectionProfi= les[DxeMemoryProtectionSettingsPcd].Settings; + MmSettings =3D MmMemoryProtectionProfil= es[MmMemoryProtectionSettingsPcd].Settings; + DxeSettings.StackExecutionProtectionEnabled =3D PcdGetBool (PcdSetNxForS= tack); + QemuFwCfgParseBool ("opt/ovmf/PcdSetNxForStack", &DxeSettings.StackExecu= tionProtectionEnabled); + + SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sPcd); + SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsPc= d); + PlatformQemuUc32BaseInitialization (PlatformInfoHob); =20 InitializeRamRegions (PlatformInfoHob); diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/Ovmf= Pkg/Library/PeilessStartupLib/PeilessStartupLib.inf index 585d50463748..f0a8a5a56df4 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf @@ -56,6 +56,8 @@ [LibraryClasses] PrePiLib QemuFwCfgLib PlatformInitLib + SetMemoryProtectionsLib + QemuFwCfgSimpleParserLib =20 [Guids] gEfiHobMemoryAllocModuleGuid @@ -81,6 +83,7 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIM= ES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ##= CONSUMES gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootSupported diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index 3934aeed9514..6b8442d12b2c 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -65,6 +65,7 @@ [LibraryClasses] PcdLib CcExitLib PlatformInitLib + SetMemoryProtectionsLib =20 [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108873): https://edk2.groups.io/g/devel/message/108873 Mute This Topic: https://groups.io/mt/101469949/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108874+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108874+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171495; cv=none; d=zohomail.com; s=zohoarc; b=Ipaca78rkpLO6AgWeHZLsbqVPxIiVFqx1E5w/7aMm3HXUI8IPklh7w41SD+i7SeYERySeVTUtr6ysbTG9Qa+CwuM26EP4o5jKwkbavfKeSD9nhJ7MRcWQi+8azRMrm4u1srSXTHe0UUmSMXY/yTCw1hWUJAPB9jCnY6GucTCkXU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171495; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=B2JJieSbPJXvZHPDpgNj+mQ5TzQLHtIxB8y0z0Nl2PE=; b=Lhved79cKdgupVAFPlSfUTuNyBOe+RHVprwqiJw2dcSnayYe3kUYSJdugQWEXDXET88OX4GUVq284xYe2r0JHKJJdP1vO7SiGFBGXHcvl1WDzq6L7AHXdM1MKPOzXYK69xq8JX8kDTQsy02kmDhY06qgKpMwGyzI76t2fe2nEKY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108874+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171495284377.53694173530573; Tue, 19 Sep 2023 17:58:15 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=8NZ9i/oY7YWNTncqp8JV9GZMJBq2RpNpAE3MVYyFhrA=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171495; v=1; b=qC5I9A85UaepF2AqGXOVE6z9EI8ddkIueiGbQ0WqmP7McxOjHTwf5pUFxOUTl4/Ehg5YVPce D9tdUhYMOwEE62J9GS3u0piGS9Tq5CUgiMMmPPqQ8wK9gEAMm6P2he+AztXODpTGXW9Ap0+2doR kG/0mzlM8tlKNeoW5B5d7bBc= X-Received: by 127.0.0.2 with SMTP id DWntYY1788612xZuXMYaBJYt; Tue, 19 Sep 2023 17:58:15 -0700 X-Received: from mail-pg1-f171.google.com (mail-pg1-f171.google.com [209.85.215.171]) by mx.groups.io with SMTP id smtpd.web10.26784.1695171494219632644 for ; Tue, 19 Sep 2023 17:58:14 -0700 X-Received: by mail-pg1-f171.google.com with SMTP id 41be03b00d2f7-578a44dfa88so1412403a12.0 for ; Tue, 19 Sep 2023 17:58:14 -0700 (PDT) X-Gm-Message-State: p200dpvIk22yA2uWzh5MDxJPx1787277AA= X-Google-Smtp-Source: AGHT+IFaVdLcCbubNxUgvl0tM0FytTmkeqYjNtduabEefONgdWA6e9UBFjxwD5UIuIhLOK2vqqt1qw== X-Received: by 2002:a05:6a21:3e05:b0:14b:ecab:a6ba with SMTP id bk5-20020a056a213e0500b0014becaba6bamr1082286pzc.28.1695171493325; Tue, 19 Sep 2023 17:58:13 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:12 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 12/28] OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:35 -0700 Message-ID: <20230920005752.2041-13-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171496062100050 Content-Type: text/plain; charset="utf-8" This patch updates the DXE Handoff in PEI-less Startup to use SetMemoryProtectionsLib to get the platform memory protection settings and build the page tables based on the applied protections. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann --- OvmfPkg/Library/PeilessStartupLib/DxeLoad.c | 6 +++++- OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c | 13 ++++++++----- OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 4 ---- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c b/OvmfPkg/Library/= PeilessStartupLib/DxeLoad.c index d34690eb8a0b..f8ff53876369 100644 --- a/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c +++ b/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c @@ -20,9 +20,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include "X64/PageTables.h" #include +#include =20 #define STACK_SIZE 0x20000 -extern EFI_GUID gEfiNonCcFvGuid; +extern EFI_GUID gEfiNonCcFvGuid; +MEMORY_PROTECTION_SETTINGS mMps =3D { 0 }; =20 /** Transfers control to DxeCore. @@ -42,6 +44,8 @@ HandOffToDxeCore ( VOID *TopOfStack; UINTN PageTables; =20 + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is en= abled. // diff --git a/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c b/OvmfPk= g/Library/PeilessStartupLib/X64/VirtualMemory.c index e2c1bac5e059..41521e3d3d71 100644 --- a/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c +++ b/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include #include #include "PageTables.h" @@ -45,6 +46,8 @@ UINT64 mLevelSize[5] =3D { SIZE_512GB }; =20 +extern MEMORY_PROTECTION_SETTINGS mMps; + BOOLEAN IsSetNxForStack ( VOID @@ -142,7 +145,7 @@ IsNullDetectionEnabled ( VOID ) { - return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) !=3D 0); + return mMps.Dxe.NullPointerDetection.Enabled; } =20 /** @@ -197,8 +200,8 @@ IsEnableNonExecNeeded ( // Features controlled by Following PCDs need this feature to be enabled. // return (IsSetNxForStack () || - FixedPcdGet64 (PcdDxeNxMemoryProtectionPolicy) !=3D 0 || - PcdGet32 (PcdImageProtectionPolicy) !=3D 0); + !IsZeroBuffer (&mMps.Dxe.ExecutionProtection.EnabledForType, MPS= _MEMORY_TYPE_BUFFER_SIZE) || + (mMps.Dxe.ImageProtection.ProtectImageFromFv || mMps.Dxe.ImagePr= otection.ProtectImageFromUnknown)); } =20 /** @@ -241,7 +244,7 @@ ToSplitPageTable ( return TRUE; } =20 - if (FixedPcdGetBool (PcdCpuStackGuard)) { + if (mMps.Dxe.CpuStackGuardEnabled) { if ((StackBase >=3D Address) && (StackBase < (Address + Size))) { return TRUE; } @@ -427,7 +430,7 @@ Split2MPageTo4K ( PageTableEntry->Bits.ReadWrite =3D 1; =20 if ((IsNullDetectionEnabled () && (PhysicalAddress4K =3D=3D 0)) || - (FixedPcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K =3D=3D S= tackBase))) + (mMps.Dxe.CpuStackGuardEnabled && (PhysicalAddress4K =3D=3D StackB= ase))) { PageTableEntry->Bits.Present =3D 0; } else { diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/Ovmf= Pkg/Library/PeilessStartupLib/PeilessStartupLib.inf index f0a8a5a56df4..47bd42d23d11 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf @@ -77,12 +77,8 @@ [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplBuildPageTables ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIM= ES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ##= CONSUMES gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108874): https://edk2.groups.io/g/devel/message/108874 Mute This Topic: https://groups.io/mt/101469950/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108875+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108875+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171495; cv=none; d=zohomail.com; s=zohoarc; b=FZZ8zW9OL6IQBQnEUcIGOIstMFwhOykWbIarPVnH70P3SrI47ynOzxLC4NaAkIBWxwqqg8UriYbpJDp9cXpRNwyrokzY1/0T1ISLV8imKq37RbhVWQDJKseUDgNbIUu9V67uep/Ur6FIw+Yccca1QtQaRMpUOJkiXGpHixUxCe8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171495; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=vRhKWmgTYCC0+IRjzN6SsUmfaKS25+nctjsPXEIng8o=; b=ljogxi/ug2LYncVCeVmqnXRs5rcEVeIOFO+R6+jqNOqS/bgBe9h3zqGY9jsPU7lQL2vEwEszP5tzv1JZ+qwJLtDfXX3ExjGVZQnpgBLE3aVgMjO6rdYlEs+a7+PMRuJUeCcw+F4C0Aiq9o9RCRcikeS9j2lALoqrYKJJkcOlxO0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108875+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171495671948.8466688448289; Tue, 19 Sep 2023 17:58:15 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=gJs5+RqHnKipBAZFCVWr/DnoqKKV09cmPd5+V555VTk=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171495; v=1; b=Eo/VYPiKbLojGzBm60oiFwRIlcnimGv6ZDu7zVt0bnTFB6RulSJk8zBH9v2Ib0G0D8GKaomZ qHhMYBS58XYlw21L7tISb/mulz9inloyrd5iQLZRhdA7p5mBHbxWCV0CcOV24+10zsAZQY/hXCv lD4mC78mNNIAuQjTnefvDcCA= X-Received: by 127.0.0.2 with SMTP id TcucYY1788612xVF2bQU5662; Tue, 19 Sep 2023 17:58:15 -0700 X-Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web11.26924.1695171494706258413 for ; Tue, 19 Sep 2023 17:58:14 -0700 X-Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-1bdf4752c3cso46660195ad.2 for ; Tue, 19 Sep 2023 17:58:14 -0700 (PDT) X-Gm-Message-State: SCVEOlCH9FOUslFavTjqsqTvx1787277AA= X-Google-Smtp-Source: AGHT+IEdZuatUOvTMeUm0uAVM07Feg88gnPUfUZCdTbN0EFdT7/lXzVX29jjWrhKCYVNMlWEfCLFuQ== X-Received: by 2002:a17:903:246:b0:1c3:3363:8aea with SMTP id j6-20020a170903024600b001c333638aeamr987165plh.61.1695171493925; Tue, 19 Sep 2023 17:58:13 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:13 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Guo Dong , Sean Rhodes , James Lu , Gua Guo Subject: [edk2-devel] [PATCH v4 13/28] UefiPayloadPkg: Update DXE Handoff to use SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:36 -0700 Message-ID: <20230920005752.2041-14-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171496085100051 Content-Type: text/plain; charset="utf-8" Update the DXE handoff logic in UefiPayloadPkg to use SetMemoryProtectionsLib to fetch the platform memory protection settings and reference them when creating the page tables. Because the protection profile is equivalent to the PCD settings even when the platform does not explicitly set a profile, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Guo Dong Cc: Sean Rhodes Cc: James Lu Cc: Gua Guo --- UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c | 11 +++++++++-- UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c | 2 ++ UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c | 8 ++++++-- UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c | 15 +++++++++--= ---- UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h | 1 + UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf | 9 +-------- UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf | 9 +-------- UefiPayloadPkg/UefiPayloadPkg.dsc | 12 ++++++++++++ 8 files changed, 41 insertions(+), 26 deletions(-) diff --git a/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c b/UefiPaylo= adPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c index 61a9f01ec9e7..4ede962e6544 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c +++ b/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c @@ -78,6 +78,8 @@ GLOBAL_REMOVE_IF_UNREFERENCED IA32_DESCRIPTOR gLidtDesc= riptor =3D { 0 }; =20 +extern MEMORY_PROTECTION_SETTINGS mMps; + /** Allocates and fills in the Page Directory and Page Table Entries to establish a 4G page table. @@ -227,11 +229,14 @@ ToBuildPageTable ( return TRUE; } =20 - if (PcdGet8 (PcdHeapGuardPropertyMask) !=3D 0) { + if (mMps.Dxe.HeapGuard.PageGuardEnabled || + mMps.Dxe.HeapGuard.PageGuardEnabled || + mMps.Dxe.HeapGuard.FreedMemoryGuardEnabled) + { return TRUE; } =20 - if (PcdGetBool (PcdCpuStackGuard)) { + if (mMps.Dxe.CpuStackGuardEnabled) { return TRUE; } =20 @@ -268,6 +273,8 @@ HandOffToDxeCore ( UINT32 Index; X64_IDT_TABLE *IdtTableForX64; =20 + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is en= abled. // diff --git a/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c b/UefiPayloadPkg= /UefiPayloadEntry/LoadDxeCore.c index 898d610951fa..a4074346c059 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c +++ b/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c @@ -8,6 +8,8 @@ =20 #include "UefiPayloadEntry.h" =20 +MEMORY_PROTECTION_SETTINGS mMps =3D { 0 }; + /** Allocate pages for code. =20 diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c b/UefiPayloa= dPkg/UefiPayloadEntry/X64/DxeLoadFunc.c index 346e3feb0459..002ae6e5ab97 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c @@ -17,6 +17,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "UefiPayloadEntry.h" #define STACK_SIZE 0x20000 =20 +extern MEMORY_PROTECTION_SETTINGS mMps; + /** Transfers control to DxeCore. =20 @@ -40,6 +42,8 @@ HandOffToDxeCore ( VOID *GhcbBase; UINTN GhcbSize; =20 + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is en= abled. // @@ -83,8 +87,8 @@ HandOffToDxeCore ( // Set NX for stack feature also require PcdDxeIplBuildPageTables be T= RUE // for the DxeIpl and the DxeCore are both X64. // - ASSERT (PcdGetBool (PcdSetNxForStack) =3D=3D FALSE); - ASSERT (PcdGetBool (PcdCpuStackGuard) =3D=3D FALSE); + ASSERT (!mMps.Dxe.StackExecutionProtectionEnabled); + ASSERT (!mMps.Dxe.CpuStackGuardEnabled); } =20 if (FeaturePcdGet (PcdDxeIplBuildPageTables)) { diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c b/UefiPayl= oadPkg/UefiPayloadEntry/X64/VirtualMemory.c index 1899404b244c..6a986c82cc4b 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c @@ -27,11 +27,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include #include #include #include "VirtualMemory.h" =20 +extern MEMORY_PROTECTION_SETTINGS mMps; + // // Global variable to keep track current available memory used as page tab= le. // @@ -115,7 +118,7 @@ IsNullDetectionEnabled ( VOID ) { - return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) !=3D 0); + return mMps.Dxe.NullPointerDetection.Enabled; } =20 /** @@ -169,9 +172,9 @@ IsEnableNonExecNeeded ( // XD flag (BIT63) in page table entry is only valid if IA32_EFER.NXE is= set. // Features controlled by Following PCDs need this feature to be enabled. // - return (PcdGetBool (PcdSetNxForStack) || - PcdGet64 (PcdDxeNxMemoryProtectionPolicy) !=3D 0 || - PcdGet32 (PcdImageProtectionPolicy) !=3D 0); + return (mMps.Dxe.StackExecutionProtectionEnabled || + !IsZeroBuffer (&mMps.Dxe.ExecutionProtection.EnabledForType, MPS= _MEMORY_TYPE_BUFFER_SIZE) || + (mMps.Dxe.ImageProtection.ProtectImageFromFv || mMps.Dxe.ImagePr= otection.ProtectImageFromUnknown)); } =20 /** @@ -399,14 +402,14 @@ Split2MPageTo4K ( PageTableEntry->Bits.ReadWrite =3D 1; =20 if ((IsNullDetectionEnabled () && (PhysicalAddress4K =3D=3D 0)) || - (PcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K =3D=3D StackB= ase))) + (mMps.Dxe.CpuStackGuardEnabled && (PhysicalAddress4K =3D=3D StackB= ase))) { PageTableEntry->Bits.Present =3D 0; } else { PageTableEntry->Bits.Present =3D 1; } =20 - if ( PcdGetBool (PcdSetNxForStack) + if ( mMps.Dxe.StackExecutionProtectionEnabled && (PhysicalAddress4K >=3D StackBase) && (PhysicalAddress4K < StackBase + StackSize)) { diff --git a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h b/UefiPaylo= adPkg/UefiPayloadEntry/UefiPayloadEntry.h index ad8a9fd22b66..c966f3583c77 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h +++ b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h @@ -13,6 +13,7 @@ =20 #include #include +#include #include #include #include diff --git a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf b/UefiPay= loadPkg/UefiPayloadEntry/UefiPayloadEntry.inf index e2af8a4b7c1b..589dd9d3a99c 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf +++ b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf @@ -55,6 +55,7 @@ [LibraryClasses] PeCoffLib PlatformSupportLib CpuLib + SetMemoryProtectionsLib =20 [Guids] gEfiMemoryTypeInformationGuid @@ -76,9 +77,6 @@ [FeaturePcd.X64] [Pcd.IA32,Pcd.X64] gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##= SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ##= CONSUMES =20 @@ -91,8 +89,3 @@ [Pcd.IA32,Pcd.X64] gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode - - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIM= ES_CONSUMES - diff --git a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf b/Ue= fiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf index 5112cdc1e5df..3e99011e0ac6 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf +++ b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf @@ -53,6 +53,7 @@ [LibraryClasses] HobLib PeCoffLib CpuLib + SetMemoryProtectionsLib =20 [Guids] gEfiMemoryTypeInformationGuid @@ -81,17 +82,9 @@ [Pcd.IA32,Pcd.X64] gUefiPayloadPkgTokenSpaceGuid.PcdPcdDriverFile gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##= SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ##= CONSUMES =20 gUefiPayloadPkgTokenSpaceGuid.PcdPayloadFdMemBase gUefiPayloadPkgTokenSpaceGuid.PcdPayloadFdMemSize gUefiPayloadPkgTokenSpaceGuid.PcdSystemMemoryUefiRegionSize - - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIM= ES_CONSUMES - diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayload= Pkg.dsc index 47812048ddcf..b00d75ba08db 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -312,6 +312,18 @@ [LibraryClasses] CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf =20 +# +# Memory Protection Libraries +# +[LibraryClasses.common] + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLib.inf + +[LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER] + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/MmG= etMemoryProtectionsLib.inf + +[LibraryClasses.common.DXE_CORE, LibraryClasses.common.DXE_DRIVER, Library= Classes.common.UEFI_APPLICATION, LibraryClasses.common.UEFI_DRIVER] + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Dxe= GetMemoryProtectionsLib.inf + [LibraryClasses.common] !if $(BOOTSPLASH_IMAGE) SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108875): https://edk2.groups.io/g/devel/message/108875 Mute This Topic: https://groups.io/mt/101469951/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108876+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108876+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171496; cv=none; d=zohomail.com; s=zohoarc; b=Q3v6183A8ga5zfmr/4xStIcYbYngZrYuOx0bBrNdHMjCduvoYb4Zb4J9hZyGwX7V3CAoDcKhmeDcZs8uIGGNu5jWPDIcMy8t1cV8HjQjIWpQq3hegIfMPXvBzbhuCjuYAJTKvbSI15d4gim1RyEiL7fKTTtOBrdSaOoEV1QHaSk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171496; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=VKQ3kE8eRu/8CI8W3O5Y58sndWkRRrQwXb8HI7Rh3+g=; b=kIOuXSDLtOjYrz+HNddUOIRsgfAdE/8UgEGFKhnvAajHQmfKJOgYJVdmeDt3ERew5hhXKYuordAOTB8xRn+Ky4HjQHXE+wv1HuFtl0sLo3/QwhlQ0EVijWo+FziBBDqatMyOEDGdOh1dTCLpkj8+qEZy4qoa/GorsZJXZph/a4o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108876+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171496241531.3850721611316; Tue, 19 Sep 2023 17:58:16 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=rGYjIeq89d0RkDrOrLzb/+xLZjhcTQxErjMaFhHGNts=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171495; v=1; b=NxZWqnVi08w2upWdZ9zWW8308gs1Jdo8MbXdKlcttc3ZeSZkTznrMYeiTfAg+Ldqr3ms6UJ0 kLuwe70mZZQcSg6TA4UEWJkMl5M9fK7L64XjpK6c56VlkfROqOQXUDlKlbFKz1sKMtLAjtN3/Tp vZUDN7/l570dcMBRVySDgVgs= X-Received: by 127.0.0.2 with SMTP id Fg9WYY1788612x2Whgf7qELu; Tue, 19 Sep 2023 17:58:15 -0700 X-Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by mx.groups.io with SMTP id smtpd.web11.26925.1695171495395314644 for ; Tue, 19 Sep 2023 17:58:15 -0700 X-Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1c1ff5b741cso58994715ad.2 for ; Tue, 19 Sep 2023 17:58:15 -0700 (PDT) X-Gm-Message-State: klFI7Me15Smr64HyXEhWJLYYx1787277AA= X-Google-Smtp-Source: AGHT+IE3C5aNO58PK73DAOSbuF452+AjQREV7ZwHQ0VD999HzVaAISQ9RT5oz7Qdz632SEgggIJcjw== X-Received: by 2002:a17:902:76c2:b0:1c5:be45:ca31 with SMTP id j2-20020a17090276c200b001c5be45ca31mr78292plt.28.1695171494690; Tue, 19 Sep 2023 17:58:14 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:14 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v4 14/28] MdeModulePkg: Update DXE Handoff to use SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:37 -0700 Message-ID: <20230920005752.2041-15-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171497461100057 Content-Type: text/plain; charset="utf-8" Update the DXE handoff logic in MdeModulePkg to use SetMemoryProtectionsLib to fetch the platform memory protection settings and reference them when creating the page tables. Because the protection profile is equivalent to the PCD settings even when the platform does not explicitly set a profile, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c | 4 +++- MdeModulePkg/Core/DxeIplPeim/DxeLoad.c | 2 ++ MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 9 +++++++-- MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 6 ++++-- MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 16 ++++++++-------- MdeModulePkg/Core/DxeIplPeim/DxeIpl.h | 3 +++ MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 11 +---------- 7 files changed, 28 insertions(+), 23 deletions(-) diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c b/MdeModulePkg/Core/= DxeIplPeim/DxeHandoff.c index 60400da3521a..9f7ed2069a46 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c +++ b/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c @@ -33,13 +33,15 @@ HandOffToDxeCore ( EFI_STATUS Status; EDKII_MEMORY_ATTRIBUTE_PPI *MemoryPpi; =20 + GetCurrentMemoryProtectionSettings (&mMps); + // // Allocate 128KB for the Stack // BaseOfStack =3D AllocatePages (EFI_SIZE_TO_PAGES (STACK_SIZE)); ASSERT (BaseOfStack !=3D NULL); =20 - if (PcdGetBool (PcdSetNxForStack)) { + if (mMps.Dxe.StackExecutionProtectionEnabled) { Status =3D PeiServicesLocatePpi ( &gEdkiiMemoryAttributePpiGuid, 0, diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c b/MdeModulePkg/Core/Dxe= IplPeim/DxeLoad.c index 2c19f1a507ba..0789dbca6ad8 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c +++ b/MdeModulePkg/Core/DxeIplPeim/DxeLoad.c @@ -50,6 +50,8 @@ CONST EFI_PEI_NOTIFY_DESCRIPTOR mMemoryDiscoveredNotifyL= ist =3D { InstallIplPermanentMemoryPpis }; =20 +MEMORY_PROTECTION_SETTINGS mMps =3D { 0 }; + /** Entry point of DXE IPL PEIM. =20 diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg= /Core/DxeIplPeim/Ia32/DxeLoadFunc.c index 4bc7b749b0fc..762c288d5924 100644 --- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c +++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c @@ -219,11 +219,14 @@ ToBuildPageTable ( return TRUE; } =20 - if (PcdGet8 (PcdHeapGuardPropertyMask) !=3D 0) { + if (mMps.Dxe.HeapGuard.PageGuardEnabled || + mMps.Dxe.HeapGuard.PoolGuardEnabled || + mMps.Dxe.HeapGuard.FreedMemoryGuardEnabled) + { return TRUE; } =20 - if (PcdGetBool (PcdCpuStackGuard)) { + if (mMps.Dxe.CpuStackGuardEnabled) { return TRUE; } =20 @@ -265,6 +268,8 @@ HandOffToDxeCore ( EFI_PEI_VECTOR_HANDOFF_INFO_PPI *VectorHandoffInfoPpi; BOOLEAN BuildPageTablesIa32Pae; =20 + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is en= abled. // diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c b/MdeModulePkg/= Core/DxeIplPeim/X64/DxeLoadFunc.c index fa2050cf023a..7e17a963e9ff 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c @@ -36,6 +36,8 @@ HandOffToDxeCore ( VOID *GhcbBase; UINTN GhcbSize; =20 + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is en= abled. // @@ -104,8 +106,8 @@ HandOffToDxeCore ( // Set NX for stack feature also require PcdDxeIplBuildPageTables be T= RUE // for the DxeIpl and the DxeCore are both X64. // - ASSERT (PcdGetBool (PcdSetNxForStack) =3D=3D FALSE); - ASSERT (PcdGetBool (PcdCpuStackGuard) =3D=3D FALSE); + ASSERT (!mMps.Dxe.StackExecutionProtectionEnabled); + ASSERT (!mMps.Dxe.CpuStackGuardEnabled); } =20 // diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePk= g/Core/DxeIplPeim/X64/VirtualMemory.c index 980c2002d4f5..2c75702d6a25 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c @@ -109,7 +109,7 @@ IsNullDetectionEnabled ( VOID ) { - return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) !=3D 0); + return mMps.Dxe.NullPointerDetection.Enabled; } =20 /** @@ -163,9 +163,9 @@ IsEnableNonExecNeeded ( // XD flag (BIT63) in page table entry is only valid if IA32_EFER.NXE is= set. // Features controlled by Following PCDs need this feature to be enabled. // - return (PcdGetBool (PcdSetNxForStack) || - PcdGet64 (PcdDxeNxMemoryProtectionPolicy) !=3D 0 || - PcdGet32 (PcdImageProtectionPolicy) !=3D 0); + return (mMps.Dxe.StackExecutionProtectionEnabled || + !IsZeroBuffer (&mMps.Dxe.ExecutionProtection.EnabledForType, MPS= _MEMORY_TYPE_BUFFER_SIZE) || + mMps.Dxe.ImageProtection.ProtectImageFromFv || mMps.Dxe.ImagePro= tection.ProtectImageFromUnknown); } =20 /** @@ -214,13 +214,13 @@ ToSplitPageTable ( return TRUE; } =20 - if (PcdGetBool (PcdCpuStackGuard)) { + if (mMps.Dxe.CpuStackGuardEnabled) { if ((StackBase >=3D Address) && (StackBase < (Address + Size))) { return TRUE; } } =20 - if (PcdGetBool (PcdSetNxForStack)) { + if (mMps.Dxe.StackExecutionProtectionEnabled) { if ((Address < StackBase + StackSize) && ((Address + Size) > StackBase= )) { return TRUE; } @@ -403,14 +403,14 @@ Split2MPageTo4K ( PageTableEntry->Bits.ReadWrite =3D 1; =20 if ((IsNullDetectionEnabled () && (PhysicalAddress4K =3D=3D 0)) || - (PcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K =3D=3D StackB= ase))) + (mMps.Dxe.CpuStackGuardEnabled && (PhysicalAddress4K =3D=3D StackB= ase))) { PageTableEntry->Bits.Present =3D 0; } else { PageTableEntry->Bits.Present =3D 1; } =20 - if ( PcdGetBool (PcdSetNxForStack) + if ( mMps.Dxe.StackExecutionProtectionEnabled && (PhysicalAddress4K >=3D StackBase) && (PhysicalAddress4K < StackBase + StackSize)) { diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h b/MdeModulePkg/Core/DxeI= plPeim/DxeIpl.h index 2f015befceca..f6826349c378 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.h @@ -37,6 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include #include #include @@ -46,6 +47,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define STACK_SIZE 0x20000 #define BSP_STORE_SIZE 0x4000 =20 +extern MEMORY_PROTECTION_SETTINGS mMps; + // // This PPI is installed to indicate the end of the PEI usage of memory // diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/Dx= eIplPeim/DxeIpl.inf index f1990eac7760..ccbf5c36d7f6 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf @@ -67,6 +67,7 @@ [LibraryClasses] DebugAgentLib PeiServicesTablePointerLib PerformanceLib + SetMemoryProtectionsLib =20 [Ppis] gEfiDxeIplPpiGuid ## PRODUCES @@ -101,20 +102,10 @@ [FeaturePcd] [Pcd.IA32,Pcd.X64] gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##= SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdUse5LevelPageTable ##= SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ##= CONSUMES =20 -[Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64] - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIM= ES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIM= ES_CONSUMES - -[Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIM= ES_CONSUMES - [Depex] gEfiPeiLoadFilePpiGuid AND gEfiPeiMasterBootModePpiGuid =20 --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108876): https://edk2.groups.io/g/devel/message/108876 Mute This Topic: https://groups.io/mt/101469952/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108877+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108877+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171496; cv=none; d=zohomail.com; s=zohoarc; b=YWwOmCraLIueO+EWYEv+nJVIPNqr81YgIBYt83B+S8x0K4CcCriJFWclmh28d8krmnj+UcbUippscEIRvHuT381cMTSxP6V2zJrZg4oqJpRxPv3dCBvnR3bKW8l8/g6UwhEoiSfY6qrq+vv8fSpGhkfoQIXvraOa/jyKf8sGv8w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171496; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=IjygyF4xkzcejEORE/crk+bmJ+UOXb7cL5zqXWZY0ms=; b=f/g8gyoiZzHVVMCyoBYF0xhpsP2uKYa3/ueawdczH5Pb3vRi48AnmgeJ4LbNP/XPSUjW7e0ZheGjaOenKVaH/QR86YtxkJ11AbiwTbzfX2ggeK1mmspXsITSlhFt3EvVpv6pQg6X1+J6XraHPVYBKGN1jrLKdvvpIh7KHYE7ZfA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108877+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16951714968771007.8132158604591; Tue, 19 Sep 2023 17:58:16 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=d2kaRZfoU5KfIdXo8T6hp3c2c+1kPpJBN6Hhs456wGs=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171496; v=1; b=f9FS6yy5jFTjyaJRjGbnDWVtdDtlG1Gx7SeJs8SqjXzH1Ir0agyATF1saBH7TxguCIVNxEHi 2IHlHyOwER4smaEvKqQlaL5l0BHZXESJqGUuotlu5frVSbYx32U/h7w2fd8H0EkYriXHdCvgnKL vCDjZH2Wq0+BqfaBcyDwimzc= X-Received: by 127.0.0.2 with SMTP id CCQRYY1788612xJkORLWwtfx; Tue, 19 Sep 2023 17:58:16 -0700 X-Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web11.26926.1695171496133669304 for ; Tue, 19 Sep 2023 17:58:16 -0700 X-Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-1c47309a8ccso2603075ad.1 for ; Tue, 19 Sep 2023 17:58:16 -0700 (PDT) X-Gm-Message-State: DnQ7WaLvS2Lf4A6Q5Co3mNmmx1787277AA= X-Google-Smtp-Source: AGHT+IFGe0PdyjfLYScNM+qCxAgQZpsEKnwyNDfPcxF6JDMKcCkAD/YrkzVtkgre927YuBkqdr4zaw== X-Received: by 2002:a17:903:234f:b0:1c3:2c4d:889e with SMTP id c15-20020a170903234f00b001c32c4d889emr5274725plh.16.1695171495423; Tue, 19 Sep 2023 17:58:15 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:14 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Leif Lindholm , Ard Biesheuvel , Sami Mujawar Subject: [edk2-devel] [PATCH v4 15/28] ArmPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:38 -0700 Message-ID: <20230920005752.2041-16-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171498279100063 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Signed-off-by: Taylor Beebe Cc: Leif Lindholm Cc: Ard Biesheuvel Cc: Sami Mujawar --- ArmPkg/Drivers/CpuDxe/CpuDxe.c | 5 ++--- ArmPkg/ArmPkg.dsc | 1 + ArmPkg/Drivers/CpuDxe/CpuDxe.inf | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.c b/ArmPkg/Drivers/CpuDxe/CpuDxe.c index fc63e527846a..8a25e78dfebd 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.c +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.c @@ -12,6 +12,7 @@ #include =20 #include +#include =20 BOOLEAN mIsFlushingGCD; =20 @@ -241,7 +242,6 @@ RemapUnusedMemoryNx ( VOID ) { - UINT64 TestBit; UINTN MemoryMapSize; UINTN MapKey; UINTN DescriptorSize; @@ -251,8 +251,7 @@ RemapUnusedMemoryNx ( EFI_MEMORY_DESCRIPTOR *MemoryMapEnd; EFI_STATUS Status; =20 - TestBit =3D LShiftU64 (1, EfiBootServicesData); - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & TestBit) =3D=3D 0) { + if (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiBootServicesData]) { return; } =20 diff --git a/ArmPkg/ArmPkg.dsc b/ArmPkg/ArmPkg.dsc index 6dd91e694192..1e34ef95b7cb 100644 --- a/ArmPkg/ArmPkg.dsc +++ b/ArmPkg/ArmPkg.dsc @@ -57,6 +57,7 @@ [LibraryClasses.common] PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeC= offGetEntryPointLib.inf PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeC= offExtraActionLibNull.inf + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Get= MemoryProtectionsLibNull.inf =20 UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServic= esLib.inf HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf b/ArmPkg/Drivers/CpuDxe/CpuDx= e.inf index 7d8132200e64..4d0a3de99546 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.inf @@ -46,6 +46,7 @@ [LibraryClasses] CpuExceptionHandlerLib DebugLib DefaultExceptionHandlerLib + GetMemoryProtectionsLib DxeServicesTableLib HobLib MemoryAllocationLib @@ -65,7 +66,6 @@ [Guids] =20 [Pcd.common] gArmTokenSpaceGuid.PcdVFPEnabled - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy =20 [FeaturePcd.common] gArmTokenSpaceGuid.PcdDebuggerExceptionSupport --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108877): https://edk2.groups.io/g/devel/message/108877 Mute This Topic: https://groups.io/mt/101469954/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108878+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108878+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171497; cv=none; d=zohomail.com; s=zohoarc; b=O2LDFjXJ7fqEi1g54c4qLl6us7KoxBQprFOfsbo3hm/QfTWHrGNUkK/RbSsHpjce4FCq+5QdqBarkjK7lrmyFtKK8l/e7ebIjYG6F6R1fbIAw2OzgYLV9psFfzUkGUhyvS+bddAiPO9t7YxVji4TVIc/53ocE7uyaMwwQueG2UY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171497; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=s2rFY7f750TJIdvX4vTlc38nb21VFiiU2jev2TxX5hM=; b=D7Acd3znkmCvPXccYlT+i9mhHrm3BiT/05lxqM1oEbL5eeWpFVmUEAKcXtECSZgZz7C2zv5cpxhBaOUtZeGRQ7Am+R0mPZpkmgclzG1Y0lh/mQExI+XfwP/WMwi/c+sjNcDJl+hj1K4pHrQQdXs8vJAw8p7GNdh3S+VgyD8s3TU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108878+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171497386464.5074003110236; Tue, 19 Sep 2023 17:58:17 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=RTyFPWVYREeI7BWSccCsBIswOicn3slF3NmFcsl1588=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171497; v=1; b=SKk2rZuJC9J5ZHMgpNtEATB8iD2GSyahz4JhEUvDRlWMHxFseA1Zf1AVfgbEQECYDaiNlL1+ nCPOhhrjIlgGAtPnG3bJTcGVanGADy5Jp3dYYSp/JAKmTGPr3OOabcoa3u2Kx/O8f7nKuO/yCpc 3JPqTH00lju4ij09yKuDz7Cw= X-Received: by 127.0.0.2 with SMTP id xfV3YY1788612x2fynByHdxT; Tue, 19 Sep 2023 17:58:17 -0700 X-Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web10.26789.1695171496577056864 for ; Tue, 19 Sep 2023 17:58:16 -0700 X-Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1c572c9c852so21111995ad.2 for ; Tue, 19 Sep 2023 17:58:16 -0700 (PDT) X-Gm-Message-State: gH3x5QqisKjn9dmShntAwi6ex1787277AA= X-Google-Smtp-Source: AGHT+IHRbIE2a96ngiwvcNqqQpMibaJtLOlhfdioCrJ/+++wphmqnyupwqltVQmp8n4YheeG4AMvQA== X-Received: by 2002:a17:902:dacd:b0:1bd:d92d:6b2 with SMTP id q13-20020a170902dacd00b001bdd92d06b2mr1362026plx.10.1695171495911; Tue, 19 Sep 2023 17:58:15 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:15 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Andrew Fish , Ray Ni Subject: [edk2-devel] [PATCH v4 16/28] EmulatorPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:39 -0700 Message-ID: <20230920005752.2041-17-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171499436100065 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Andrew Fish Cc: Ray Ni --- EmulatorPkg/EmulatorPkg.dsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/EmulatorPkg/EmulatorPkg.dsc b/EmulatorPkg/EmulatorPkg.dsc index b14654739b54..2784c6edbbdf 100644 --- a/EmulatorPkg/EmulatorPkg.dsc +++ b/EmulatorPkg/EmulatorPkg.dsc @@ -126,6 +126,8 @@ [LibraryClasses] SortLib|MdeModulePkg/Library/BaseSortLib/BaseSortLib.inf ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Get= MemoryProtectionsLibNull.inf + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLibNull.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE RngLib|MdeModulePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf @@ -216,7 +218,6 @@ [PcdsFeatureFlag] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplBuildPageTables|FALSE =20 [PcdsFixedAtBuild] - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000000 gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FAL= SE gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000040 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108878): https://edk2.groups.io/g/devel/message/108878 Mute This Topic: https://groups.io/mt/101469956/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108879+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108879+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171498; cv=none; d=zohomail.com; s=zohoarc; b=VPDmNFp4wbZeBuWP+pqhlYuSXAjJrGMvsSiSGlKIHdjmvDae0jHalphX+PN6nJefVb1YbNGWhWqYMCynBVMQF/UCXkLqfx0TjoOEYLbW4nHXh61FKeIZnvtvCq1oKvny7efbboRcAbouWvYUD6y6bwLNbe9sEojT5Lhb8LiyA/s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171498; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=RQCH97fzWsvcwCrpAB5ieYZOFJ+ys1oDmg2T7feWDjo=; b=dMcZzx677QY12OM3QLhN6cUoMTN8ppR69q/3RiQmVsZcHul8vRo7LVlCspxLelIt6dsrr/KloNlS5tjjbPxKwSou83LzA0VH4Vf8r0uinDSr1Lc1Uz93WYKwHfEc5XvnO8z11Kj02GwErfxV4lYyOhT9/t6rY+jI0B98jrM2MRU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108879+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171498050522.1067053068972; Tue, 19 Sep 2023 17:58:18 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=n525hWDJdAWjsJM/DMnI1LcyKlGSNHRJaKnAXzpWE48=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171497; v=1; b=sfCASy67o+Ei37dbaIMSn1Gzr4PVIbI5G96v+OW8VchXKhUgwt4JXjKS/Tl8GDBcQVSqASCj pMsgktnSHUtOhr59U4svJEr+6BViois5jZbghGhmTrSvWhks3Xy+ZBafkCbhRvk2Ra8Mtw9P40t dFcar+v56k1OkLb9ebA6/drU= X-Received: by 127.0.0.2 with SMTP id 94DYYY1788612x7Fx3stHcEq; Tue, 19 Sep 2023 17:58:17 -0700 X-Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web11.26927.1695171497209942562 for ; Tue, 19 Sep 2023 17:58:17 -0700 X-Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1c364fb8a4cso59153825ad.1 for ; Tue, 19 Sep 2023 17:58:17 -0700 (PDT) X-Gm-Message-State: TtADrN1ZWFXCM9KlFffgDiSbx1787277AA= X-Google-Smtp-Source: AGHT+IEAfpFgs0XKJufU7PmckuV7Dl0H8wGtormGdY9G8yWQ0l38JNQrCvw8eV3y+h1nvtO/NabAjg== X-Received: by 2002:a17:902:8683:b0:1c5:b4a1:ff3 with SMTP id g3-20020a170902868300b001c5b4a10ff3mr826771plo.40.1695171496487; Tue, 19 Sep 2023 17:58:16 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:16 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Leif Lindholm , Abner Chang Subject: [edk2-devel] [PATCH v4 17/28] OvmfPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:40 -0700 Message-ID: <20230920005752.2041-18-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171500139100073 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Leif Lindholm Cc: Abner Chang --- OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c | 5 ++--- OvmfPkg/QemuVideoDxe/VbeShim.c | 3 ++- OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf | 4 +--- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf | 2 +- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c b/OvmfPkg/Fdt/HighMemDxe/H= ighMemDxe.c index 779bf5c827f5..2bef34427341 100644 --- a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c +++ b/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c @@ -13,6 +13,7 @@ #include #include #include +#include =20 #include #include @@ -148,9 +149,7 @@ InitializeHighMemDxe ( // on the page table mappings by going through the cpu arch protoc= ol. // Attributes =3D EFI_MEMORY_WB; - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & - (1U << (UINT32)EfiConventionalMemory)) !=3D 0) - { + if (gMps.Dxe.ExecutionProtection.EnabledForType[EfiConventionalMem= ory]) { Attributes |=3D EFI_MEMORY_XP; } =20 diff --git a/OvmfPkg/QemuVideoDxe/VbeShim.c b/OvmfPkg/QemuVideoDxe/VbeShim.c index 8f151b96f9a5..a60e409f50de 100644 --- a/OvmfPkg/QemuVideoDxe/VbeShim.c +++ b/OvmfPkg/QemuVideoDxe/VbeShim.c @@ -19,6 +19,7 @@ #include #include #include +#include #include =20 #include "Qemu.h" @@ -69,7 +70,7 @@ InstallVbeShim ( UINTN Printed; VBE_MODE_INFO *VbeModeInfo; =20 - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7)) =3D=3D= BIT0) { + if (gMps.Dxe.NullPointerDetection.Enabled && !gMps.Dxe.NullPointerDetect= ion.DisableEndOfDxe) { DEBUG (( DEBUG_WARN, "%a: page 0 protected, not installing VBE shim\n", diff --git a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf b/OvmfPkg/Fdt/HighMemDxe= /HighMemDxe.inf index c7dde9f455f2..40cbbe1c39af 100644 --- a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf +++ b/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf @@ -33,13 +33,11 @@ [LibraryClasses] PcdLib UefiBootServicesTableLib UefiDriverEntryPoint + GetMemoryProtectionsLib =20 [Protocols] gEfiCpuArchProtocolGuid ## CONSUMES gFdtClientProtocolGuid ## CONSUMES =20 -[Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy - [Depex] gEfiCpuArchProtocolGuid AND gFdtClientProtocolGuid diff --git a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf b/OvmfPkg/QemuVideoDxe/Q= emuVideoDxe.inf index 43a6e07faa88..15693ce85674 100644 --- a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf +++ b/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf @@ -55,6 +55,7 @@ [LibraryClasses] UefiBootServicesTableLib UefiDriverEntryPoint UefiLib + GetMemoryProtectionsLib =20 [Protocols] gEfiGraphicsOutputProtocolGuid # PROTOCOL BY_START @@ -64,6 +65,5 @@ [Protocols] [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId gUefiOvmfPkgTokenSpaceGuid.PcdVideoResolutionSource - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108879): https://edk2.groups.io/g/devel/message/108879 Mute This Topic: https://groups.io/mt/101469957/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108880+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108880+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171498; cv=none; d=zohomail.com; s=zohoarc; b=YNDoNy9J6J2eTPTRjNcP1UTBxGmWZ06qRbWLzXgBHXGpMnB0fSrVPGORuIlgZFIGq7mjVwvuaDXL38WDwfU2TtMCMgWUpFmVIsITyJW2gkfeoypp4XE7KoXBXRJ/oEB5VfepU+ZpdRGXq4S4juhKMevU/QKC3BtIY0t2CYz1FEA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171498; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=LiCeS/+ULK+0r92BCgmk818Pspj+1EyK6Fvp9FIF7J0=; b=C9XQRGaqtMNiTnmxKJKEyP9ljPHTrMQv1AgCCmnfKGoD4w804n2wm7d/pejNxa5PIJ8lUinmvYRGva3maz+6Ij2hafcT8hS/VB+sBmyNH7X3CHRY+VsSVHGapxKtL3er/BmiCMj12OzH1InGbRTWmSdFoqfdqmHHZH9QPQ57fLQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108880+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171498787447.5803988485792; Tue, 19 Sep 2023 17:58:18 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=SNBky6rDI/E9koZGrc9KjVJG8i5vDYB+j1CiSAg5Bdg=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171498; v=1; b=JHy2Et9UzmBWfIZrPvZoJUVS+Vz0r84IGqe1nQjvdBWaiU0aCC/x6HEWkgYDiq/F3M8uRZcF 4F4s5m/0aYmT6UKTCCqmyxcQTQegY/LfFfrhPREVs481hGJUjeWB+LLgXVbNDSqFuThOgcQzQBk mBMvrI4RpxH8NUEXXM/iDCSg= X-Received: by 127.0.0.2 with SMTP id vQlfYY1788612xYizXjOxYed; Tue, 19 Sep 2023 17:58:18 -0700 X-Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web10.26790.1695171497892780193 for ; Tue, 19 Sep 2023 17:58:17 -0700 X-Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-1c47309a8ccso2603125ad.1 for ; Tue, 19 Sep 2023 17:58:17 -0700 (PDT) X-Gm-Message-State: G0MU7tabg3KZhITmgelRw7iQx1787277AA= X-Google-Smtp-Source: AGHT+IEoAqkbJ21Ah7HDWI9lRvbgCkSentuTBZzN0tA6ZIyQDJJxx6mONYZk/A5C74H9GEGe1ZxvBA== X-Received: by 2002:a17:903:2352:b0:1b2:676d:1143 with SMTP id c18-20020a170903235200b001b2676d1143mr1679485plh.15.1695171497113; Tue, 19 Sep 2023 17:58:17 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:16 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Rahul Kumar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 18/28] UefiCpuPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:41 -0700 Message-ID: <20230920005752.2041-19-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171499500100067 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Eric Dong Cc: Ray Ni Cc: Rahul Kumar Cc: Gerd Hoffmann --- UefiCpuPkg/CpuDxe/CpuDxe.c = | 2 +- UefiCpuPkg/CpuDxe/CpuMp.c = | 2 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTest= Common.c | 6 +----- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerU= nitTest.c | 15 ++++++++++++++ UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerU= nitTest.c | 21 ++++++++++++++++++++ UefiCpuPkg/Library/MpInitLib/DxeMpLib.c = | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c = | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c = | 13 ++++++------ UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c = | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c = | 2 +- UefiCpuPkg/CpuDxe/CpuDxe.h = | 11 ++++++---- UefiCpuPkg/CpuDxe/CpuDxe.inf = | 4 +--- UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf = | 3 --- UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf = | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf = | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf= | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf = | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTest= .h | 13 +++++++++++- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerL= ibUnitTest.inf | 2 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerL= ibUnitTest.inf | 2 +- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf = | 3 ++- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf = | 3 +-- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h = | 9 +++++---- UefiCpuPkg/UefiCpuPkg.dec = | 7 +++---- UefiCpuPkg/UefiCpuPkg.dsc = | 2 ++ UefiCpuPkg/UefiCpuPkg.uni = | 10 ++++------ 26 files changed, 90 insertions(+), 51 deletions(-) diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.c b/UefiCpuPkg/CpuDxe/CpuDxe.c index 804ef5d1fe8e..b12c43f4c1d4 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.c +++ b/UefiCpuPkg/CpuDxe/CpuDxe.c @@ -399,7 +399,7 @@ CpuSetMemoryAttributes ( // During memory attributes updating, new pages may be allocated to setup // smaller granularity of page table. Page allocation action might then = cause // another calling of CpuSetMemoryAttributes() recursively, due to memory - // protection policy configured (such as PcdDxeNxMemoryProtectionPolicy). + // protection policy configured (such as the DXE NX Protection Policy). // Since this driver will always protect memory used as page table by it= self, // there's no need to apply protection policy requested from memory serv= ice. // So it's safe to just return EFI_SUCCESS if this time of calling is ca= used diff --git a/UefiCpuPkg/CpuDxe/CpuMp.c b/UefiCpuPkg/CpuDxe/CpuMp.c index e7575d9b8062..d8f978eec09d 100644 --- a/UefiCpuPkg/CpuDxe/CpuMp.c +++ b/UefiCpuPkg/CpuDxe/CpuMp.c @@ -734,7 +734,7 @@ InitializeMpExceptionHandlers ( // // Setup stack switch for Stack Guard feature. // - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { InitializeMpExceptionStackSwitchHandlers (); } } diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptio= nHandlerTestCommon.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/C= puExceptionHandlerTestCommon.c index 9ba70c5b7340..fe74b0e0eaae 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTestCommon.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTestCommon.c @@ -743,10 +743,6 @@ TestCpuStackGuardInBspAndAp ( VOID *NewIdtr; UINTN *CpuStackBaseBuffer; =20 - if (!PcdGetBool (PcdCpuStackGuard)) { - return UNIT_TEST_PASSED; - } - // // Get MP Service Protocol // @@ -846,7 +842,7 @@ AddCommonTestCase ( AddTestCase (CpuExceptionLibUnitTestSuite, "Check if exception handler c= an be registered/unregistered for GP and PF", "TestRegisterHandlerForGPAndP= F", TestRegisterHandlerForGPAndPF, NULL, NULL, NULL); =20 AddTestCase (CpuExceptionLibUnitTestSuite, "Check if Cpu Context is cons= istent before and after exception.", "TestCpuContextConsistency", TestCpuCo= ntextConsistency, NULL, NULL, NULL); - AddTestCase (CpuExceptionLibUnitTestSuite, "Check if stack overflow is c= aptured by CpuStackGuard in Bsp and AP", "TestCpuStackGuardInBspAndAp", Tes= tCpuStackGuardInBspAndAp, NULL, NULL, NULL); + AddTestCase (CpuExceptionLibUnitTestSuite, "Check if stack overflow is c= aptured by CpuStackGuard in Bsp and AP", "TestCpuStackGuardInBspAndAp", Tes= tCpuStackGuardInBspAndAp, IsStackGuardEnabled, NULL, NULL); =20 return EFI_SUCCESS; } diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExcep= tionHandlerUnitTest.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/= DxeCpuExceptionHandlerUnitTest.c index 1cec3ed809d9..c1de3a6663ae 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerUnitTest.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerUnitTest.c @@ -8,6 +8,7 @@ =20 #include "CpuExceptionHandlerTest.h" #include +#include #include =20 /** @@ -145,6 +146,20 @@ GetMpServices ( return gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **)&= MpServices->Protocol); } =20 +/** + Checks if stack guard is enabled. + + @param[in] Context The unit test context +**/ +UNIT_TEST_STATUS +EFIAPI +IsStackGuardEnabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + return gMps.Dxe.CpuStackGuardEnabled; +} + /** Entry for CpuExceptionHandlerDxeTest driver. =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExcep= tionHandlerUnitTest.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/= PeiCpuExceptionHandlerUnitTest.c index d9408d2f5e2f..763268f55314 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerUnitTest.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerUnitTest.c @@ -10,6 +10,7 @@ #include #include #include +#include =20 /** Initialize Bsp Idt with a new Idt table and return the IA32_DESCRIPTOR b= uffer. @@ -152,6 +153,26 @@ GetMpServices ( return PeiServicesLocatePpi (&gEdkiiPeiMpServices2PpiGuid, 0, NULL, (VOI= D **)&MpServices->Ppi); } =20 +/** + Checks if stack guard is enabled. + + @param[in] Context The unit test context +**/ +UNIT_TEST_STATUS +EFIAPI +IsStackGuardEnabled ( + IN UNIT_TEST_CONTEXT Context + ) +{ + MEMORY_PROTECTION_SETTINGS Mps; + + if (!EFI_ERROR (GetCurrentMemoryProtectionSettings (&Mps))) { + return Mps.Dxe.CpuStackGuardEnabled; + } + + return FALSE; +} + /** Entry point of CpuExceptionHandlerPeiTest PEIM. =20 diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M= pInitLib/DxeMpLib.c index 57ddb86600a7..551a7924fad3 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include =20 @@ -497,7 +498,7 @@ InitMpGlobalData ( return; } =20 - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { // // One extra page at the bottom of the stack is needed for Guard page. // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c b/UefiCpuPkg/PiSmmCpu= DxeSmm/Ia32/PageTbl.c index b11264ce4aa7..7e6c9899b069 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c @@ -160,7 +160,7 @@ SmiPFHandler ( // // If NULL pointer was just accessed // - if (((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) && + if (gMps.Mm.NullPointerDetection.Enabled && (PFAddress < EFI_PAGE_SIZE)) { DumpCpuContext (InterruptType, SystemContext); diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPk= g/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c index 6f498666157e..4c02749c174e 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c @@ -1679,7 +1679,7 @@ GenSmmPageTable ( } } =20 - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) { + if (gMps.Mm.NullPointerDetection.Enabled) { // // Mark [0, 4k] as non-present // @@ -1834,13 +1834,13 @@ IfReadOnlyPageTableNeeded ( // // Don't mark page table memory as read-only if // - no restriction on access to non-SMRAM memory; or - // - SMM heap guard feature enabled; or - // BIT2: SMM page guard enabled - // BIT3: SMM pool guard enabled + // - SMM page guard enabled + // - SMM pool guard enabled // - SMM profile feature enabled // if (!IsRestrictedMemoryAccess () || - ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) !=3D 0) || + IS_MM_PAGE_GUARD_ACTIVE || + IS_MM_POOL_GUARD_ACTIVE || FeaturePcdGet (PcdCpuSmmProfileEnable)) { if (sizeof (UINTN) =3D=3D sizeof (UINT64)) { @@ -1849,7 +1849,8 @@ IfReadOnlyPageTableNeeded ( // ASSERT ( !(IsRestrictedMemoryAccess () && - (PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) !=3D 0) + (IS_MM_PAGE_GUARD_ACTIVE || + IS_MM_POOL_GUARD_ACTIVE)) ); =20 // diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c b/UefiCpuPkg/PiSmmCpuDx= eSmm/SmmProfile.c index 7ac3c66f911c..4f48e0c4f399 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c @@ -610,7 +610,7 @@ InitPaging ( // // [0, 4k] may be non-present. // - PreviousAddress =3D ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BI= T1) !=3D 0) ? BASE_4KB : 0; + PreviousAddress =3D (gMps.Mm.NullPointerDetection.Enabled) ? BASE_4KB : = 0; =20 DEBUG ((DEBUG_INFO, "Patch page table start ...\n")); if (FeaturePcdGet (PcdCpuSmmProfileEnable)) { diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c b/UefiCpuPkg/PiSmmCpuD= xeSmm/X64/PageTbl.c index ddd9be66b53f..10e26cd72f6d 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c @@ -932,7 +932,7 @@ SmiPFHandler ( // // If NULL pointer was just accessed // - if (((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT1) !=3D 0) && + if (gMps.Mm.NullPointerDetection.Enabled && (PFAddress < EFI_PAGE_SIZE)) { DumpCpuContext (InterruptType, SystemContext); diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.h b/UefiCpuPkg/CpuDxe/CpuDxe.h index 0e7d88dd357c..a0284c562fa1 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.h +++ b/UefiCpuPkg/CpuDxe/CpuDxe.h @@ -35,15 +35,18 @@ #include #include #include +#include =20 #include #include =20 -#define HEAP_GUARD_NONSTOP_MODE \ - ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT6|BIT4|BIT1|BIT0)) > BI= T6) +#define HEAP_GUARD_NONSTOP_MODE (gMps.Dxe.HeapGuard.NonstopModeEnable= d && \ + (IS_DXE_PAGE_GUARD_ACTIVE = || \ + IS_DXE_POOL_GUARD_ACTIVE = || \ + gMps.Dxe.HeapGuard.FreedMemoryGuardE= nabled)) \ =20 -#define NULL_DETECTION_NONSTOP_MODE \ - ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT6|BIT0)) > B= IT6) +#define NULL_DETECTION_NONSTOP_MODE (gMps.Dxe.NullPointerDetection.Enable= d && \ + gMps.Dxe.NullPointerDetection.Nonsto= pModeEnabled) =20 /** Flush CPU data cache. If the instruction cache is fully coherent diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf index 1d3e9f8cdb29..85387c3ecdf2 100644 --- a/UefiCpuPkg/CpuDxe/CpuDxe.inf +++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf @@ -40,6 +40,7 @@ [LibraryClasses] MpInitLib TimerLib PeCoffGetEntryPointLib + GetMemoryProtectionsLib =20 [Sources] CpuDxe.c @@ -74,9 +75,6 @@ [Ppis] =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask ##= CONSUMES diff --git a/UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf b/UefiCpuPkg/CpuDxe= RiscV64/CpuDxeRiscV64.inf index 9d9a5ef8f247..262f9e6d9d5a 100644 --- a/UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf +++ b/UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf @@ -56,9 +56,6 @@ [Ppis] gEfiSecPlatformInformationPpiGuid ## UNDEFINED # HOB =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize ##= CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuCoreCrystalClockFrequency ##= CONSUMES diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandl= erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandle= rLib.inf index fdbebadab93d..1fddf15b70bd 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.i= nf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.i= nf @@ -39,7 +39,6 @@ [Sources.common] DxeException.c =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandl= erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandle= rLib.inf index 3bcaff5c5fe4..348f7ed56c99 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.i= nf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.i= nf @@ -55,7 +55,6 @@ [LibraryClasses] CcExitLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard # CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHa= ndlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException= HandlerLib.inf index e7b1144f6941..0217c983d7c6 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLi= b.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLi= b.inf @@ -51,7 +51,6 @@ [LibraryClasses] CcExitLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandl= erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandle= rLib.inf index 27f0b96fa9e9..6dc09b447ff0 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.i= nf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.i= nf @@ -54,7 +54,6 @@ [LibraryClasses] CcExitLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize =20 diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptio= nHandlerTest.h b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExce= ptionHandlerTest.h index bad3387db5bc..47bde8574b32 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTest.h +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandle= rTest.h @@ -27,7 +27,7 @@ In this test case, stack overflow is triggered by a funtion which call= s itself continuously. This test case triggers stack overflow in both BSP and AP. All AP use same Idt with Bsp. The expecta= tion is: 1. PF exception is triggered (leading to a DF if sepereated stack is= not prepared for PF) when Rsp <=3D StackBase + SIZE_4KB - since [StackBase, StackBase + SIZE_4KB] is marked as not present = in page table when PcdCpuStackGuard is TRUE. + since [StackBase, StackBase + SIZE_4KB] is marked as not present = in page table when CpuStackGuard is TRUE. 2. Stack for PF/DF exception handler in both Bsp and AP is succussfu= lly switched by InitializeSeparateExceptionStacks. =20 **/ @@ -342,4 +342,15 @@ CpuStackGuardExceptionHandler ( IN EFI_SYSTEM_CONTEXT SystemContext ); =20 +/** + Checks if stack guard is enabled. + + @param[in] Context The unit test context +**/ +UNIT_TEST_STATUS +EFIAPI +IsStackGuardEnabled ( + IN UNIT_TEST_CONTEXT Context + ); + #endif diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExcep= tionHandlerLibUnitTest.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Unit= Test/DxeCpuExceptionHandlerLibUnitTest.inf index a904eb250475..09c00fce8627 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerLibUnitTest.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHan= dlerLibUnitTest.inf @@ -43,12 +43,12 @@ [LibraryClasses] HobLib UefiBootServicesTableLib CpuPageTableLib + GetMemoryProtectionsLib =20 [Guids] gEfiHobMemoryAllocStackGuid =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize ## CONSUMES =20 [Protocols] diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExcep= tionHandlerLibUnitTest.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Unit= Test/PeiCpuExceptionHandlerLibUnitTest.inf index 25f8f8dbe0e9..41fa759bf31e 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerLibUnitTest.inf +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHan= dlerLibUnitTest.inf @@ -48,9 +48,9 @@ [LibraryClasses] PeiServicesLib CpuPageTableLib PeiServicesTablePointerLib + SetMemoryProtectionsLib =20 [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize ## CONSUMES =20 [Ppis] diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index 55e46d4a1fad..8edc7227d108 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -58,6 +58,8 @@ [LibraryClasses] PcdLib CcExitLib MicrocodeLib + GetMemoryProtectionsLib + [LibraryClasses.X64] CpuPageTableLib =20 @@ -82,6 +84,5 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures ## = CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ## = SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdFirstTimeWakeUpAPsBySipi ## = CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## = CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## = CONSUMES gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## = CONSUMES diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf b/UefiCpuPkg/PiSm= mCpuDxeSmm/PiSmmCpuDxeSmm.inf index 5d52ed7d1329..56f64873fe50 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf @@ -103,6 +103,7 @@ [LibraryClasses] PerformanceLib CpuPageTableLib MmSaveStateLib + GetMemoryProtectionsLib =20 [Protocols] gEfiSmmAccess2ProtocolGuid ## CONSUMES @@ -146,8 +147,6 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuFeaturesInitOnS3Resume ## CONS= UMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ## CONS= UMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask ##= CONSUMES =20 [FixedPcd] diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h b/UefiCpuPkg/Pi= SmmCpuDxeSmm/SmmProfileInternal.h index 964dd5281780..1ac91d9d3ce4 100644 --- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h @@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include "SmmProfileArch.h" =20 @@ -57,11 +58,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define MSR_DEBUG_CTL_BTINT 0x100 #define MSR_DS_AREA 0x600 =20 -#define HEAP_GUARD_NONSTOP_MODE \ - ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT6|BIT3|BIT2)) > BIT6) +#define HEAP_GUARD_NONSTOP_MODE (gMps.Mm.HeapGuard.NonstopModeEnabled = && \ + (IS_MM_PAGE_GUARD_ACTIVE || IS_MM_POOL_G= UARD_ACTIVE)) =20 -#define NULL_DETECTION_NONSTOP_MODE \ - ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT6|BIT1)) > B= IT6) +#define NULL_DETECTION_NONSTOP_MODE (gMps.Mm.NullPointerDetection.Nonstop= ModeEnabled && \ + gMps.Mm.NullPointerDetection.Enabled) =20 typedef struct { EFI_PHYSICAL_ADDRESS Base; diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 68473fc640e6..8c667269ad7f 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -192,13 +192,13 @@ [PcdsFeatureFlag] =20 [PcdsFixedAtBuild] ## List of exception vectors which need switching stack. - # This PCD will only take into effect if PcdCpuStackGuard is enabled. + # This PCD will only take into effect if the CPU Stack Guard is enabled. # By default exception #DD(8), #PF(14) are supported. # @Prompt Specify exception vectors which need switching stack. gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList|{0x08, 0x0E}|VO= ID*|0x30002000 =20 ## Size of good stack for an exception. - # This PCD will only take into effect if PcdCpuStackGuard is enabled. + # This PCD will only take into effect if the CPU Stack Guard is enabled. # @Prompt Specify size of good stack of exception which need switching s= tack. gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize|2048|UINT32|0x30002001 =20 @@ -388,9 +388,8 @@ [PcdsFixedAtBuild.X64, PcdsPatchableInModule.X64, PcdsD= ynamic.X64, PcdsDynamicEx # and the memory occupied by page table is protected by page table itse= lf as read-only. # In X64 build, it cannot be enabled at the same time with SMM profile = feature (PcdCpuSmmProfileEnable). # In X64 build, it could not be enabled also at the same time with heap= guard feature for SMM - # (PcdHeapGuardPropertyMask in MdeModulePkg). # In IA32 build, page table memory is not marked as read-only when eith= er SMM profile feature (PcdCpuSmmProfileEnable) - # or heap guard feature for SMM (PcdHeapGuardPropertyMask in MdeModuleP= kg) is enabled. + # or heap guard feature for SMM is enabled. # TRUE - Access to non-SMRAM memory is restricted to reserved, runtim= e and ACPI NVS type after SmmReadyToLock.
# FALSE - Access to any type of non-SMRAM memory after SmmReadyToLock = is allowed.
# @Prompt Access to non-SMRAM memory is restricted to reserved, runtime = and ACPI NVS type after SmmReadyToLock. diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index 074fd774616d..2dbb8394b382 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -66,6 +66,8 @@ [LibraryClasses] UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceL= ibNull/UnitTestPersistenceLibNull.inf UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultRepor= tLib/UnitTestResultReportLibDebugLib.inf + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/Get= MemoryProtectionsLibNull.inf + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLibNull.inf =20 [LibraryClasses.common.SEC] PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.= inf diff --git a/UefiCpuPkg/UefiCpuPkg.uni b/UefiCpuPkg/UefiCpuPkg.uni index d17bcfd10c7a..5719917a041e 100644 --- a/UefiCpuPkg/UefiCpuPkg.uni +++ b/UefiCpuPkg/UefiCpuPkg.uni @@ -170,8 +170,7 @@ = "If enabled, SMM will not use on-demand paging. SMM will build s= tatic page table for all memory.\n" = "This flag only impacts X64 build, because SMM always builds sta= tic page table for IA32.\n" = "It could not be enabled at the same time with SMM profile featu= re (PcdCpuSmmProfileEnable).\n" - = "It could not be enabled also at the same time with heap guard f= eature for SMM\n" - = "(PcdHeapGuardPropertyMask in MdeModulePkg).

\n" + = "It could not be enabled also at the same time with heap guard f= eature for SMM.

\n" = "TRUE - SMM uses static page table for all memory.
\n" = "FALSE - SMM uses static page table for below 4G memory and use = on-demand paging for above 4G memory.
" =20 @@ -217,9 +216,8 @@ = "and the memory occupied by page table is protected by pa= ge table itself as read-only.
\n" = "In X64 build, it cannot be enabled at the same time with= SMM profile feature (PcdCpuSmmProfileEnable).
\n" = "In X64 build, it could not be enabled also at the same t= ime with heap guard feature for SMM
\n" - = "(PcdHeapGuardPropertyMask in MdeModulePkg).
\n" = "In IA32 build, page table memory is not marked as read-o= nly when either SMM profile feature (PcdCpuSmmProfileEnable)
\n" - = "or heap guard feature for SMM (PcdHeapGuardPropertyMask = in MdeModulePkg) is enabled.
\n" + = "or heap guard feature for SMM is enabled.
\n" = "TRUE - Access to non-SMRAM memory is restricted to rese= rved, runtime and ACPI NVS type after SmmReadyToLock.
\n" = "FALSE - Access to any type of non-SMRAM memory after Smm= ReadyToLock is allowed.
" =20 @@ -266,13 +264,13 @@ #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuStackSwitchExceptionList_PROMP= T #language en-US "Specify exception vectors which need switching stack." =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuStackSwitchExceptionList_HELP = #language en-US "List of exception vectors which need switching stack.\n" - = "This PCD will only take into effect if PcdCpuStackGuard i= s enabled.n" + = "This PCD will only take into effect if the CPU Stack Guar= d is enabled.n" = "By default exception #DD(8), #PF(14) are supported.n" =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuKnownGoodStackSize_PROMPT #la= nguage en-US "Specify size of good stack of exception which need switching = stack." =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuKnownGoodStackSize_HELP #lang= uage en-US "Size of good stack for an exception.\n" - = "This PCD will only take into effect if PcdCpuStackGuard is enab= led.\n" + = "This PCD will only take into effect if the CPU Stack Guard is e= nabled.\n" =20 #string STR_gUefiCpuPkgTokenSpaceGuid_PcdCpuCoreCrystalClockFrequency_PROM= PT #language en-US "Specifies CPUID Leaf 0x15 Time Stamp Counter and Nomin= al Core Crystal Clock Frequency." =20 --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108880): https://edk2.groups.io/g/devel/message/108880 Mute This Topic: https://groups.io/mt/101469958/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108881+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108881+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171499; cv=none; d=zohomail.com; s=zohoarc; b=U/E6ZPJmAPoQzNWJ8MkB/uSdHI3mzFdDQgE9iZrf2JB8ucpTLEu+88AEINqOdkfMIc/WPJhK28L/79da0Lx2qPkCxIfra183CEytBnt9vVJxRWXdAQytcXJcFPulcumjA9g8RC50+FBeuk+zwBzcaGxenOKC3EuSuk2y01WC1Uk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171499; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=pRVXb/7u2xnIkhx5I/pkl0iQVaF6rzasO4lRI8ByvlQ=; b=D5xsKMSXTS6GrP4BSmt7+ZQdbPrVbQiFO3uLF6vQJuN3SEn5adsxe9VlSDvLZPO0fnbhb+3Gm7e2wJxIqjAgQ/sn2un2FMhQodSECA7EYZcFkJcmkS+HF2fsGc+kp3tan/oJN1udp7t+mIz2/vNfouWn+TxYKx8VIEQs+PBtKGM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108881+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171499605162.64530643570822; Tue, 19 Sep 2023 17:58:19 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=ai/9v3KjcJK5km4vU0XHGM8m3kaXQ35M58+JzytAuxA=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171499; v=1; b=mtk7GruwuJc+Jm0GZ5wIzd3onAbhSxi7tN2Mn7AZxIW2C+fOcxxhtpqgdUVWJjmZNo9KvV12 REqVHbmPeuiy5CeyDi9u/6Py/oA+qkqU5XVlGjZQZh/sSaq/peqTwXTcmv3RYrnNJGk5DElm1er rWF3NZv7UvhpR7BRm1wZL2eg= X-Received: by 127.0.0.2 with SMTP id GySVYY1788612xms09xSnaxR; Tue, 19 Sep 2023 17:58:19 -0700 X-Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web11.26930.1695171498665100002 for ; Tue, 19 Sep 2023 17:58:18 -0700 X-Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1c4586b12feso25283975ad.2 for ; Tue, 19 Sep 2023 17:58:18 -0700 (PDT) X-Gm-Message-State: CC2tbL7ISZlSxqSgIuB4Jfmbx1787277AA= X-Google-Smtp-Source: AGHT+IGpAW5Nq/KgrgUYfjp1xSlNd0T1zhxKvx37B+IcGvfGiD0VYzWUtvIDRDokxGj+CXMIet9Oew== X-Received: by 2002:a17:902:7c82:b0:1c0:e6e1:4a11 with SMTP id y2-20020a1709027c8200b001c0e6e14a11mr823308pll.54.1695171497903; Tue, 19 Sep 2023 17:58:17 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:17 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v4 19/28] MdeModulePkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:42 -0700 Message-ID: <20230920005752.2041-20-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171501482100079 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 4 +- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 46 ++++++++------ MdeModulePkg/Core/Dxe/Mem/Page.c | 2 +- MdeModulePkg/Core/Dxe/Mem/Pool.c | 4 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 67 +++++++++++--------- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 29 ++++----- MdeModulePkg/Core/PiSmmCore/Pool.c | 4 +- MdeModulePkg/Core/Dxe/DxeMain.h | 1 + MdeModulePkg/Core/Dxe/DxeMain.inf | 8 +-- MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 + MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 4 +- 11 files changed, 87 insertions(+), 83 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 0e0f9769b99d..66cb2fcf2ff7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -256,10 +256,12 @@ DxeMain ( Status =3D InitializeCpuExceptionHandlers (VectorInfoList); ASSERT_EFI_ERROR (Status); =20 + PopulateMpsGlobal (); + // // Setup Stack Guard // - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { Status =3D InitializeSeparateExceptionStacks (NULL, NULL); ASSERT_EFI_ERROR (Status); } diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.c index 0c0ca61872b4..59d8f36c89b7 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c @@ -553,7 +553,7 @@ UnsetGuardPage ( // memory. // Attributes =3D 0; - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & (1 << EfiConventionalMe= mory)) !=3D 0) { + if (gMps.Dxe.ExecutionProtection.EnabledForType[EfiConventionalMemory]) { Attributes |=3D EFI_MEMORY_XP; } =20 @@ -590,38 +590,48 @@ IsMemoryTypeToGuard ( IN UINT8 PageOrPool ) { - UINT64 TestBit; + UINT32 MpsMemoryType; UINT64 ConfigBit; =20 if (AllocateType =3D=3D AllocateAddress) { return FALSE; } =20 - if ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) =3D=3D 0) { + ConfigBit =3D gMps.Dxe.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAG= E : 0; + ConfigBit |=3D gMps.Dxe.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POO= L : 0; + ConfigBit |=3D gMps.Dxe.HeapGuard.FreedMemoryGuardEnabled ? GUARD_HEAP_T= YPE_FREED : 0; + + if ((PageOrPool & ConfigBit) =3D=3D 0) { return FALSE; } =20 - if (PageOrPool =3D=3D GUARD_HEAP_TYPE_POOL) { - ConfigBit =3D PcdGet64 (PcdHeapGuardPoolType); - } else if (PageOrPool =3D=3D GUARD_HEAP_TYPE_PAGE) { - ConfigBit =3D PcdGet64 (PcdHeapGuardPageType); - } else { - ConfigBit =3D (UINT64)-1; + if (((PageOrPool & GUARD_HEAP_TYPE_FREED) !=3D 0) && gMps.Dxe.HeapGuard.= FreedMemoryGuardEnabled) { + return TRUE; } =20 if ((UINT32)MemoryType >=3D MEMORY_TYPE_OS_RESERVED_MIN) { - TestBit =3D BIT63; + MpsMemoryType =3D OS_RESERVED_MPS_MEMORY_TYPE; } else if ((UINT32)MemoryType >=3D MEMORY_TYPE_OEM_RESERVED_MIN) { - TestBit =3D BIT62; + MpsMemoryType =3D OEM_RESERVED_MPS_MEMORY_TYPE; } else if (MemoryType < EfiMaxMemoryType) { - TestBit =3D LShiftU64 (1, MemoryType); + MpsMemoryType =3D MemoryType; } else if (MemoryType =3D=3D EfiMaxMemoryType) { - TestBit =3D (UINT64)-1; + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && IS_DXE_PAGE_GU= ARD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && IS_DXE_POOL_GU= ARD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_FREED) !=3D 0) && gMps.Dxe.Heap= Guard.FreedMemoryGuardEnabled); } else { - TestBit =3D 0; + return FALSE; } =20 - return ((ConfigBit & TestBit) !=3D 0); + if (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && gMps.Dxe.PageGuard.E= nabledForType[MpsMemoryType]) { + return TRUE; + } + + if (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && gMps.Dxe.PoolGuard.E= nabledForType[MpsMemoryType]) { + return TRUE; + } + + return FALSE; } =20 /** @@ -835,7 +845,7 @@ AdjustMemoryS ( // indicated to put the pool near the Tail Guard, we need extra bytes to // make sure alignment of the returned pool address. // - if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0) { + if (gMps.Dxe.HeapGuard.GuardAlignedToTail) { SizeRequested =3D ALIGN_VALUE (SizeRequested, 8); } =20 @@ -1019,7 +1029,7 @@ AdjustPoolHeadA ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // @@ -1050,7 +1060,7 @@ AdjustPoolHeadF ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index 6497af573353..05c18a413b80 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -181,7 +181,7 @@ CoreAddRange ( // used for other purposes. // if ((Type =3D=3D EfiConventionalMemory) && (Start =3D=3D 0) && (End >=3D= EFI_PAGE_SIZE - 1)) { - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) =3D=3D 0) { + if (!gMps.Dxe.NullPointerDetection.Enabled) { SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); } } diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/P= ool.c index 716dd045f9fd..ae1e8b67db10 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Pool.c +++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c @@ -385,7 +385,7 @@ CoreAllocatePoolI ( // =20 HasPoolTail =3D !(NeedGuard && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Dxe.HeapGuard.GuardAlignedToTail); PageAsPool =3D (IsHeapGuardEnabled (GUARD_HEAP_TYPE_FREED) && !mOnGuardi= ng); =20 // @@ -717,7 +717,7 @@ CoreFreePoolI ( IsGuarded =3D IsPoolTypeToGuard (Head->Type) && IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)Head); HasPoolTail =3D !(IsGuarded && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Dxe.HeapGuard.GuardAlignedToTail); PageAsPool =3D (Head->Signature =3D=3D POOLPAGE_HEAD_SIGNATURE); =20 if (HasPoolTail) { diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index 94ed3111688b..215a9f254065 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -9,7 +9,7 @@ 2) This policy is applied only if the UEFI image meets the page alignment requirement. 3) This policy is applied only if the Source UEFI image matches the - PcdImageProtectionPolicy definition. + Image Protection Policy definition. 4) This policy is not applied to the non-PE image region. =20 The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect @@ -60,7 +60,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define PREVIOUS_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \ ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) - (Size))) =20 -UINT32 mImageProtectionPolicy; +STATIC BOOLEAN mIsExecutionProtectionActive =3D FALSE; + +STATIC BOOLEAN mIsPageOrPoolGuardActive =3D FALSE; =20 extern LIST_ENTRY mGcdMemorySpaceMap; =20 @@ -149,11 +151,13 @@ GetProtectionPolicyFromImageType ( IN UINT32 ImageType ) { - if ((ImageType & mImageProtectionPolicy) =3D=3D 0) { - return DO_NOT_PROTECT; - } else { + if (((ImageType =3D=3D IMAGE_UNKNOWN) && gMps.Dxe.ImageProtection.Protec= tImageFromUnknown) || + ((ImageType =3D=3D IMAGE_FROM_FV) && gMps.Dxe.ImageProtection.Protec= tImageFromFv)) + { return PROTECT_IF_ALIGNED_ELSE_ALLOW; } + + return DO_NOT_PROTECT; } =20 /** @@ -611,7 +615,7 @@ UnprotectUefiImage ( IMAGE_PROPERTIES_RECORD *ImageRecord; LIST_ENTRY *ImageRecordLink; =20 - if (PcdGet32 (PcdImageProtectionPolicy) !=3D 0) { + if (IS_DXE_IMAGE_PROTECTION_ACTIVE) { for (ImageRecordLink =3D mProtectedImageRecordList.ForwardLink; ImageRecordLink !=3D &mProtectedImageRecordList; ImageRecordLink =3D ImageRecordLink->ForwardLink) @@ -648,21 +652,23 @@ GetPermissionAttributeForMemoryType ( IN EFI_MEMORY_TYPE MemoryType ) { - UINT64 TestBit; + UINT32 TestMemoryType; =20 if ((UINT32)MemoryType >=3D MEMORY_TYPE_OS_RESERVED_MIN) { - TestBit =3D BIT63; + TestMemoryType =3D OS_RESERVED_MPS_MEMORY_TYPE; } else if ((UINT32)MemoryType >=3D MEMORY_TYPE_OEM_RESERVED_MIN) { - TestBit =3D BIT62; + TestMemoryType =3D OEM_RESERVED_MPS_MEMORY_TYPE; + } else if (MemoryType >=3D EfiMaxMemoryType) { + return EFI_MEMORY_XP; } else { - TestBit =3D LShiftU64 (1, MemoryType); + TestMemoryType =3D MemoryType; } =20 - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & TestBit) !=3D 0) { + if (gMps.Dxe.ExecutionProtection.EnabledForType[TestMemoryType]) { return EFI_MEMORY_XP; - } else { - return 0; } + + return 0; } =20 /** @@ -772,7 +778,7 @@ MergeMemoryMapForProtectionPolicy ( =20 /** Remove exec permissions from all regions whose type is identified by - PcdDxeNxMemoryProtectionPolicy. + the DXE Execution Protection Policy. **/ STATIC VOID @@ -827,7 +833,7 @@ InitializeDxeNxMemoryProtectionPolicy ( ASSERT_EFI_ERROR (Status); =20 StackBase =3D 0; - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { // // Get the base of stack from Hob. // @@ -885,7 +891,7 @@ InitializeDxeNxMemoryProtectionPolicy ( // enabled. // if ((MemoryMapEntry->PhysicalStart =3D=3D 0) && - (PcdGet8 (PcdNullPointerDetectionPropertyMask) !=3D 0)) + (gMps.Dxe.NullPointerDetection.Enabled)) { ASSERT (MemoryMapEntry->NumberOfPages > 0); SetUefiImageMemoryAttributes ( @@ -903,7 +909,7 @@ InitializeDxeNxMemoryProtectionPolicy ( ((StackBase >=3D MemoryMapEntry->PhysicalStart) && (StackBase < MemoryMapEntry->PhysicalStart + LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT))) && - PcdGetBool (PcdCpuStackGuard)) + gMps.Dxe.CpuStackGuardEnabled) { SetUefiImageMemoryAttributes ( StackBase, @@ -1024,7 +1030,7 @@ MemoryProtectionCpuArchProtocolNotify ( // // Apply the memory protection policy on non-BScode/RTcode regions. // - if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) !=3D 0) { + if (IS_DXE_EXECUTION_PROTECTION_ACTIVE) { InitializeDxeNxMemoryProtectionPolicy (); } =20 @@ -1036,7 +1042,7 @@ MemoryProtectionCpuArchProtocolNotify ( // Mark the HOB list XP and RO. ProtectHobList (); =20 - if (mImageProtectionPolicy =3D=3D 0) { + if (!IS_DXE_IMAGE_PROTECTION_ACTIVE) { goto Done; } =20 @@ -1099,7 +1105,7 @@ MemoryProtectionExitBootServicesCallback ( // delay setting protections on RT code pages until after SetVirtualAddr= essMap(). // OS may set protection on RT based upon EFI_MEMORY_ATTRIBUTES_TABLE la= ter. // - if (mImageProtectionPolicy !=3D 0) { + if (IS_DXE_IMAGE_PROTECTION_ACTIVE) { for (Link =3D gRuntime->ImageHead.ForwardLink; Link !=3D &gRuntime->Im= ageHead; Link =3D Link->ForwardLink) { RuntimeImage =3D BASE_CR (Link, EFI_RUNTIME_IMAGE_ENTRY, Link); SetUefiImageMemoryAttributes ((UINT64)(UINTN)RuntimeImage->ImageBase= , ALIGN_VALUE (RuntimeImage->ImageSize, EFI_PAGE_SIZE), 0); @@ -1173,19 +1179,20 @@ CoreInitializeMemoryProtection ( EFI_EVENT EndOfDxeEvent; VOID *Registration; =20 - mImageProtectionPolicy =3D PcdGet32 (PcdImageProtectionPolicy); + mIsExecutionProtectionActive =3D IS_DXE_EXECUTION_PROTECTION_ACTIVE; + mIsPageOrPoolGuardActive =3D IS_DXE_PAGE_GUARD_ACTIVE || IS_DXE_POOL= _GUARD_ACTIVE; =20 InitializeListHead (&mProtectedImageRecordList); =20 // - // Sanity check the PcdDxeNxMemoryProtectionPolicy setting: + // Sanity check the DXE NX protection policy setting: // - code regions should have no EFI_MEMORY_XP attribute // - EfiConventionalMemory and EfiBootServicesData should use the // same attribute // - ASSERT ((GetPermissionAttributeForMemoryType (EfiBootServicesCode) & EFI= _MEMORY_XP) =3D=3D 0); - ASSERT ((GetPermissionAttributeForMemoryType (EfiRuntimeServicesCode) & = EFI_MEMORY_XP) =3D=3D 0); - ASSERT ((GetPermissionAttributeForMemoryType (EfiLoaderCode) & EFI_MEMOR= Y_XP) =3D=3D 0); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiLoaderCode]); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiBootServicesCode= ]); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiRuntimeServicesC= ode]); ASSERT ( GetPermissionAttributeForMemoryType (EfiBootServicesData) =3D=3D GetPermissionAttributeForMemoryType (EfiConventionalMemory) @@ -1213,9 +1220,7 @@ CoreInitializeMemoryProtection ( // // Register a callback to disable NULL pointer detection at EndOfDxe // - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7)) - =3D=3D (BIT0|BIT7)) - { + if (gMps.Dxe.NullPointerDetection.Enabled && gMps.Dxe.NullPointerDetecti= on.DisableEndOfDxe) { Status =3D CoreCreateEventEx ( EVT_NOTIFY_SIGNAL, TPL_NOTIFY, @@ -1279,7 +1284,7 @@ ApplyMemoryProtectionPolicy ( UINT64 NewAttributes; =20 // - // The policy configured in PcdDxeNxMemoryProtectionPolicy + // The policy configured in DXE Execution Protection Policy // does not apply to allocations performed in SMM mode. // if (IsInSmm ()) { @@ -1298,7 +1303,7 @@ ApplyMemoryProtectionPolicy ( // // Check if a DXE memory protection policy has been configured // - if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) =3D=3D 0) { + if (!mIsExecutionProtectionActive) { return EFI_SUCCESS; } =20 @@ -1306,7 +1311,7 @@ ApplyMemoryProtectionPolicy ( // Don't overwrite Guard pages, which should be the first and/or last pa= ge, // if any. // - if (IsHeapGuardEnabled (GUARD_HEAP_TYPE_PAGE|GUARD_HEAP_TYPE_POOL)) { + if (mIsPageOrPoolGuardActive) { if (IsGuardPage (Memory)) { Memory +=3D EFI_PAGE_SIZE; Length -=3D EFI_PAGE_SIZE; diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c b/MdeModulePkg/Core/Pi= SmmCore/HeapGuard.c index 25310122ca1b..eac38e699c30 100644 --- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c +++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c @@ -592,36 +592,29 @@ IsMemoryTypeToGuard ( IN UINT8 PageOrPool ) { - UINT64 TestBit; UINT64 ConfigBit; =20 - if ( ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) =3D=3D 0) + ConfigBit =3D gMps.Mm.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAGE= : 0; + ConfigBit |=3D gMps.Mm.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POOL= : 0; + + if ( ((ConfigBit & PageOrPool) =3D=3D 0) || mOnGuarding || (AllocateType =3D=3D AllocateAddress)) { return FALSE; } =20 - ConfigBit =3D 0; - if ((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) { - ConfigBit |=3D PcdGet64 (PcdHeapGuardPoolType); - } - - if ((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) { - ConfigBit |=3D PcdGet64 (PcdHeapGuardPageType); - } - if ((MemoryType =3D=3D EfiRuntimeServicesData) || (MemoryType =3D=3D EfiRuntimeServicesCode)) { - TestBit =3D LShiftU64 (1, MemoryType); + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && gMps.Mm.PageGu= ard.EnabledForType[MemoryType]) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && gMps.Mm.PoolGu= ard.EnabledForType[MemoryType]); } else if (MemoryType =3D=3D EfiMaxMemoryType) { - TestBit =3D (UINT64)-1; - } else { - TestBit =3D 0; + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && IS_MM_PAGE_GUA= RD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && IS_MM_POOL_GUA= RD_ACTIVE); } =20 - return ((ConfigBit & TestBit) !=3D 0); + return FALSE; } =20 /** @@ -951,7 +944,7 @@ AdjustPoolHeadA ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // @@ -977,7 +970,7 @@ AdjustPoolHeadF ( IN EFI_PHYSICAL_ADDRESS Memory ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // diff --git a/MdeModulePkg/Core/PiSmmCore/Pool.c b/MdeModulePkg/Core/PiSmmCo= re/Pool.c index e1ff40a8ea55..991efaf33bdd 100644 --- a/MdeModulePkg/Core/PiSmmCore/Pool.c +++ b/MdeModulePkg/Core/PiSmmCore/Pool.c @@ -258,7 +258,7 @@ SmmInternalAllocatePool ( =20 NeedGuard =3D IsPoolTypeToGuard (PoolType); HasPoolTail =3D !(NeedGuard && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Mm.HeapGuard.GuardAlignedToTail); =20 // // Adjust the size by the pool header & tail overhead @@ -392,7 +392,7 @@ SmmInternalFreePool ( MemoryGuarded =3D IsHeapGuardEnabled () && IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)FreePoolHd= r); HasPoolTail =3D !(MemoryGuarded && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Mm.HeapGuard.GuardAlignedToTail); =20 if (HasPoolTail) { PoolTail =3D HEAD_TO_TAIL (&FreePoolHdr->Header); diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMai= n.h index 43daa037be44..8b8b97666f38 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -84,6 +84,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 // // attributes for reserved memory before it is promoted to system memory diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 6c896a0e7f0f..ddbbee5f68ce 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -94,6 +94,7 @@ [LibraryClasses] DebugAgentLib CpuExceptionHandlerLib PcdLib + GetMemoryProtectionsLib =20 [Guids] gEfiEventMemoryMapChangeGuid ## PRODUCES ##= Event @@ -179,13 +180,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileMemoryType = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth = ## CONSUMES gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel = ## CONSUMES =20 diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h b/MdeModulePkg/Core/Pi= SmmCore/PiSmmCore.h index b8a490a8c3b5..2fabed0670e0 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h @@ -55,6 +55,7 @@ #include #include #include +#include =20 #include "PiSmmCorePrivateData.h" #include "HeapGuard.h" diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf b/MdeModulePkg/Core/= PiSmmCore/PiSmmCore.inf index 3df44b38f13c..4586ec39d7c7 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf @@ -61,6 +61,7 @@ [LibraryClasses] HobLib SmmMemLib SafeIntLib + GetMemoryProtectionsLib =20 [Protocols] gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerR= egister @@ -94,9 +95,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdSmiHandlerProfilePropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ##= CONSUMES =20 [Guids] --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108881): https://edk2.groups.io/g/devel/message/108881 Mute This Topic: https://groups.io/mt/101469959/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108882+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108882+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171500; cv=none; d=zohomail.com; s=zohoarc; b=Vb1qD2prYq8o8SbOH02K1QNfmXX/dcUIcdqbhPlUVwRXkvy6PunBSRFySxMex6dcwpvInOvBMptvZ+m7tH/HKFhv0w7CqspFP2a6WnuxY0cP/pn0EFV5ZBh2dMbwdTJaWq3E2fTE4WU2FdlHddPQeu22jvvuVO7NwfJdkjOjt0M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171500; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=zKsjbYUz8/es4LLxKLBg3RCA5KNIWnI8ym8Fk/yU1Pk=; b=UbPb4WjKAN/osUrEjglD9vkQiVFpKWJVhptbaN3HIBzOq9WBr34tBQaJLyUWT2KesPpCSqoDqExeybU/hwtN5gadNE883V8HQ0d2dr9PnPQuM/FAmmr0cMhAIlgeM3WjDvyPtIEBValJJ7CWqlSxdrSfNuDblW4heDs0yWk32T0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108882+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171500030292.55603541900473; Tue, 19 Sep 2023 17:58:20 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=AH0T8TwUU6lOe1H740wQvi/UIidrwmDSIsI0WO52mi8=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171499; v=1; b=f7Ko7Dzu5VeM+dg3LAD72AcJWd49eOk0iImonMxlUDYuDKR8D7UtF/rUPxD/iEBxnVCo1dj1 Xte7mrIGUkAlm+Be9SwVoABSwCLAXmBprG/Vm7uwWuYj1NPazZRF+t3WesHAq6SUQV5/22BuifA D+LfhK90Rr1MUTWveAub/NY4= X-Received: by 127.0.0.2 with SMTP id 9GbJYY1788612x17s68HlUj2; Tue, 19 Sep 2023 17:58:19 -0700 X-Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web10.26794.1695171499185481722 for ; Tue, 19 Sep 2023 17:58:19 -0700 X-Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-1c3cbfa40d6so56349445ad.1 for ; Tue, 19 Sep 2023 17:58:19 -0700 (PDT) X-Gm-Message-State: jjYeJx5OCsinETdRdjtpZYPsx1787277AA= X-Google-Smtp-Source: AGHT+IHTrBo8tDvtljdfqL7Epc26dk5DxRR4OAAgwi4YWBnmFrxYUdxq0OXo/bkEc+5x0tPCvKQ9KA== X-Received: by 2002:a17:903:24c:b0:1c1:fe87:f550 with SMTP id j12-20020a170903024c00b001c1fe87f550mr1087920plh.7.1695171498418; Tue, 19 Sep 2023 17:58:18 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:18 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 20/28] MdeModulePkg: Add Additional Profiles to SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:43 -0700 Message-ID: <20230920005752.2041-21-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171501497100080 Content-Type: text/plain; charset="utf-8" Now that the EDK2 tree uses GetMemoryProtectionsLib to query the platform memory protection settings, we can add additional profiles to SetMemoryProtectionsLib to give plaforms more options for setting memory protections. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c | 4= 17 +++++++++++++++++++- MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h | = 7 + 2 files changed, 422 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.c b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtection= sLib.c index 13032ec80fbf..5f054504b75e 100644 --- a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c @@ -28,6 +28,227 @@ typedef struct { // DXE PROFILE DEFINITIONS // ///////////////////////////// =20 +// +// A memory profile with strict settings ideal for development scenarios. +// +#define DXE_MEMORY_PROTECTION_SETTINGS_DEBUG \ +{ \ + DXE_MEMORY_PROTECTION_SIGNATURE, \ + DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + TRUE, /* Stack Guard */ \ + TRUE, /* Stack Execution Protection */ \ + { /* NULL Pointer Detection */ \ + .Enabled =3D TRUE, \ + .DisableEndOfDxe =3D FALSE, \ + .NonstopModeEnabled =3D TRUE \ + }, \ + { /* Image Protection */ \ + .ProtectImageFromUnknown =3D TRUE, \ + .ProtectImageFromFv =3D TRUE \ + }, \ + { /* Execution Protection */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D TRUE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D TRUE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D TRUE, \ + [EfiUnusableMemory] =3D TRUE, \ + [EfiACPIReclaimMemory] =3D TRUE, \ + [EfiACPIMemoryNVS] =3D TRUE, \ + [EfiMemoryMappedIO] =3D TRUE, \ + [EfiMemoryMappedIOPortSpace] =3D TRUE, \ + [EfiPalCode] =3D TRUE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D TRUE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D TRUE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D TRUE \ + } \ + }, \ + { /* Heap Guard */ \ + .PageGuardEnabled =3D TRUE, \ + .PoolGuardEnabled =3D TRUE, \ + .FreedMemoryGuardEnabled =3D FALSE, \ + .NonstopModeEnabled =3D TRUE, \ + .GuardAlignedToTail =3D TRUE \ + }, \ + { /* Pool Guard */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D TRUE, \ + [EfiLoaderCode] =3D TRUE, \ + [EfiLoaderData] =3D TRUE, \ + [EfiBootServicesCode] =3D TRUE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D TRUE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D FALSE, \ + [EfiUnusableMemory] =3D TRUE, \ + [EfiACPIReclaimMemory] =3D TRUE, \ + [EfiACPIMemoryNVS] =3D TRUE, \ + [EfiMemoryMappedIO] =3D TRUE, \ + [EfiMemoryMappedIOPortSpace] =3D TRUE, \ + [EfiPalCode] =3D TRUE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D TRUE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D TRUE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D TRUE \ + } \ + }, \ + { /* Page Guard */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D TRUE, \ + [EfiLoaderCode] =3D TRUE, \ + [EfiLoaderData] =3D TRUE, \ + [EfiBootServicesCode] =3D TRUE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D TRUE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D FALSE, \ + [EfiUnusableMemory] =3D TRUE, \ + [EfiACPIReclaimMemory] =3D TRUE, \ + [EfiACPIMemoryNVS] =3D TRUE, \ + [EfiMemoryMappedIO] =3D TRUE, \ + [EfiMemoryMappedIOPortSpace] =3D TRUE, \ + [EfiPalCode] =3D TRUE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D TRUE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D TRUE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D TRUE \ + } \ + } \ +} + +// +// A memory profile recommended for production. Compared to the debug +// settings, this profile removes the pool guards and uses page guards +// for fewer memory types. +// +#define DXE_MEMORY_PROTECTION_SETTINGS_PROD_MODE \ +{ \ + DXE_MEMORY_PROTECTION_SIGNATURE, \ + DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + TRUE, /* Stack Guard */ \ + TRUE, /* Stack Execution Protection */ \ + { /* NULL Pointer Detection */ \ + .Enabled =3D TRUE, \ + .DisableEndOfDxe =3D FALSE, \ + .NonstopModeEnabled =3D FALSE \ + }, \ + { /* Image Protection */ \ + .ProtectImageFromUnknown =3D FALSE, \ + .ProtectImageFromFv =3D TRUE \ + }, \ + { /* Execution Protection */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D TRUE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D TRUE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D TRUE, \ + [EfiUnusableMemory] =3D TRUE, \ + [EfiACPIReclaimMemory] =3D TRUE, \ + [EfiACPIMemoryNVS] =3D TRUE, \ + [EfiMemoryMappedIO] =3D TRUE, \ + [EfiMemoryMappedIOPortSpace] =3D TRUE, \ + [EfiPalCode] =3D TRUE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D TRUE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D TRUE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D TRUE \ + } \ + }, \ + { /* Heap Guard */ \ + .PageGuardEnabled =3D TRUE, \ + .PoolGuardEnabled =3D FALSE, \ + .FreedMemoryGuardEnabled =3D FALSE, \ + .NonstopModeEnabled =3D FALSE, \ + .GuardAlignedToTail =3D TRUE \ + }, \ + { /* Pool Guard */ \ + 0 \ + }, \ + { /* Page Guard */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D FALSE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D FALSE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D FALSE, \ + [EfiUnusableMemory] =3D FALSE, \ + [EfiACPIReclaimMemory] =3D FALSE, \ + [EfiACPIMemoryNVS] =3D FALSE, \ + [EfiMemoryMappedIO] =3D FALSE, \ + [EfiMemoryMappedIOPortSpace] =3D FALSE, \ + [EfiPalCode] =3D FALSE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D FALSE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D FALSE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D FALSE \ + } \ + } \ +} + +// +// A memory profile which mirrors DXE_MEMORY_PROTECTION_SETTINGS_PROD_MODE +// but doesn't include page guards. +// +#define DXE_MEMORY_PROTECTION_SETTINGS_PROD_MODE_NO_PAGE_GUARDS \ +{ \ + DXE_MEMORY_PROTECTION_SIGNATURE, \ + DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + TRUE, /* Stack Guard */ \ + TRUE, /* Stack Execution Protection */ \ + { /* NULL Pointer Detection */ \ + .Enabled =3D TRUE, \ + .DisableEndOfDxe =3D FALSE, \ + .NonstopModeEnabled =3D FALSE \ + }, \ + { /* Image Protection */ \ + .ProtectImageFromUnknown =3D FALSE, \ + .ProtectImageFromFv =3D TRUE \ + }, \ + { /* Execution Protection */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D TRUE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D TRUE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D TRUE, \ + [EfiUnusableMemory] =3D TRUE, \ + [EfiACPIReclaimMemory] =3D TRUE, \ + [EfiACPIMemoryNVS] =3D TRUE, \ + [EfiMemoryMappedIO] =3D TRUE, \ + [EfiMemoryMappedIOPortSpace] =3D TRUE, \ + [EfiPalCode] =3D TRUE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D TRUE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D TRUE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D TRUE \ + } \ + }, \ + { /* Heap Guard */ \ + 0 \ + }, \ + { /* Pool Guard */ \ + 0 \ + }, \ + { /* Page Guard */ \ + 0 \ + } \ +} + // // A memory profile which uses the fixed at build PCDs defined in MdeModu= lePkg.dec // @@ -121,10 +342,146 @@ typedef struct { } = \ } =20 +// +// A memory profile which disables all DXE memory protection settings. +// +#define DXE_MEMORY_PROTECTION_SETTINGS_OFF \ +{ \ + DXE_MEMORY_PROTECTION_SIGNATURE, \ + DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + FALSE, /* Stack Guard */ \ + FALSE, /* Stack Execution Protection */ \ + { /* NULL Pointer Detection */ \ + 0 \ + }, \ + { /* Image Protection */ \ + 0 \ + }, \ + { /* Execution Protection */ \ + 0 \ + }, \ + { /* Heap Guard */ \ + 0 \ + }, \ + { /* Pool Guard */ \ + 0 \ + }, \ + { /* Page Guard */ \ + 0 \ + } \ +} + //////////////////////////// // MM PROFILE DEFINITIONS // //////////////////////////// =20 +// +// A memory profile ideal for development scenarios. +// +#define MM_MEMORY_PROTECTION_SETTINGS_DEBUG \ +{ \ + MM_MEMORY_PROTECTION_SIGNATURE, \ + MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + { /* NULL Pointer Detection */ \ + .Enabled =3D TRUE, \ + .NonstopModeEnabled =3D TRUE \ + }, \ + { /* Heap Guard */ \ + .PageGuardEnabled =3D TRUE, \ + .PoolGuardEnabled =3D TRUE, \ + .NonstopModeEnabled =3D TRUE, \ + .GuardAlignedToTail =3D TRUE \ + }, \ + { /* Pool Guard */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D FALSE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D FALSE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D FALSE, \ + [EfiUnusableMemory] =3D FALSE, \ + [EfiACPIReclaimMemory] =3D FALSE, \ + [EfiACPIMemoryNVS] =3D FALSE, \ + [EfiMemoryMappedIO] =3D FALSE, \ + [EfiMemoryMappedIOPortSpace] =3D FALSE, \ + [EfiPalCode] =3D FALSE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D FALSE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D FALSE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D FALSE \ + } \ + }, \ + { /* Page Guard */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D FALSE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D FALSE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D FALSE, \ + [EfiUnusableMemory] =3D FALSE, \ + [EfiACPIReclaimMemory] =3D FALSE, \ + [EfiACPIMemoryNVS] =3D FALSE, \ + [EfiMemoryMappedIO] =3D FALSE, \ + [EfiMemoryMappedIOPortSpace] =3D FALSE, \ + [EfiPalCode] =3D FALSE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D FALSE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D FALSE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D FALSE \ + } \ + } \ +} + +// +// A memory profile ideal for production scenarios. +// +#define MM_MEMORY_PROTECTION_SETTINGS_PROD_MODE \ +{ \ + MM_MEMORY_PROTECTION_SIGNATURE, \ + MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + { /* NULL Pointer Detection */ \ + .Enabled =3D TRUE, \ + .NonstopModeEnabled =3D FALSE \ + }, \ + { /* Heap Guard */ \ + .PageGuardEnabled =3D TRUE, \ + .PoolGuardEnabled =3D FALSE, \ + .NonstopModeEnabled =3D FALSE, \ + .GuardAlignedToTail =3D TRUE \ + }, \ + { /* Pool Guard */ \ + 0 \ + }, \ + { /* Page Guard */ \ + .EnabledForType =3D { \ + [EfiReservedMemoryType] =3D FALSE, \ + [EfiLoaderCode] =3D FALSE, \ + [EfiLoaderData] =3D FALSE, \ + [EfiBootServicesCode] =3D FALSE, \ + [EfiBootServicesData] =3D TRUE, \ + [EfiRuntimeServicesCode] =3D FALSE, \ + [EfiRuntimeServicesData] =3D TRUE, \ + [EfiConventionalMemory] =3D FALSE, \ + [EfiUnusableMemory] =3D FALSE, \ + [EfiACPIReclaimMemory] =3D FALSE, \ + [EfiACPIMemoryNVS] =3D FALSE, \ + [EfiMemoryMappedIO] =3D FALSE, \ + [EfiMemoryMappedIOPortSpace] =3D FALSE, \ + [EfiPalCode] =3D FALSE, \ + [EfiPersistentMemory] =3D FALSE, \ + [EfiUnacceptedMemoryType] =3D FALSE, \ + [OEM_RESERVED_MPS_MEMORY_TYPE] =3D FALSE, \ + [OS_RESERVED_MPS_MEMORY_TYPE] =3D FALSE \ + } \ + } \ +} + // // A memory profile which uses the fixed at build PCDs defined in MdeModu= lePkg.dec // @@ -188,24 +545,80 @@ typedef struct { } = \ } =20 +// +// A memory profile which disables all MM memory protection settings. +// +#define MM_MEMORY_PROTECTION_SETTINGS_OFF \ +{ \ + MM_MEMORY_PROTECTION_SIGNATURE, \ + MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \ + { /* NULL Pointer Detection */ \ + 0 \ + }, \ + { /* Heap Guard */ \ + 0 \ + }, \ + { /* Pool Guard */ \ + 0 \ + }, \ + { /* Page Guard */ \ + 0 \ + } \ +} + //////////////////////////// // PROFILE CONFIGURATIONS // //////////////////////////// =20 DXE_MEMORY_PROTECTION_PROFILES DxeMemoryProtectionProfiles[DxeMemoryProte= ctionSettingsMax] =3D { - [DxeMemoryProtectionSettingsPcd] =3D { + [DxeMemoryProtectionSettingsDebug] =3D { + .Name =3D "Debug", + .Description =3D "Development profile ideal for debug scenarios", + .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_DEBUG + }, + [DxeMemoryProtectionSettingsRelease] =3D { + .Name =3D "Release", + .Description =3D "Release profile recommended for production scenarios= ", + .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_PROD_MODE + }, + [DxeMemoryProtectionSettingsReleaseNoPageGuards] =3D { + .Name =3D "ReleaseNoPageGuards", + .Description =3D "Release profile without page guards recommended for = performance sensitive production scenarios", + .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_PROD_MODE_NO_PAGE_GUAR= DS + }, + [DxeMemoryProtectionSettingsPcd] =3D { .Name =3D "Pcd", .Description =3D "Memory protection settings from PCDs", .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_PCD }, + [DxeMemoryProtectionSettingsOff] =3D { + .Name =3D "Off", + .Description =3D "Disables all memory protection settings", + .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_OFF + } }; =20 MM_MEMORY_PROTECTION_PROFILES MmMemoryProtectionProfiles[MmMemoryProtecti= onSettingsMax] =3D { - [MmMemoryProtectionSettingsPcd] =3D { + [MmMemoryProtectionSettingsDebug] =3D { + .Name =3D "Debug", + .Description =3D "Development profile ideal for debug scenarios", + .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_DEBUG + }, + [MmMemoryProtectionSettingsRelease] =3D { + .Name =3D "Release", + .Description =3D "Release profile recommended for production scenarios= ", + .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_PROD_MODE + }, + [MmMemoryProtectionSettingsPcd] =3D { .Name =3D "Pcd", .Description =3D "Memory protection settings from PCDs", .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_PCD }, + [MmMemoryProtectionSettingsOff] =3D { + .Name =3D "Off", + .Description =3D "Disables all memory protection settings", + .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_OFF + } }; =20 ///////////////////////////////////// diff --git a/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h b/MdeMo= dulePkg/Include/Library/SetMemoryProtectionsLib.h index 023c987c3c7e..f4665130b0b3 100644 --- a/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h +++ b/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h @@ -17,6 +17,10 @@ typedef struct { } DXE_MEMORY_PROTECTION_PROFILES; =20 typedef enum { + DxeMemoryProtectionSettingsDebug =3D 0, + DxeMemoryProtectionSettingsRelease, + DxeMemoryProtectionSettingsReleaseNoPageGuards, + DxeMemoryProtectionSettingsOff, DxeMemoryProtectionSettingsPcd, DxeMemoryProtectionSettingsMax } DXE_MEMORY_PROTECTION_PROFILE_INDEX; @@ -28,6 +32,9 @@ typedef struct { } MM_MEMORY_PROTECTION_PROFILES; =20 typedef enum { + MmMemoryProtectionSettingsDebug =3D 0, + MmMemoryProtectionSettingsRelease, + MmMemoryProtectionSettingsOff, MmMemoryProtectionSettingsPcd, MmMemoryProtectionSettingsMax } MM_MEMORY_PROTECTION_PROFILE_INDEX; --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108882): https://edk2.groups.io/g/devel/message/108882 Mute This Topic: https://groups.io/mt/101469960/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108883+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108883+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171500; cv=none; d=zohomail.com; s=zohoarc; b=lQV0p6SjPahqXHgSAphH27g2UnmSnG3+/tNzMR6TPu8yAU09d5PS46qnZCnX3Hs5u1mW2tKyVPdUG2Q4OOPqf/E4HicbudgYLFzRa4aZ+yR3Nzt0PGSKQrLbYth6PVPUVqQemk8frhlxbAbjdW07jDX4jamxqQOT2byFfeHHl7Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171500; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=0P3CdRZThbm0fB9EhUYpjy8mwaAuB39r3yDbJunfxDg=; b=MOWnwLnlnvGxX3tFK8OgWhQKGJ+yJZhIIahrfq1jfEd/ZQ7NDNcD/6Kukuhkrn/Xj65E+y+8PFRMB7L44iZQVYe+bHxyRxb+CYNs+6wijnqGAnJjxU7XaiQXrJaUrroIp8AWBIs0q/ziwwvQXhPe8Dr30FSqdAesu6JKxK8jKGI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108883+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 169517150083079.39523417727696; Tue, 19 Sep 2023 17:58:20 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=3E23dsImRadpSULd7nQfoTzw7gg6wFy8yIpuHeyZ568=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171500; v=1; b=UDz8EaECq6GfmYb5KQ3MUogapY5TEktukelVXSR4LxyvEeEgLkZp8SGXyG9WCVd+W4qYoghz uRNL6JXaT1iT5mY0du6gvb4NqUBAM/dTIqiuD6Fa9dar+Gk3lQviWUqJavvG0hkbDozVKZgA9H1 3i3R8HNJsvGT7kY3r8BuXIHg= X-Received: by 127.0.0.2 with SMTP id KSPJYY1788612xAwWwb7L4Gt; Tue, 19 Sep 2023 17:58:20 -0700 X-Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web11.26931.1695171499837050866 for ; Tue, 19 Sep 2023 17:58:19 -0700 X-Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1c3d8fb23d9so50242115ad.0 for ; Tue, 19 Sep 2023 17:58:19 -0700 (PDT) X-Gm-Message-State: vkA1zTaPKasmZ3Ii1fFVycJVx1787277AA= X-Google-Smtp-Source: AGHT+IHqyLJIGySCJSo2SmUgyeI+JrBvLbndcT4lL5Rddod1HhYO+6QQo4tumCJ27AUgEnpcMtx/Tw== X-Received: by 2002:a17:902:b708:b0:1bc:e6a:205f with SMTP id d8-20020a170902b70800b001bc0e6a205fmr864251pls.20.1695171499168; Tue, 19 Sep 2023 17:58:19 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:18 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 21/28] OvmfPkg: Add QemuFwCfgParseString to QemuFwCfgSimpleParserLib Date: Tue, 19 Sep 2023 17:57:44 -0700 Message-ID: <20230920005752.2041-22-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171502107100084 Content-Type: text/plain; charset="utf-8" QemuFwCfgParseString allows reading strings from the fw_cfg file. This function is needed for parsing the memory protection profile name. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann --- OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser.c | 11 ++++= +++++++ OvmfPkg/Include/Library/QemuFwCfgSimpleParserLib.h | 8 ++++= ++++ 2 files changed, 19 insertions(+) diff --git a/OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser= .c b/OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser.c index c9e0091b82d1..63c8711a9f2e 100644 --- a/OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser.c +++ b/OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser.c @@ -426,3 +426,14 @@ QemuFwCfgParseUintn ( *Value =3D (UINTN)Uint64; return RETURN_SUCCESS; } + +RETURN_STATUS +EFIAPI +QemuFwCfgParseString ( + IN CONST CHAR8 *FileName, + IN OUT UINTN *BufferSize, + OUT CHAR8 *Buffer + ) +{ + return QemuFwCfgGetAsString (FileName, BufferSize, Buffer); +} diff --git a/OvmfPkg/Include/Library/QemuFwCfgSimpleParserLib.h b/OvmfPkg/I= nclude/Library/QemuFwCfgSimpleParserLib.h index bcbf3bc4fc96..ea9fcf7b402e 100644 --- a/OvmfPkg/Include/Library/QemuFwCfgSimpleParserLib.h +++ b/OvmfPkg/Include/Library/QemuFwCfgSimpleParserLib.h @@ -125,4 +125,12 @@ QemuFwCfgParseUintn ( OUT UINTN *Value ); =20 +RETURN_STATUS +EFIAPI +QemuFwCfgParseString ( + IN CONST CHAR8 *FileName, + IN OUT UINTN *BufferSize, + OUT CHAR8 *Buffer + ); + #endif // QEMU_FW_CFG_SIMPLE_PARSER_LIB_H_ --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108883): https://edk2.groups.io/g/devel/message/108883 Mute This Topic: https://groups.io/mt/101469961/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108884+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108884+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171501; cv=none; d=zohomail.com; s=zohoarc; b=Os2MCRq1MKgfvo/6tvjDHJ3JqWZV/EGBowkd8OCWPx/cksms6U9AqGLaNzFnZyQqzRVdk/Zv8d0P1H+uHorQEI5jVcPAZ1yTYaT9uAoKA3ymgZP3FqN9VKC4Tu6luxNAwyBvBaUvc89fEJO5WT2iP6de+0dTu2NqKyLM3F2uL0w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171501; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=FPj44NynQ9TTrrV1fE+zZBI9CsshGF5EVTS2f9g8veI=; b=IVqT53Vvf2aNTRtkGfeTwdOoRPQ81xWYx6xAmFn/XLPaYpBuX8DK95sIwcy8zC2uESs+EkSwnJ96Iq4jG4GnCdFELe0Q1ctD58VRLUc7i1fWqY2kK92EIRtNU92zvqzX+8IQQxCBTCjEybDPjfB2c3+no93Joil/hWJ31iirYdk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108884+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171501274370.83983835845777; Tue, 19 Sep 2023 17:58:21 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=6wR2YsgX0G7FrsrdLxqa6WnAgkNpS/qn5gllgyLIZw0=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171500; v=1; b=XznFiCWSN4DMvPLbnIZkUXekNrT48vg0XSTqQuWL9WeDIg1gXnFYyuXyNC27gQ/wjdONerho NBqveRei1ik4PMkhkbqcsBrqva0rSMjEHwxW2JCSf1SK0r73N9kNzXEc+5JW6FtBK3MTXmSkJuF YROH4ttKKqx/0F6Yzz0fiivw= X-Received: by 127.0.0.2 with SMTP id iswfYY1788612x6618is2z7n; Tue, 19 Sep 2023 17:58:20 -0700 X-Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web10.26795.1695171500433385795 for ; Tue, 19 Sep 2023 17:58:20 -0700 X-Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1c3d6d88231so50443975ad.0 for ; Tue, 19 Sep 2023 17:58:20 -0700 (PDT) X-Gm-Message-State: SVv1U4wXkd4A0K0MWLzevUsDx1787277AA= X-Google-Smtp-Source: AGHT+IFrQvKSjxFPFMxSeyVHp9aMcqjv1LNxUvg5UQ1CLszKTbto5ijjKZFYbO0cNGuSUYKnuFVfTw== X-Received: by 2002:a17:902:c1cc:b0:1bb:7b0a:374 with SMTP id c12-20020a170902c1cc00b001bb7b0a0374mr1103350plc.4.1695171499753; Tue, 19 Sep 2023 17:58:19 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:19 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 22/28] OvmfPkg: Add MemoryProtectionConfigLib Date: Tue, 19 Sep 2023 17:57:45 -0700 Message-ID: <20230920005752.2041-23-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171502136100085 Content-Type: text/plain; charset="utf-8" MemoryProtectionConfigLib enables parsing the fw_cfg for the memory protection profile. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann --- OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.c | = 118 ++++++++++++++++++++ OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc | = 1 + OvmfPkg/Include/Library/MemoryProtectionConfigLib.h | = 49 ++++++++ OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.inf | = 35 ++++++ OvmfPkg/OvmfPkg.dec | = 4 + 5 files changed, 207 insertions(+) diff --git a/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConf= igLib.c b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigL= ib.c new file mode 100644 index 000000000000..b568665f407c --- /dev/null +++ b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.c @@ -0,0 +1,118 @@ +/** @file + Parses the fw_cfg file for the DXE and MM memory protection settings pro= file. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +#include +#include +#include +#include +#include + +#define DXE_MEMORY_PROTECTION_PROFILE_FWCFG_FILE \ + "opt/org.tianocore/DxeMemoryProtectionProfile" + +#define MM_MEMORY_PROTECTION_PROFILE_FWCFG_FILE \ + "opt/org.tianocore/MmMemoryProtectionProfile" + +/** + Parses the fw_cfg file for the MM memory protection settings profile. + + @param[in] MmSettings The MM memory protection settings profile to popu= late. + + @retval EFI_SUCCESS The MM memory protection settings profil= e was populated. + @retval EFI_INVALID_PARAMETER MmSettings is NULL. + @retval EFI_ABORTED The MM memory protection settings profil= e name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The MM memory protection settings profil= e was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmSettings + ) +{ + CHAR8 String[100]; + UINTN StringSize; + UINTN Index; + + if (MmSettings =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + StringSize =3D sizeof (String); + + if (!EFI_ERROR (QemuFwCfgParseString (MM_MEMORY_PROTECTION_PROFILE_FWCFG= _FILE, &StringSize, String))) { + Index =3D 0; + do { + if (AsciiStriCmp (MmMemoryProtectionProfiles[Index].Name, String) = =3D=3D 0) { + DEBUG ((DEBUG_INFO, "Setting MM Memory Protection Profile: %a\n", = String)); + break; + } + } while (++Index < MmMemoryProtectionSettingsMax); + + if (Index >=3D MmMemoryProtectionSettingsMax) { + DEBUG ((DEBUG_ERROR, "Invalid MM memory protection profile: %a\n", S= tring)); + ASSERT (Index < MmMemoryProtectionSettingsMax); + return EFI_ABORTED; + } else { + CopyMem (MmSettings, &MmMemoryProtectionProfiles[Index].Settings, si= zeof (MM_MEMORY_PROTECTION_SETTINGS)); + return EFI_SUCCESS; + } + } + + return EFI_NOT_FOUND; +} + +/** + Parses the fw_cfg file for the DXE memory protection settings profile. + + @param[in] DxeSettings The DXE memory protection settings profile to po= pulate. + + @retval EFI_SUCCESS The DXE memory protection settings profi= le was populated. + @retval EFI_INVALID_PARAMETER DxeSettings is NULL. + @retval EFI_ABORTED The DXE memory protection settings profi= le name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The DXE memory protection settings profi= le was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeSettings + ) +{ + CHAR8 String[100]; + UINTN StringSize; + UINTN Index; + + if (DxeSettings =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + StringSize =3D sizeof (String); + + if (!EFI_ERROR (QemuFwCfgParseString (DXE_MEMORY_PROTECTION_PROFILE_FWCF= G_FILE, &StringSize, String))) { + Index =3D 0; + do { + if (AsciiStriCmp (DxeMemoryProtectionProfiles[Index].Name, String) = =3D=3D 0) { + DEBUG ((DEBUG_INFO, "Setting DXE Memory Protection Profile: %a\n",= String)); + break; + } + } while (++Index < DxeMemoryProtectionSettingsMax); + + if (Index >=3D DxeMemoryProtectionSettingsMax) { + DEBUG ((DEBUG_ERROR, "Invalid DXE memory protection profile: %a\n", = String)); + ASSERT (Index < DxeMemoryProtectionSettingsMax); + return EFI_ABORTED; + } else { + CopyMem (DxeSettings, &DxeMemoryProtectionProfiles[Index].Settings, = sizeof (DXE_MEMORY_PROTECTION_SETTINGS)); + return EFI_SUCCESS; + } + } + + return EFI_NOT_FOUND; +} diff --git a/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc b/OvmfPk= g/Include/Dsc/MemoryProtectionLibraries.dsc.inc index 049fdef3f0c1..fcd8ef23c5a5 100644 --- a/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc +++ b/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc @@ -7,6 +7,7 @@ # [LibraryClasses.common] SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLib.inf + MemoryProtectionConfigLib|OvmfPkg/Library/MemoryProtectionConfigLib/Memo= ryProtectionConfigLib.inf =20 [LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER, Lib= raryClasses.common.MM_CORE_STANDALONE, LibraryClasses.common.MM_STANDALONE] GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/MmG= etMemoryProtectionsLib.inf diff --git a/OvmfPkg/Include/Library/MemoryProtectionConfigLib.h b/OvmfPkg/= Include/Library/MemoryProtectionConfigLib.h new file mode 100644 index 000000000000..d30de58001c3 --- /dev/null +++ b/OvmfPkg/Include/Library/MemoryProtectionConfigLib.h @@ -0,0 +1,49 @@ +/** @file + Parses the fw_cfg file for the DXE and MM memory protection settings pro= file. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MEMORY_PROTECTION_CONFIG_LIB_H_ +#define MEMORY_PROTECTION_CONFIG_LIB_H_ + +#include + +#include + +/** + Parses the fw_cfg file for the MM memory protection settings profile. + + @param[in] MmSettings The MM memory protection settings profile to popu= late. + + @retval EFI_SUCCESS The MM memory protection settings profil= e was populated. + @retval EFI_INVALID_PARAMETER MmSettings is NULL. + @retval EFI_ABORTED The MM memory protection settings profil= e name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The MM memory protection settings profil= e was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmSettings + ); + +/** + Parses the fw_cfg file for the DXE memory protection settings profile. + + @param[in] DxeSettings The DXE memory protection settings profile to po= pulate. + + @retval EFI_SUCCESS The DXE memory protection settings profi= le was populated. + @retval EFI_INVALID_PARAMETER DxeSettings is NULL. + @retval EFI_ABORTED The DXE memory protection settings profi= le name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The DXE memory protection settings profi= le was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeSettings + ); + +#endif diff --git a/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConf= igLib.inf b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfi= gLib.inf new file mode 100644 index 000000000000..0ff431752901 --- /dev/null +++ b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.i= nf @@ -0,0 +1,35 @@ +## @file +# Parses the fw_cfg file for the DXE and MM memory protection settings pro= file. +# +# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D MemoryProtectionConfigLib + FILE_GUID =3D 865BFF85-CC3A-43E7-82E1-36E1894BC8EF + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D MemoryProtectionConfigLib|SEC PEI_COR= E PEIM + +# +# The following information is for reference only and not required by the = build +# tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 +# + +[Sources] + MemoryProtectionConfigLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + QemuFwCfgSimpleParserLib diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index e3861e5c1b39..126be04ca302 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -42,6 +42,10 @@ [LibraryClasses] # MemEncryptTdxLib|Include/Library/MemEncryptTdxLib.h =20 + ## @libraryclass Declares helper functions for parsing fw_cfg for + # the memory protection profile strings + MemoryProtectionConfigLib|Include/Library/MemoryProtectionConfigLib.h + ## @libraryclass Handle TPL changes within nested interrupt handlers # NestedInterruptTplLib|Include/Library/NestedInterruptTplLib.h --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108884): https://edk2.groups.io/g/devel/message/108884 Mute This Topic: https://groups.io/mt/101469962/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108885+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108885+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171502; cv=none; d=zohomail.com; s=zohoarc; b=Xo/DfQLalRbS4FoTWs1dHqio+2gSjAhDJMZQ8MVxo1iblZMBXHTZZgXYevcTV5KeVaUG4M2+9kKWFhGkhyjJyhU/wqGXEYl/NmBSdPj2v7TCSd0ONY+8JA9opv1yZbVN1Ttb8acWMrFCRgBqbK/UMGhUlQi6Wbl0Agi/Xmqn2Ug= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171502; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=+qEn/2jBWUUq7uo2sTW659ZcnA8ckgjFjB3yHoTGyM4=; b=U7Ty5CfYb4uCg/OffvwvA4GQV6F5HYQF8jKZhKN2tLaZ3hfQOuA3Powekdlv2seYLtNZl4K7DTtrOCHd4Al1tcuN05sX8kE3h/ngQO9Y5qLFbvpaOaF28X9d462n7xa68gy1R9TSnR64M4sBJQR8CpbxrM7qc4NBdYMty2JOA20= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108885+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171502109339.64080602431864; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=zcLqPpf8mrNvXEG8tSge3+UfOw1u+7/XwAQuqD+Am78=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1695171501; v=1; b=lGqQHwwTNnE1zmMtT0g9qnQqbnX6XEM7IaCcdFEq95kbfLiilUTaaqD5NyQK5PsiiNyrarkl OFz462Nzbh2GMOtoAy2iCCtPlErCNRp8LUkHI6xjat4zNQemUC5X/eDAJm+5D6jAhNZPVJuWz7M d1p8v1irHromtWoeNtkYCg/c= X-Received: by 127.0.0.2 with SMTP id yQIKYY1788612xqag46F4WZY; Tue, 19 Sep 2023 17:58:21 -0700 X-Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web10.26796.1695171501187767335 for ; Tue, 19 Sep 2023 17:58:21 -0700 X-Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-1bf55a81eeaso47479735ad.0 for ; Tue, 19 Sep 2023 17:58:21 -0700 (PDT) X-Gm-Message-State: cOH6lbUtMCmEHCMaZzGn5WEix1787277AA= X-Google-Smtp-Source: AGHT+IGpfdXugHHvI9uix/D15k399k7tW9UFynyQxuc4IGSl7XE1icH0O8gwn+040SIR0bBf0NzWZg== X-Received: by 2002:a17:902:bd8a:b0:1b9:c68f:91a5 with SMTP id q10-20020a170902bd8a00b001b9c68f91a5mr947938pls.6.1695171500424; Tue, 19 Sep 2023 17:58:20 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:20 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Rebecca Cran , Peter Grehan , =?UTF-8?q?Corvin=20K=C3=B6hne?= Subject: [edk2-devel] [PATCH v4 23/28] OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg Date: Tue, 19 Sep 2023 17:57:46 -0700 Message-ID: <20230920005752.2041-24-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171504174100097 Now that the EDK2 tree uses GetMemoryProtectionsLib to query the platform memory protection settings, OvmfPkg can be updated to use QemuCfg to set the entire memory protection profile instead of just SetNxForStack. For example, the following will set the DXE memory protection to the RELEASE preset. -fw_cfg name=3Dopt/org.tianocore/DxeMemoryProtectionProfile,string=3Drelease The following will set the MM memory protection to the RELEASE preset. -fw_cfg name=3Dopt/org.tianocore/MmMemoryProtectionProfile,string=3Drelease For users of Stuart, DXE_MEMORY_PROTECTION_PROFILE=3Drelease and MM_MEMORY_PROTECTION_PROFILE=3Drelease are equivalent to the above examples. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Rebecca Cran Cc: Peter Grehan Cc: Corvin K=C3=B6hne --- OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c | 21 +++++++----- OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c | 13 +------- OvmfPkg/Library/PlatformInitLib/Platform.c | 15 --------- OvmfPkg/PlatformPei/IntelTdx.c | 2 -- OvmfPkg/PlatformPei/Platform.c | 35 ++++++++-----= ------- OvmfPkg/TdxDxe/TdxDxe.c | 7 ++-- OvmfPkg/Include/Library/PlatformInitLib.h | 13 -------- OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 2 +- OvmfPkg/PlatformCI/PlatformBuildLib.py | 8 +++++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + 10 files changed, 39 insertions(+), 78 deletions(-) diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c b/OvmfPkg/L= ibrary/PeilessStartupLib/PeilessStartup.c index cf645aad3246..2f8fd51f3fc5 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c @@ -20,7 +20,7 @@ #include #include #include -#include +#include #include #include #include @@ -109,18 +109,23 @@ InitializePlatform ( =20 PlatformMemMapInitialization (PlatformInfoHob); =20 - DxeSettings =3D DxeMemoryProtectionProfi= les[DxeMemoryProtectionSettingsPcd].Settings; - MmSettings =3D MmMemoryProtectionProfil= es[MmMemoryProtectionSettingsPcd].Settings; - DxeSettings.StackExecutionProtectionEnabled =3D PcdGetBool (PcdSetNxForS= tack); - QemuFwCfgParseBool ("opt/ovmf/PcdSetNxForStack", &DxeSettings.StackExecu= tionProtectionEnabled); + if (EFI_ERROR (ParseFwCfgDxeMemoryProtectionSettings (&DxeSettings))) { + DxeSettings =3D DxeMemoryProtectionProfiles[DxeMemoryProtectionSetting= sRelease].Settings; + } =20 - SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sPcd); - SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsPc= d); + if (EFI_ERROR (ParseFwCfgMmMemoryProtectionSettings (&MmSettings))) { + MmSettings =3D MmMemoryProtectionProfiles[MmMemoryProtectionSettingsOf= f].Settings; + } + + // Always disable NullPointerDetection in EndOfDxe phase for shim compat= ability + DxeSettings.NullPointerDetection.DisableEndOfDxe =3D TRUE; + + SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sRelease); + SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsOf= f); =20 if (TdIsEnabled ()) { PlatformInfoHob->PcdConfidentialComputingGuestAttr =3D CCAttrIntelTdx; PlatformInfoHob->PcdTdxSharedBitMask =3D TdSharedPageMas= k (); - PlatformInfoHob->PcdSetNxForStack =3D TRUE; } =20 PlatformMiscInitialization (PlatformInfoHob); diff --git a/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c b/OvmfPk= g/Library/PeilessStartupLib/X64/VirtualMemory.c index 41521e3d3d71..7ae9b5743810 100644 --- a/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c +++ b/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c @@ -53,18 +53,7 @@ IsSetNxForStack ( VOID ) { - EFI_HOB_GUID_TYPE *GuidHob; - EFI_HOB_PLATFORM_INFO *PlatformInfo; - - GuidHob =3D GetFirstGuidHob (&gUefiOvmfPkgPlatformInfoGuid); - if (GuidHob =3D=3D NULL) { - ASSERT (FALSE); - return FALSE; - } - - PlatformInfo =3D (EFI_HOB_PLATFORM_INFO *)GET_GUID_HOB_DATA (GuidHob); - - return PlatformInfo->PcdSetNxForStack; + return mMps.Dxe.StackExecutionProtectionEnabled; } =20 /** diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c b/OvmfPkg/Library/P= latformInitLib/Platform.c index f48bf16ae300..bc9becc4016e 100644 --- a/OvmfPkg/Library/PlatformInitLib/Platform.c +++ b/OvmfPkg/Library/PlatformInitLib/Platform.c @@ -249,21 +249,6 @@ PlatformMemMapInitialization ( PlatformInfoHob->PcdPciIoSize =3D PciIoSize; } =20 -/** - * Fetch "opt/ovmf/PcdSetNxForStack" from QEMU - * - * @param Setting The pointer to the setting of "/opt/ovmf/PcdSetNxFor= Stack". - * @return EFI_SUCCESS Successfully fetch the settings. - */ -EFI_STATUS -EFIAPI -PlatformNoexecDxeInitialization ( - IN OUT EFI_HOB_PLATFORM_INFO *PlatformInfoHob - ) -{ - return QemuFwCfgParseBool ("opt/ovmf/PcdSetNxForStack", &PlatformInfoHob= ->PcdSetNxForStack); -} - VOID PciExBarInitialization ( VOID diff --git a/OvmfPkg/PlatformPei/IntelTdx.c b/OvmfPkg/PlatformPei/IntelTdx.c index 3d625cabd844..1cb6729e56e6 100644 --- a/OvmfPkg/PlatformPei/IntelTdx.c +++ b/OvmfPkg/PlatformPei/IntelTdx.c @@ -48,7 +48,5 @@ IntelTdxInitialize ( PcdStatus =3D PcdSet64S (PcdTdxSharedBitMask, TdSharedPageMask ()); ASSERT_RETURN_ERROR (PcdStatus); =20 - PcdStatus =3D PcdSetBoolS (PcdSetNxForStack, TRUE); - ASSERT_RETURN_ERROR (PcdStatus); #endif } diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c index bcd8d3a1be14..0df1277f34c4 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c @@ -39,6 +39,7 @@ #include #include #include +#include =20 #include "Platform.h" =20 @@ -74,21 +75,6 @@ MemMapInitialization ( ASSERT_RETURN_ERROR (PcdStatus); } =20 -STATIC -VOID -NoexecDxeInitialization ( - IN OUT EFI_HOB_PLATFORM_INFO *PlatformInfoHob - ) -{ - RETURN_STATUS Status; - - Status =3D PlatformNoexecDxeInitialization (PlatformInfoHob); - if (!RETURN_ERROR (Status)) { - Status =3D PcdSetBoolS (PcdSetNxForStack, PlatformInfoHob->PcdSetNxFor= Stack); - ASSERT_RETURN_ERROR (Status); - } -} - static const UINT8 EmptyFdt[] =3D { 0xd0, 0x0d, 0xfe, 0xed, 0x00, 0x00, 0x00, 0x48, 0x00, 0x00, 0x00, 0x38, 0x00, 0x00, 0x00, 0x48, @@ -345,13 +331,19 @@ InitializePlatform ( =20 PublishPeiMemory (PlatformInfoHob); =20 - DxeSettings =3D DxeMemoryProtectionProfi= les[DxeMemoryProtectionSettingsPcd].Settings; - MmSettings =3D MmMemoryProtectionProfil= es[MmMemoryProtectionSettingsPcd].Settings; - DxeSettings.StackExecutionProtectionEnabled =3D PcdGetBool (PcdSetNxForS= tack); - QemuFwCfgParseBool ("opt/ovmf/PcdSetNxForStack", &DxeSettings.StackExecu= tionProtectionEnabled); + if (EFI_ERROR (ParseFwCfgDxeMemoryProtectionSettings (&DxeSettings))) { + DxeSettings =3D DxeMemoryProtectionProfiles[DxeMemoryProtectionSetting= sRelease].Settings; + } =20 - SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sPcd); - SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsPc= d); + if (EFI_ERROR (ParseFwCfgMmMemoryProtectionSettings (&MmSettings))) { + MmSettings =3D MmMemoryProtectionProfiles[MmMemoryProtectionSettingsOf= f].Settings; + } + + // Always disable NullPointerDetection in EndOfDxe phase for shim compat= ability + DxeSettings.NullPointerDetection.DisableEndOfDxe =3D TRUE; + + SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sRelease); + SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsOf= f); =20 PlatformQemuUc32BaseInitialization (PlatformInfoHob); =20 @@ -365,7 +357,6 @@ InitializePlatform ( PeiFvInitialization (PlatformInfoHob); MemTypeInfoInitialization (PlatformInfoHob); MemMapInitialization (PlatformInfoHob); - NoexecDxeInitialization (PlatformInfoHob); } =20 InstallClearCacheCallback (); diff --git a/OvmfPkg/TdxDxe/TdxDxe.c b/OvmfPkg/TdxDxe/TdxDxe.c index 30732f421bb6..5e497ba66227 100644 --- a/OvmfPkg/TdxDxe/TdxDxe.c +++ b/OvmfPkg/TdxDxe/TdxDxe.c @@ -131,15 +131,12 @@ SetPcdSettings ( =20 PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, PlatformInfo= Hob->PcdConfidentialComputingGuestAttr); ASSERT_RETURN_ERROR (PcdStatus); - PcdStatus =3D PcdSetBoolS (PcdSetNxForStack, PlatformInfoHob->PcdSetNxFo= rStack); - ASSERT_RETURN_ERROR (PcdStatus); =20 DEBUG (( DEBUG_INFO, - "HostBridgeDevId=3D0x%x, CCAttr=3D0x%x, SetNxForStack=3D%x\n", + "HostBridgeDevId=3D0x%x, CCAttr=3D0x%x\n", PlatformInfoHob->HostBridgeDevId, - PlatformInfoHob->PcdConfidentialComputingGuestAttr, - PlatformInfoHob->PcdSetNxForStack + PlatformInfoHob->PcdConfidentialComputingGuestAttr )); =20 PcdStatus =3D PcdSet32S (PcdCpuBootLogicalProcessorNumber, PlatformInfoH= ob->PcdCpuBootLogicalProcessorNumber); diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h b/OvmfPkg/Include/Li= brary/PlatformInitLib.h index 57b18b94d9b8..b2468f206321 100644 --- a/OvmfPkg/Include/Library/PlatformInitLib.h +++ b/OvmfPkg/Include/Library/PlatformInitLib.h @@ -32,7 +32,6 @@ typedef struct { UINT32 Uc32Base; UINT32 Uc32Size; =20 - BOOLEAN PcdSetNxForStack; UINT64 PcdTdxSharedBitMask; =20 UINT64 PcdPciMmio64Base; @@ -182,18 +181,6 @@ PlatformMemMapInitialization ( IN OUT EFI_HOB_PLATFORM_INFO *PlatformInfoHob ); =20 -/** - * Fetch "opt/ovmf/PcdSetNxForStack" from QEMU - * - * @param Setting The pointer to the setting of "/opt/ovmf/PcdSetNxFor= Stack". - * @return EFI_SUCCESS Successfully fetch the settings. - */ -EFI_STATUS -EFIAPI -PlatformNoexecDxeInitialization ( - IN OUT EFI_HOB_PLATFORM_INFO *PlatformInfoHob - ); - VOID EFIAPI PlatformMiscInitialization ( diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/Ovmf= Pkg/Library/PeilessStartupLib/PeilessStartupLib.inf index 47bd42d23d11..a6d7b53f52cf 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf @@ -57,7 +57,7 @@ [LibraryClasses] QemuFwCfgLib PlatformInitLib SetMemoryProtectionsLib - QemuFwCfgSimpleParserLib + MemoryProtectionConfigLib =20 [Guids] gEfiHobMemoryAllocModuleGuid diff --git a/OvmfPkg/PlatformCI/PlatformBuildLib.py b/OvmfPkg/PlatformCI/Pl= atformBuildLib.py index f829738cdda4..0d5d39c078d0 100644 --- a/OvmfPkg/PlatformCI/PlatformBuildLib.py +++ b/OvmfPkg/PlatformCI/PlatformBuildLib.py @@ -183,6 +183,8 @@ class PlatformBuilder( UefiBuilder, BuildSettingsManage= r): VirtualDrive =3D os.path.join(self.env.GetValue("BUILD_OUTPUT_BASE= "), "VirtualDrive") os.makedirs(VirtualDrive, exist_ok=3DTrue) OutputPath_FV =3D os.path.join(self.env.GetValue("BUILD_OUTPUT_BAS= E"), "FV") + DxeMemoryProtection =3D self.env.GetValue("DXE_MEMORY_PROTECTION_P= ROFILE", "") + MmMemoryProtection =3D self.env.GetValue("MM_MEMORY_PROTECTION_PRO= FILE", "") =20 if (self.env.GetValue("QEMU_SKIP") and self.env.GetValue("QEMU_SKIP").upper() =3D=3D "TRUE"): @@ -199,6 +201,12 @@ class PlatformBuilder( UefiBuilder, BuildSettingsManag= er): args +=3D " -smp 4" args +=3D f" -drive file=3Dfat:rw:{VirtualDrive},format=3Draw,medi= a=3Ddisk" # Mount disk with startup.nsh =20 + if (DxeMemoryProtection.lower() !=3D ""): + args +=3D " -fw_cfg name=3Dopt/org.tianocore/DxeMemoryProtecti= onProfile,string=3D" + DxeMemoryProtection.lower() + + if (MmMemoryProtection.lower() !=3D ""): + args +=3D " -fw_cfg name=3Dopt/org.tianocore/MmMemoryProtectio= nProfile,string=3D" + MmMemoryProtection.lower() + if (self.env.GetValue("QEMU_HEADLESS").upper() =3D=3D "TRUE"): args +=3D " -display none" # no graphics =20 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index 6b8442d12b2c..fbaa6bdc8ee5 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -66,6 +66,7 @@ [LibraryClasses] CcExitLib PlatformInitLib SetMemoryProtectionsLib + MemoryProtectionConfigLib =20 [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108885): https://edk2.groups.io/g/devel/message/108885 Mute This Topic: https://groups.io/mt/101469963/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108886+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108886+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171502; cv=none; d=zohomail.com; s=zohoarc; b=Z7gCSadWPjIC3Fym+1pks0N2Hf2s6xcg0wXS0Unx+tKcXTPE9KKf8rt7KClQZW3dQ/H4Drml7sgxbJqlv5hDhrbN/419NJYaD5vcAgpDHtWnC1Vk9AeN5JtmkdNc5Y4iCmRHUNBJ/5vONKsAhr/nxTkLBGTHWnr+lCXNy5L10uE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171502; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=qTzmxbucWSsR1KOh2nEMJAULW4UVc/mew+U09+P/Ouc=; b=eo9pYPMm4UjQ60gugCB/TImg9YP6+5dbZWjKkZUc0D787LFxm0bKXkr0OYSTY2f7h5+b/XX0CAqI+QFJif17xqeNV4D/qQCyAwQ/RD4Mhc5hetjzmz1mG03wwfq0jtVt6bSHR0RGaJN5EjU/e6nvUiyfdAo/BWT4Otbp5rt+3v8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108886+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171502475694.7982036579784; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=v0eTZ1muzNfu9OdzcG1KgOBuKLpdi153b1m2QKxYgrw=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171502; v=1; b=VICCYwA7y4phCs++0Ju9jt7AaTNsJByIaCgFwBpz4YckzWue3Dl/C2MvGumtcKrRmnlRNDOA x2dnectUoJ9MWkd84Z7eW03w0ossq96S6dBlc2MNwMJGY0kDwwACm0yXWRsOf6H7IjRqmqfMA+P UuxDH8NOH10IxFd1E18csQyw= X-Received: by 127.0.0.2 with SMTP id V917YY1788612xiQdukonL8U; Tue, 19 Sep 2023 17:58:22 -0700 X-Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web11.26932.1695171501538954980 for ; Tue, 19 Sep 2023 17:58:21 -0700 X-Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-1c44c7dbaf9so36873965ad.1 for ; Tue, 19 Sep 2023 17:58:21 -0700 (PDT) X-Gm-Message-State: Bee90ku1I25DObHpJ1V3fX0ex1787277AA= X-Google-Smtp-Source: AGHT+IG0CWzbdQshRoay+uFzlo8fZ49vzHnNTPIfN7QNnFew57to8+hhxowfn3aZgiEB3tBdNmFnDA== X-Received: by 2002:a17:902:d4c4:b0:1bf:2e5c:7367 with SMTP id o4-20020a170902d4c400b001bf2e5c7367mr1272881plg.42.1695171500956; Tue, 19 Sep 2023 17:58:20 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:20 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 24/28] ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:47 -0700 Message-ID: <20230920005752.2041-25-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171504508100103 Content-Type: text/plain; charset="utf-8" Set the memory protections on Arm virtual platforms. Because the QemuFg parser is not currently available in ArmVirtPkg, use the RELEASE profile by default. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann --- ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c | 11 +++++++++-- ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf | 1 + 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c b/ArmVirtPkg/MemoryI= nitPei/MemoryInitPeim.c index ef88a9df1d62..90718d05abe8 100644 --- a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c +++ b/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -76,8 +77,9 @@ InitializeMemory ( IN CONST EFI_PEI_SERVICES **PeiServices ) { - UINTN UefiMemoryBase; - EFI_STATUS Status; + UINTN UefiMemoryBase; + EFI_STATUS Status; + DXE_MEMORY_PROTECTION_SETTINGS DxeSettings; =20 ASSERT (FixedPcdGet64 (PcdSystemMemoryBase) < (UINT64)MAX_ALLOC_ADDRESS); =20 @@ -100,5 +102,10 @@ InitializeMemory ( ); ASSERT_EFI_ERROR (Status); =20 + DxeSettings =3D DxeMemoryProtection= Profiles[DxeMemoryProtectionSettingsRelease].Settings; + DxeSettings.NullPointerDetection.DisableEndOfDxe =3D TRUE; + + SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSetting= sRelease); + return Status; } diff --git a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf b/ArmVirtPkg/Memor= yInitPei/MemoryInitPeim.inf index 2039f71a0ebe..d13325a89e14 100644 --- a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf +++ b/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf @@ -34,6 +34,7 @@ [LibraryClasses] ArmLib ArmPlatformLib MemoryInitPeiLib + SetMemoryProtectionsLib =20 [Guids] gEfiMemoryTypeInformationGuid --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108886): https://edk2.groups.io/g/devel/message/108886 Mute This Topic: https://groups.io/mt/101469964/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108887+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108887+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171503; cv=none; d=zohomail.com; s=zohoarc; b=jRTEdaFRdfN37WTw3gN6tgCzrIyn461fgkzKin4+99U1BX4jHc3SfmvS6CmAfHIQN3RBgjJxt5dENaleaPss0wOeaPdqgty5brNRyXghHKXw39iiURT6+rEPVW2nB/RVp5jCykPevZ1TCQ5tM3+hqxSGp1PASkzIibUzdWK7NzI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171503; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=b1QXDx6DjLV54JvcR+hCztOYsqLaPh9ONSVGqiqBy+8=; b=lM7wBOn/zoIWdB7d/MW3i+bmDifLtUc9YPryyPKY8pmnK7KGCv6ZQiNllmV1ZhpoE0SOontS2WdCP7r3Vj8nhl2JDPWbXa/JDjVfvx0T7CaXaCJR0UiLo87c/FfN+Mxsgiavz3RyBL18eSxVtK3cv0rnSBdG9MSY0DhnGmGqWHM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108887+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171503044613.1064553649063; Tue, 19 Sep 2023 17:58:23 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=Eurq6u77bZnzxrsqVkN+y4G343BXUXTTo1i0l2f5YUw=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171502; v=1; b=CA1SvKtWCIVnnnieS02+RlbCfdtvjNURYIrGI/mw0Ecu+2G1TNv/PehhvA+sl2ACqAzFqvyT TpI/JR+Z7aE7fblYA3fzq1FRtGK19iVJ8pRTevO3MbWQpTroTQEOglJv55eSeB3q9oRkuBzFXRk wi7i7GbzKQzG/DP/aaOLQkwc= X-Received: by 127.0.0.2 with SMTP id YWolYY1788612xdua0sn5hKE; Tue, 19 Sep 2023 17:58:22 -0700 X-Received: from mail-pl1-f173.google.com (mail-pl1-f173.google.com [209.85.214.173]) by mx.groups.io with SMTP id smtpd.web10.26797.1695171502210292371 for ; Tue, 19 Sep 2023 17:58:22 -0700 X-Received: by mail-pl1-f173.google.com with SMTP id d9443c01a7336-1bf55a81eeaso47479845ad.0 for ; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) X-Gm-Message-State: BaO0YDPNigMpVsHaHl93wtCjx1787277AA= X-Google-Smtp-Source: AGHT+IGO2HJRqyZakDhnTD9KGkrHY/H74Ph/c9rvK/dd0FrItPBYQF/yOq4XtG7SwJIEsagfUkG+9Q== X-Received: by 2002:a17:902:ab54:b0:1c3:eb95:2d27 with SMTP id ij20-20020a170902ab5400b001c3eb952d27mr917708plb.48.1695171501450; Tue, 19 Sep 2023 17:58:21 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:21 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 25/28] MdeModulePkg: Delete PCD Profile from SetMemoryProtectionsLib Date: Tue, 19 Sep 2023 17:57:48 -0700 Message-ID: <20230920005752.2041-26-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171503497100094 Content-Type: text/plain; charset="utf-8" Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the PCD profile to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c |= 174 +------------------- MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h |= 2 - MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf |= 11 -- 3 files changed, 4 insertions(+), 183 deletions(-) diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.c b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtection= sLib.c index 5f054504b75e..5d5c7b9f37b2 100644 --- a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c @@ -10,7 +10,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include -#include #include =20 #pragma pack(1) @@ -249,99 +248,6 @@ typedef struct { } \ } =20 -// -// A memory profile which uses the fixed at build PCDs defined in MdeModu= lePkg.dec -// -#define DXE_MEMORY_PROTECTION_SETTINGS_PCD = \ -{ = \ - DXE_MEMORY_PROTECTION_SIGNATURE, = \ - DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, = \ - FixedPcdGetBool (PcdCpuStackGuard), /* Stack Guard */ = \ - TRUE, /* Stack Execution Protection (MUST = BE POPULATED) */ \ - { /* NULL Pointer Detection */ = \ - .Enabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT0) !=3D 0), \ - .DisableEndOfDxe =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT7) !=3D 0), \ - .NonstopModeEnabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT6) !=3D 0) \ - }, = \ - { /* Image Protection */ = \ - .ProtectImageFromUnknown =3D ((FixedPcdGet32 (PcdImageProtectionPolicy= ) & BIT0) !=3D 0), \ - .ProtectImageFromFv =3D ((FixedPcdGet32 (PcdImageProtectionPolicy= ) & BIT1) !=3D 0) \ - }, = \ - { /* Execution Protection */ = \ - .EnabledForType =3D { = \ - [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiReservedMemoryType) !=3D 0), \ - [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiLoaderCode) !=3D 0), \ - [EfiLoaderData] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiLoaderData) !=3D 0), \ - [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiBootServicesCode) !=3D 0), \ - [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiBootServicesData) !=3D 0), \ - [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiRuntimeServicesCode) !=3D 0), \ - [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiRuntimeServicesData) !=3D 0), \ - [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiConventionalMemory) !=3D 0), \ - [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiUnusableMemory) !=3D 0), \ - [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiACPIReclaimMemory) !=3D 0), \ - [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiACPIMemoryNVS) !=3D 0), \ - [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiMemoryMappedIO) !=3D 0), \ - [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiMemoryMappedIOPortSpace) !=3D 0), \ - [EfiPalCode] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiPalCode) !=3D 0), \ - [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiPersistentMemory) !=3D 0), \ - [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & EfiUnacceptedMemoryType) !=3D 0), \ - [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & BIT62) !=3D 0), \ - [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdDxeNxM= emoryProtectionPolicy) & BIT63) !=3D 0) \ - } = \ - }, = \ - { /* Heap Guard */ = \ - .PageGuardEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT0) !=3D 0), \ - .PoolGuardEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT1) !=3D 0), \ - .FreedMemoryGuardEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT4) !=3D 0), \ - .NonstopModeEnabled =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT6) !=3D 0), \ - .GuardAlignedToTail =3D ((FixedPcdGet8 (PcdHeapGua= rdPropertyMask) & BIT7) =3D=3D 0) \ - }, = \ - { /* Pool Guard */ = \ - .EnabledForType =3D { = \ - [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiReservedMemoryType) !=3D 0), \ - [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderCode) !=3D 0), \ - [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderData) !=3D 0), \ - [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesCode) !=3D 0), \ - [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesData) !=3D 0), \ - [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesCode) !=3D 0), \ - [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesData) !=3D 0), \ - [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiConventionalMemory) !=3D 0), \ - [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnusableMemory) !=3D 0), \ - [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIReclaimMemory) !=3D 0), \ - [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIMemoryNVS) !=3D 0), \ - [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIO) !=3D 0), \ - [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ - [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPalCode) !=3D 0), \ - [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPersistentMemory) !=3D 0), \ - [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnacceptedMemoryType) !=3D 0), \ - [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT62) !=3D 0), \ - [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT63) !=3D 0) \ - } = \ - }, = \ - { /* Page Guard */ = \ - .EnabledForType =3D { = \ - [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiReservedMemoryType) !=3D 0), \ - [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderCode) !=3D 0), \ - [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderData) !=3D 0), \ - [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesCode) !=3D 0), \ - [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesData) !=3D 0), \ - [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesCode) !=3D 0), \ - [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesData) !=3D 0), \ - [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiConventionalMemory) !=3D 0), \ - [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnusableMemory) !=3D 0), \ - [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIReclaimMemory) !=3D 0), \ - [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIMemoryNVS) !=3D 0), \ - [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIO) !=3D 0), \ - [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ - [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPalCode) !=3D 0), \ - [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPersistentMemory) !=3D 0), \ - [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnacceptedMemoryType) !=3D 0), \ - [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT62) !=3D 0), \ - [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT63) !=3D 0) \ - } = \ - } = \ -} - // // A memory profile which disables all DXE memory protection settings. // @@ -482,69 +388,6 @@ typedef struct { } \ } =20 -// -// A memory profile which uses the fixed at build PCDs defined in MdeModu= lePkg.dec -// -#define MM_MEMORY_PROTECTION_SETTINGS_PCD = \ -{ = \ - MM_MEMORY_PROTECTION_SIGNATURE, = \ - MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, = \ - { /* NULL Pointer Detection */ = \ - .Enabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT1) !=3D 0), \ - .NonstopModeEnabled =3D ((FixedPcdGet8 (PcdNullPointerDetectionPropert= yMask) & BIT6) !=3D 0) \ - }, = \ - { /* Heap Guard */ = \ - .PageGuardEnabled =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT2) !=3D 0), \ - .PoolGuardEnabled =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT3) !=3D 0), \ - .NonstopModeEnabled =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT6) !=3D 0), \ - .GuardAlignedToTail =3D ((FixedPcdGet8(PcdHeapGuar= dPropertyMask) & BIT7) =3D=3D 0) \ - }, = \ - { /* Pool Guard */ = \ - .EnabledForType =3D { = \ - [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiReservedMemoryType) !=3D 0), \ - [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderCode) !=3D 0), \ - [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiLoaderData) !=3D 0), \ - [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesCode) !=3D 0), \ - [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiBootServicesData) !=3D 0), \ - [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesCode) !=3D 0), \ - [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiRuntimeServicesData) !=3D 0), \ - [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiConventionalMemory) !=3D 0), \ - [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnusableMemory) !=3D 0), \ - [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIReclaimMemory) !=3D 0), \ - [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiACPIMemoryNVS) !=3D 0), \ - [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIO) !=3D 0), \ - [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ - [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPalCode) !=3D 0), \ - [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiPersistentMemory) !=3D 0), \ - [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & EfiUnacceptedMemoryType) !=3D 0), \ - [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT62) !=3D 0), \ - [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPoolType) & BIT63) !=3D 0) \ - } = \ - }, = \ - { /* Page Guard */ = \ - .EnabledForType =3D { = \ - [EfiReservedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiReservedMemoryType) !=3D 0), \ - [EfiLoaderCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderCode) !=3D 0), \ - [EfiLoaderData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiLoaderData) !=3D 0), \ - [EfiBootServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesCode) !=3D 0), \ - [EfiBootServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiBootServicesData) !=3D 0), \ - [EfiRuntimeServicesCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesCode) !=3D 0), \ - [EfiRuntimeServicesData] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiRuntimeServicesData) !=3D 0), \ - [EfiConventionalMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiConventionalMemory) !=3D 0), \ - [EfiUnusableMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnusableMemory) !=3D 0), \ - [EfiACPIReclaimMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIReclaimMemory) !=3D 0), \ - [EfiACPIMemoryNVS] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiACPIMemoryNVS) !=3D 0), \ - [EfiMemoryMappedIO] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIO) !=3D 0), \ - [EfiMemoryMappedIOPortSpace] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiMemoryMappedIOPortSpace) !=3D 0), \ - [EfiPalCode] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPalCode) !=3D 0), \ - [EfiPersistentMemory] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiPersistentMemory) !=3D 0), \ - [EfiUnacceptedMemoryType] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & EfiUnacceptedMemoryType) !=3D 0), \ - [OEM_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT62) !=3D 0), \ - [OS_RESERVED_MPS_MEMORY_TYPE] =3D ((FixedPcdGet64 (PcdHeapGu= ardPageType) & BIT63) !=3D 0) \ - } = \ - } = \ -} - // // A memory profile which disables all MM memory protection settings. // @@ -586,11 +429,6 @@ DXE_MEMORY_PROTECTION_PROFILES DxeMemoryProtectionPro= files[DxeMemoryProtectionS .Description =3D "Release profile without page guards recommended for = performance sensitive production scenarios", .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_PROD_MODE_NO_PAGE_GUAR= DS }, - [DxeMemoryProtectionSettingsPcd] =3D { - .Name =3D "Pcd", - .Description =3D "Memory protection settings from PCDs", - .Settings =3D DXE_MEMORY_PROTECTION_SETTINGS_PCD - }, [DxeMemoryProtectionSettingsOff] =3D { .Name =3D "Off", .Description =3D "Disables all memory protection settings", @@ -609,11 +447,6 @@ MM_MEMORY_PROTECTION_PROFILES MmMemoryProtectionProfi= les[MmMemoryProtectionSett .Description =3D "Release profile recommended for production scenarios= ", .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_PROD_MODE }, - [MmMemoryProtectionSettingsPcd] =3D { - .Name =3D "Pcd", - .Description =3D "Memory protection settings from PCDs", - .Settings =3D MM_MEMORY_PROTECTION_SETTINGS_PCD - }, [MmMemoryProtectionSettingsOff] =3D { .Name =3D "Off", .Description =3D "Disables all memory protection settings", @@ -648,9 +481,10 @@ GetOrCreateMemoryProtectionSettings ( } =20 ZeroMem (&Mpsp, sizeof (Mpsp)); - Mpsp.Mps.Dxe =3D DxeMemoryProtectionProf= iles[DxeMemoryProtectionSettingsPcd].Settings; - Mpsp.Mps.Mm =3D MmMemoryProtectionProfi= les[MmMemoryProtectionSettingsPcd].Settings; - Mpsp.Mps.Dxe.StackExecutionProtectionEnabled =3D PcdGetBool (PcdSetNxFor= Stack); + Mpsp.Mps.Dxe.StructVersion =3D DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VE= RSION; + Mpsp.Mps.Dxe.Signature =3D DXE_MEMORY_PROTECTION_SIGNATURE; + Mpsp.Mps.Mm.StructVersion =3D MM_MEMORY_PROTECTION_SETTINGS_CURRENT_VER= SION; + Mpsp.Mps.Mm.Signature =3D MM_MEMORY_PROTECTION_SIGNATURE; =20 Ptr =3D BuildGuidDataHob ( &gMemoryProtectionSettingsGuid, diff --git a/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h b/MdeMo= dulePkg/Include/Library/SetMemoryProtectionsLib.h index f4665130b0b3..0b6495c3cc3a 100644 --- a/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h +++ b/MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h @@ -21,7 +21,6 @@ typedef enum { DxeMemoryProtectionSettingsRelease, DxeMemoryProtectionSettingsReleaseNoPageGuards, DxeMemoryProtectionSettingsOff, - DxeMemoryProtectionSettingsPcd, DxeMemoryProtectionSettingsMax } DXE_MEMORY_PROTECTION_PROFILE_INDEX; =20 @@ -35,7 +34,6 @@ typedef enum { MmMemoryProtectionSettingsDebug =3D 0, MmMemoryProtectionSettingsRelease, MmMemoryProtectionSettingsOff, - MmMemoryProtectionSettingsPcd, MmMemoryProtectionSettingsMax } MM_MEMORY_PROTECTION_PROFILE_INDEX; =20 diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.inf b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtecti= onsLib.inf index 2e4a9a66ac68..830d151a8378 100644 --- a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.= inf +++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.= inf @@ -29,17 +29,6 @@ [LibraryClasses] BaseLib HobLib DebugLib - PcdLib - -[Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy =20 [Guids] gMemoryProtectionSettingsGuid --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108887): https://edk2.groups.io/g/devel/message/108887 Mute This Topic: https://groups.io/mt/101469965/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108888+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108888+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171503; cv=none; d=zohomail.com; s=zohoarc; b=g7rSp4NivRDMHj07TR3HMyjcKtiLC0bpW8ogPr9b7bamwgwoo6/0G9TtjW6aFxjB3Ei2XAhjvflv2eaZm2cdQ8pJkKAU7i8aFnW3Cq2N2Pd+bYPQhWQH/oEisP60eg7ZMDePKD3COYjYxROKnzh8+l9qllb7OCJxdUf8zxfERN0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171503; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=DZAVlMkV/E9L++/GN/fUs/MrfWpfo5oi9rI+E5CQoiM=; b=CAfvSsR55+KEU9O9VFpcbfegHkauZe6YkHID7Y8mLpU7BZQOC4LmHL28odAZL77zzpbfs0T1vXf1OflJ3PypL17NzCii/vpaFXP2wM8/UXdRSG12+tpwUsCH9yLGX1gZMBctFoleKIbA4vnKMzrFxc+Zl6m9lPOzcyI9M/WMf9I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108888+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171503917895.3833379910474; Tue, 19 Sep 2023 17:58:23 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=aRnTT6rxGXGKxx8vvo3wSfH33hBZHSJYbEq8zJo5Trc=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1695171503; v=1; b=KGeIzkw8G4mCvv/973DufQ1rmWdHOjnzcX0hTdQGXHLQ3gom2Unej2pOMvZDesw2q0JyXBoY VXKL90UXjeMcYwgGnHy6IZKDiwzp1pyBYPLz1uVlBdShwsCi6lpoO8LM9wAMaj6j6YW9LNH0tDr wdGA8TekxUNuxwzxXk2nVgj0= X-Received: by 127.0.0.2 with SMTP id KEBAYY1788612x4oLE4zRxoc; Tue, 19 Sep 2023 17:58:23 -0700 X-Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web11.26933.1695171502969592259 for ; Tue, 19 Sep 2023 17:58:23 -0700 X-Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-68fac16ee5fso5464141b3a.1 for ; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) X-Gm-Message-State: s7042Ziq7Ac651Ee2sUBbjQCx1787277AA= X-Google-Smtp-Source: AGHT+IEMwjPMFbpvvRe4v1UfHPqa0Lp44jOmQPIGmYnJrJnQ3BWUa+634ihkPz+x2jOKe2QYxrpvfQ== X-Received: by 2002:a05:6a20:970c:b0:153:5dd1:219f with SMTP id hr12-20020a056a20970c00b001535dd1219fmr952975pzc.31.1695171502230; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:21 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Rebecca Cran , Peter Grehan , =?UTF-8?q?Corvin=20K=C3=B6hne?= , Jianyong Wu , Anatol Belski , Anthony Perard , Julien Grall , Erdem Aktas , James Bottomley , Min Xu , Tom Lendacky , Michael Roth , Sunil V L , Andrei Warkentin Subject: [edk2-devel] [PATCH v4 26/28] OvmfPkg: Delete Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:49 -0700 Message-ID: <20230920005752.2041-27-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171505648100108 Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Rebecca Cran Cc: Peter Grehan Cc: Corvin K=C3=B6hne Cc: Jianyong Wu Cc: Anatol Belski Cc: Anthony Perard Cc: Julien Grall Cc: Erdem Aktas Cc: James Bottomley Cc: Min Xu Cc: Tom Lendacky Cc: Michael Roth Cc: Sunil V L Cc: Andrei Warkentin --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 --- OvmfPkg/Bhyve/BhyveX64.dsc | 3 --- OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf | 1 - OvmfPkg/CloudHv/CloudHvX64.dsc | 3 --- OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 --- OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 1 - OvmfPkg/Microvm/MicrovmX64.dsc | 3 --- OvmfPkg/OvmfPkgIa32.dsc | 3 --- OvmfPkg/OvmfPkgIa32X64.dsc | 3 --- OvmfPkg/OvmfPkgX64.dsc | 3 --- OvmfPkg/OvmfXen.dsc | 3 --- OvmfPkg/PlatformPei/PlatformPei.inf | 1 - OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc | 13 ------------- OvmfPkg/TdxDxe/TdxDxe.inf | 1 - 14 files changed, 44 deletions(-) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index b67b50b833b9..46a74e4f8ee8 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -516,9 +516,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc index 5af5831196f6..21baa47d2526 100644 --- a/OvmfPkg/Bhyve/BhyveX64.dsc +++ b/OvmfPkg/Bhyve/BhyveX64.dsc @@ -550,9 +550,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000 diff --git a/OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf b/OvmfPkg/Bhyve/Plat= formPei/PlatformPei.inf index 07570d4e30ca..07f032941404 100644 --- a/OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf @@ -89,7 +89,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index c550ebcd659e..b8d643dfda3c 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -600,9 +600,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index a3370f45940c..513727ae98ff 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -511,9 +511,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/Ovmf= Pkg/Library/PeilessStartupLib/PeilessStartupLib.inf index a6d7b53f52cf..009bee69e405 100644 --- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf +++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf @@ -79,7 +79,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplBuildPageTables ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIM= ES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ##= CONSUMES gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootSupported diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index da5a4862bfdc..78f2ab64a60d 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -623,9 +623,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index d4d14b69ef1d..0f2b1812a821 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -634,9 +634,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 674010323df1..6180d267067a 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -652,9 +652,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 08b70d76d292..937488b043f4 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -670,9 +670,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # UefiCpuPkg PCDs related to initial AP bringup and general AP managemen= t. gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0 diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index d80e20a151d7..e3631202238b 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -506,9 +506,6 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE =20 - # Noexec settings for DXE. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE - # Set memory encryption mask gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index fbaa6bdc8ee5..3085f4f46a50 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -104,7 +104,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase diff --git a/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc b/OvmfPkg/RiscVVirt/RiscVV= irt.dsc.inc index fe320525153f..57304c40766a 100644 --- a/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc +++ b/OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc @@ -271,19 +271,6 @@ [PcdsFixedAtBuild.common] gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20 gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0 =20 - # - # Enable strict image permissions for all images. (This applies - # only to images that were built with >=3D 4 KB section alignment.) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 - - # - # Enable NX memory protection for all non-code regions, including OEM an= d OS - # reserved ones, with the exception of LoaderData regions, of which OS l= oaders - # (i.e., GRUB) may assume that its contents are executable. - # - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC0000000= 00007FD5 - [Components.common] # # Ramdisk support diff --git a/OvmfPkg/TdxDxe/TdxDxe.inf b/OvmfPkg/TdxDxe/TdxDxe.inf index 9793562884c7..42317228c1aa 100644 --- a/OvmfPkg/TdxDxe/TdxDxe.inf +++ b/OvmfPkg/TdxDxe/TdxDxe.inf @@ -68,6 +68,5 @@ [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptPageSize --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108888): https://edk2.groups.io/g/devel/message/108888 Mute This Topic: https://groups.io/mt/101469966/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108889+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108889+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171504; cv=none; d=zohomail.com; s=zohoarc; b=kQlJu8i3/eAFCF89WWHKKOKi1eOyn5Gjrazuh5Uk6DzeXwJITv63VTIl5cpZP+rAg4n+MOk+Cp6fnHla2UeCAXR15UOjfJDow6wlISGFsxVOtqyjuyT1HoESHgiqoVjdGa3i2jcJ27FDFv/gkMGzbwHOODklRGJ9Lm2mlOFaWB4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171504; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=TA+ay0NQMpxTpiuwyrGlYsKLNR4v0rxSgV3OqgLHsmY=; b=E/DAfJVy84BasIbrSaaQW+Nas8vDEupUCWKlY8PqSnOgr7bvj9TQfunsT5MwdjTX15Ckg23V2On1xn0MKo/FiOzYvBW40D8tiEwKzq1uFfz/Z/4HKbZLxo6nCTXo8ikgk9W8qOQ6LyCLmrngWdpczi4Orq9Nbbzxz4fekrJdJwE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108889+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171504487953.550287393578; Tue, 19 Sep 2023 17:58:24 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=z90ab16z4hKu8l2epu1ESTAoQ6hmJUDvxTVKtpY6zhs=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171504; v=1; b=QJa6N4tc4DQ3Kk5s5A2YTghGqPPgnKfZ7DJ2eFtNj2Ah4DtSQts9zu0jV8NveIzzbpdoj3n3 B8AqeZPmob/Cr9T1B2pP5kj78k9HV2h68HApnHWPHbNsSAE2JEeIvzmjMTeWG2XoJONpwEMI5Im Dzpm3F8x86HWVUJpf6/gLF0U= X-Received: by 127.0.0.2 with SMTP id mfSGYY1788612xyrUTOnhJYe; Tue, 19 Sep 2023 17:58:24 -0700 X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web11.26934.1695171503626976523 for ; Tue, 19 Sep 2023 17:58:23 -0700 X-Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1c3cbfa40d6so56349935ad.1 for ; Tue, 19 Sep 2023 17:58:23 -0700 (PDT) X-Gm-Message-State: 37k5ULSZFVLynEJ8kZOmTR9Tx1787277AA= X-Google-Smtp-Source: AGHT+IEP6+gylEUExN30vi+ko3bd/3H0Bu6pL9QZrTtmebudf1c+TMdj80NuTHmlOUJ7bhx7bdUNNw== X-Received: by 2002:a17:902:b710:b0:1c5:be64:2c86 with SMTP id d16-20020a170902b71000b001c5be642c86mr55794pls.10.1695171502967; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:22 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 27/28] ArmVirtPkg: Delete Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:50 -0700 Message-ID: <20230920005752.2041-28-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171506506100115 Content-Type: text/plain; charset="utf-8" Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann --- ArmVirtPkg/ArmVirt.dsc.inc | 15 --------------- ArmVirtPkg/ArmVirtCloudHv.dsc | 5 ----- ArmVirtPkg/ArmVirtQemu.dsc | 5 ----- 3 files changed, 25 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index f76601503cd9..9b9d18a6e6c1 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -360,21 +360,6 @@ [PcdsFixedAtBuild.common] gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20 gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0 =20 - # - # Enable strict image permissions for all images. (This applies - # only to images that were built with >=3D 4 KB section alignment.) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 - - # - # Enable NX memory protection for all non-code regions, including OEM an= d OS - # reserved ones, with the exception of LoaderData regions, of which OS l= oaders - # (i.e., GRUB) may assume that its contents are executable. - # - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC0000000= 00007FD5 - - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE - [Components.common] # # Ramdisk support diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc index 2cb89ce10cf6..c87b71ccc28e 100644 --- a/ArmVirtPkg/ArmVirtCloudHv.dsc +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc @@ -140,11 +140,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 =20 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE # override the default values from SecurityPkg to ensure images from all= sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 30e3cfc8b9cc..7dedbd912b2c 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -212,11 +212,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 =20 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE # override the default values from SecurityPkg to ensure images from all= sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108889): https://edk2.groups.io/g/devel/message/108889 Mute This Topic: https://groups.io/mt/101469967/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 11:28:35 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108890+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108890+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171505; cv=none; d=zohomail.com; s=zohoarc; b=fk/yBbL54b2N2BnihjiCQka4O4KTYl/mLHHTGo5g8/7zbKZA4+w4eO9wDgO4pN0zkIHp6Xhr3Vk9sfsYK32ntF0xBe173kkoMvWLNKwDka9fUg7q9QjDWcw+KR8OgfF+tTTx8MC8F157YWmCT1u4TfoNzjQHNin2vHcuoTdWeGg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171505; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=X8PHm2eZxbibzcAFr3fZh/0hMTaLEDMgDnIJdYTlur0=; b=NjMLAUxVqNnOplPCrI/IkGgZ9HMaYl8sV4ZdOY0XNwNYx6wwRt44W777GDUjU81xKxObvqV6WBWR7K/FluybfQMbSiikCdBF3u711iLVXRXwJb4lycuqFbHety5kBQA3IRZzzBiHBbjNUSqFQVn4mcDB6Bwv7WBvd4qUw8k3vVw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108890+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171505533433.0244517500148; Tue, 19 Sep 2023 17:58:25 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=KyamjO+/hWzpyGeGemo4on87yVbaXtGQSHxQw+lArBE=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171505; v=1; b=dn63XYqzWBufpL3kEjxFpsPKC2rTX190Ohp+515WJo/rwmrQfdW4TdUusvPdE9XPtfq3rBc4 LfWy4//l25VjIKu1I5XuaCFffgpQnVeMk8klvEOYf/fno6LNukdPpWFG8UUMaqhn1ze0gnzRllO yTattcnlKZQhuRNneHequXtQ= X-Received: by 127.0.0.2 with SMTP id 250nYY1788612xLOQ4bVGkTI; Tue, 19 Sep 2023 17:58:25 -0700 X-Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web11.26935.1695171504550013906 for ; Tue, 19 Sep 2023 17:58:24 -0700 X-Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-1c3cbfa40d6so56350085ad.1 for ; Tue, 19 Sep 2023 17:58:24 -0700 (PDT) X-Gm-Message-State: 7MmJRye9gXQptpcdcUaZueQ2x1787277AA= X-Google-Smtp-Source: AGHT+IGsrzvYDP16RnKwt17S9uEv2kbUXBUhOlEXVS0u5DRMIORC0OGYeA1laZIQPwykp/l5SDxQBg== X-Received: by 2002:a17:902:f688:b0:1bf:11ce:c6ae with SMTP id l8-20020a170902f68800b001bf11cec6aemr1266959plg.18.1695171503603; Tue, 19 Sep 2023 17:58:23 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:23 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 28/28] MdeModulePkg: Delete Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:51 -0700 Message-ID: <20230920005752.2041-29-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171506291100112 Content-Type: text/plain; charset="utf-8" Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/MdeModulePkg.dec | 169 -------------------- MdeModulePkg/MdeModulePkg.uni | 153 ------------------ 2 files changed, 322 deletions(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 6ad0902a1bff..5aed6a787739 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -1007,119 +1007,12 @@ [PcdsFixedAtBuild] # @ValidList 0x80000006 | 0x03058002 gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable|0x03058002|UINT32= |0x30001040 =20 - ## Mask to control the NULL address detection in code for different phas= es. - # If enabled, accessing NULL address in UEFI or SMM code can be caught.=

- # BIT0 - Enable NULL pointer detection for UEFI.
- # BIT1 - Enable NULL pointer detection for SMM.
- # BIT2..5 - Reserved for future uses.
- # BIT6 - Enable non-stop mode.
- # BIT7 - Disable NULL pointer detection just after EndOfDxe.
- # This is a workaround for those unsolvable NULL access iss= ues in - # OptionROM, boot loader, etc. It can also help to avoid un= necessary - # exception caused by legacy memory (0-4095) access after E= ndOfDxe, - # such as Windows 7 boot on Qemu.
- # @Prompt Enable NULL address detection. - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask|0x0|U= INT8|0x30001050 - ## Init Value in Temp Stack to be shared between SEC and PEI_CORE # SEC fills the full temp stack with this values. When switch stack, Pei= Core can check # this value in the temp stack to know how many stack has been used. # @Prompt Init Value in Temp Stack gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack|0x5AA55AA5|UINT32= |0x30001051 =20 - ## Indicates which type allocation need guard page. - # - # If a bit is set, a head guard page and a tail guard page will be added= just - # before and after corresponding type of pages allocated if there's enou= gh - # free pages for all of them. The page allocation for the type related to - # cleared bits keeps the same as ususal. - # - # This PCD is only valid if BIT0 and/or BIT2 are set in PcdHeapGuardProp= ertyMask. - # - # Below is bit mask for this PCD: (Order is same as UEFI spec)
- # EfiReservedMemoryType 0x0000000000000001
- # EfiLoaderCode 0x0000000000000002
- # EfiLoaderData 0x0000000000000004
- # EfiBootServicesCode 0x0000000000000008
- # EfiBootServicesData 0x0000000000000010
- # EfiRuntimeServicesCode 0x0000000000000020
- # EfiRuntimeServicesData 0x0000000000000040
- # EfiConventionalMemory 0x0000000000000080
- # EfiUnusableMemory 0x0000000000000100
- # EfiACPIReclaimMemory 0x0000000000000200
- # EfiACPIMemoryNVS 0x0000000000000400
- # EfiMemoryMappedIO 0x0000000000000800
- # EfiMemoryMappedIOPortSpace 0x0000000000001000
- # EfiPalCode 0x0000000000002000
- # EfiPersistentMemory 0x0000000000004000
- # OEM Reserved 0x4000000000000000
- # OS Reserved 0x8000000000000000
- # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are neede= d, 0x1E should be used.
- # @Prompt The memory type mask for Page Guard. - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType|0x0|UINT64|0x30001052 - - ## Indicates which type allocation need guard page. - # - # If a bit is set, a head guard page and a tail guard page will be added= just - # before and after corresponding type of pages which the allocated pool = occupies, - # if there's enough free memory for all of them. The pool allocation for= the - # type related to cleared bits keeps the same as ususal. - # - # This PCD is only valid if BIT1 and/or BIT3 are set in PcdHeapGuardProp= ertyMask. - # - # Below is bit mask for this PCD: (Order is same as UEFI spec)
- # EfiReservedMemoryType 0x0000000000000001
- # EfiLoaderCode 0x0000000000000002
- # EfiLoaderData 0x0000000000000004
- # EfiBootServicesCode 0x0000000000000008
- # EfiBootServicesData 0x0000000000000010
- # EfiRuntimeServicesCode 0x0000000000000020
- # EfiRuntimeServicesData 0x0000000000000040
- # EfiConventionalMemory 0x0000000000000080
- # EfiUnusableMemory 0x0000000000000100
- # EfiACPIReclaimMemory 0x0000000000000200
- # EfiACPIMemoryNVS 0x0000000000000400
- # EfiMemoryMappedIO 0x0000000000000800
- # EfiMemoryMappedIOPortSpace 0x0000000000001000
- # EfiPalCode 0x0000000000002000
- # EfiPersistentMemory 0x0000000000004000
- # OEM Reserved 0x4000000000000000
- # OS Reserved 0x8000000000000000
- # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are neede= d, 0x1E should be used.
- # @Prompt The memory type mask for Pool Guard. - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType|0x0|UINT64|0x30001053 - - ## This mask is to control Heap Guard behavior. - # - # Note: - # a) Heap Guard is for debug purpose and should not be enabled in prod= uct - # BIOS. - # b) Due to the limit of pool memory implementation and the alignment - # requirement of UEFI spec, BIT7 is a try-best setting which cannot - # guarantee that the returned pool is exactly adjacent to head guard - # page or tail guard page. - # c) UEFI freed-memory guard and UEFI pool/page guard cannot be enabled - # at the same time. - # - # BIT0 - Enable UEFI page guard.
- # BIT1 - Enable UEFI pool guard.
- # BIT2 - Enable SMM page guard.
- # BIT3 - Enable SMM pool guard.
- # BIT4 - Enable UEFI freed-memory guard (Use-After-Free memory detecti= on).
- # BIT6 - Enable non-stop mode.
- # BIT7 - The direction of Guard Page for Pool Guard. - # 0 - The returned pool is near the tail guard page.
- # 1 - The returned pool is near the head guard page.
- # @Prompt The Heap Guard feature mask - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask|0x0|UINT8|0x3000= 1054 - - ## Indicates if UEFI Stack Guard will be enabled. - # If enabled, stack overflow in UEFI can be caught, preventing chaotic = consequences.

- # TRUE - UEFI Stack Guard will be enabled.
- # FALSE - UEFI Stack Guard will be disabled.
- # @Prompt Enable UEFI Stack Guard. - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|FALSE|BOOLEAN|0x30001055 - ## Indicate debug level of Trace Hub. # 0x0 - TraceHubDebugLevelError.
# 0x1 - TraceHubDebugLevelErrorWarning.
@@ -1396,54 +1289,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @Prompt Memory profile driver path. gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath|{0x0}|VOID*|0x= 00001043 =20 - ## Set image protection policy. The policy is bitwise. - # If a bit is set, the image will be protected by DxeCore if it is alig= ned. - # The code section becomes read-only, and the data section becomes non= -executable. - # If a bit is clear, nothing will be done to image code/data sections.<= BR>
- # BIT0 - Image from unknown device.
- # BIT1 - Image from firmware volume.
- #
- # Note: If a bit is cleared, the data section could be still non-execut= able if - # PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderData, EfiBootS= ervicesData - # and/or EfiRuntimeServicesData.
- #
- # @Prompt Set image protection policy. - # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT3= 2|0x00001047 - - ## Set DXE memory protection policy. The policy is bitwise. - # If a bit is set, memory regions of the associated type will be mapped - # non-executable.
- # If a bit is cleared, nothing will be done to associated type of memor= y.
- #
- # Below is bit mask for this PCD: (Order is same as UEFI spec)
- # EfiReservedMemoryType 0x0001
- # EfiLoaderCode 0x0002
- # EfiLoaderData 0x0004
- # EfiBootServicesCode 0x0008
- # EfiBootServicesData 0x0010
- # EfiRuntimeServicesCode 0x0020
- # EfiRuntimeServicesData 0x0040
- # EfiConventionalMemory 0x0080
- # EfiUnusableMemory 0x0100
- # EfiACPIReclaimMemory 0x0200
- # EfiACPIMemoryNVS 0x0400
- # EfiMemoryMappedIO 0x0800
- # EfiMemoryMappedIOPortSpace 0x1000
- # EfiPalCode 0x2000
- # EfiPersistentMemory 0x4000
- # OEM Reserved 0x4000000000000000
- # OS Reserved 0x8000000000000000
- # - # NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServi= cesCode / EfiRuntimeServicesCode.
- # User MUST set the same NX protection for EfiBootServicesData and= EfiConventionalMemory.
- # - # e.g. 0x7FD5 can be used for all memory except Code.
- # e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserve= d.
- # - # @Prompt Set DXE memory protection policy. - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0x0000000|= UINT64|0x00001048 - ## PCI Serial Device Info. It is an array of Device, Function, and Power= Management # information that describes the path that contains zero or more PCI to= PCI bridges # followed by a PCI serial device. Each array entry is 4-bytes in leng= th. The @@ -2032,20 +1877,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynami= c, PcdsDynamicEx] # @Prompt Default Creator Revision for ACPI table creation. gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision|0x01000013|= UINT32|0x30001038 =20 - ## Indicates if to set NX for stack.

- # For the DxeIpl and the DxeCore are both X64, set NX for stack feature= also require PcdDxeIplBuildPageTables be TRUE.
- # For the DxeIpl and the DxeCore are both IA32 (PcdDxeIplSwitchToLongMo= de is FALSE), set NX for stack feature also require - # IA32 PAE is supported and Execute Disable Bit is available.
- #
- # TRUE - Set NX for stack.
- # FALSE - Do nothing for stack.
- #
- # Note: If this PCD is set to FALSE, NX could be still applied to stack= due to PcdDxeNxMemoryProtectionPolicy enabled for - # EfiBootServicesData.
- #
- # @Prompt Set NX for stack. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE|BOOLEAN|0x0001006f - ## This PCD specifies the PCI-based SD/MMC host controller mmio base add= ress. # Define the mmio base address of the pci-based SD/MMC host controller. = If there are multiple SD/MMC # host controllers, their mmio base addresses are calculated one by one = from this base address. diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index a17d34d60b21..afbbc44761ca 100644 --- a/MdeModulePkg/MdeModulePkg.uni +++ b/MdeModulePkg/MdeModulePkg.uni @@ -330,16 +330,6 @@ =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSerialRegisterStride_HELP #= language en-US "The number of bytes between registers in serial device. Th= e default is 1 byte." =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSetNxForStack_PROMPT #langu= age en-US "Set NX for stack" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSetNxForStack_HELP #languag= e en-US "Indicates if to set NX for stack.

" - = "For the DxeIpl and the DxeCore are both X64, set NX for stack feat= ure also require PcdDxeIplBuildPageTables be TRUE.
" - = "For the DxeIpl and the DxeCore are both IA32 (PcdDxeIplSwitchToLon= gMode is FALSE), set NX for stack feature also require" - = "IA32 PAE is supported and Execute Disable Bit is available.
" - = "TRUE - Set NX for stack.
" - = "FALSE - Do nothing for stack.
" - = "Note: If this PCD is set to FALSE, NX could be still applied to st= ack due to PcdDxeNxMemoryProtectionPolicy enabled for EfiBootServicesData.<= BR>" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiS3Enable_PROMPT #langua= ge en-US "ACPI S3 Enable" =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiS3Enable_HELP #language= en-US "Indicates if ACPI S3 will be enabled.

" @@ -1096,51 +1086,6 @@ #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSmiHandlerProfilePropertyMas= k_HELP #language en-US "The mask is used to control SmiHandlerProfile beha= vior.

\n" = "BIT0 - Enable SmiHandlerProfile.
" =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdImageProtectionPolicy_PROMPT= #language en-US "Set image protection policy." - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdImageProtectionPolicy_HELP = #language en-US "Set image protection policy. The policy is bitwise.\n" - = "If a bit is set, the image will be protected by DxeCore if= it is aligned.\n" - = "The code section becomes read-only, and the data section b= ecomes non-executable.\n" - = "If a bit is clear, nothing will be done to image code/data= sections.

\n" - = "BIT0 - Image from unknown device.
\n" - = "BIT1 - Image from firmware volume.
" - = "Note: If a bit is cleared, the data section could be still= non-executable if\n" - = "PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderDat= a, EfiBootServicesData\n" - = "and/or EfiRuntimeServicesData.
" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_= PROMPT #language en-US "Set DXE memory protection policy." - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_= HELP #language en-US "Set DXE memory protection policy. The policy is bitw= ise.\n" - = "If a bit is set, memory regions of the associated ty= pe will be mapped\n" - = "non-executable.
\n" - = "If a bit is cleared, nothing will be done to associa= ted type of memory.

\n" - = "\n" - = "Below is bit mask for this PCD: (Order is same as UE= FI spec)
\n" - = "EfiReservedMemoryType 0x0001
\n" - = "EfiLoaderCode 0x0002
\n" - = "EfiLoaderData 0x0004
\n" - = "EfiBootServicesCode 0x0008
\n" - = "EfiBootServicesData 0x0010
\n" - = "EfiRuntimeServicesCode 0x0020
\n" - = "EfiRuntimeServicesData 0x0040
\n" - = "EfiConventionalMemory 0x0080
\n" - = "EfiUnusableMemory 0x0100
\n" - = "EfiACPIReclaimMemory 0x0200
\n" - = "EfiACPIMemoryNVS 0x0400
\n" - = "EfiMemoryMappedIO 0x0800
\n" - = "EfiMemoryMappedIOPortSpace 0x1000
\n" - = "EfiPalCode 0x2000
\n" - = "EfiPersistentMemory 0x4000
\n" - = "OEM Reserved 0x4000000000000000
\n" - = "OS Reserved 0x8000000000000000
\n" - = "\n" - = "NOTE: User must NOT set NX protection for EfiLoaderC= ode / EfiBootServicesCode / EfiRuntimeServicesCode.
\n" - = "User MUST set the same NX protection for EfiBootServ= icesData and EfiConventionalMemory.
\n" - = "\n" - = "e.g. 0x7FD5 can be used for all memory except Code. =
\n" - = "e.g. 0x7BD4 can be used for all memory except Code a= nd ACPINVS/Reserved.
\n" - = "" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOr= Mask_PROMPT #language en-US "The address mask when memory encryption is en= abled." =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOr= Mask_HELP #language en-US "This PCD holds the address mask for page table = entries when memory encryption is\n" @@ -1186,110 +1131,12 @@ #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCodRelocationDevPath_HELP #= language en-US "Full device path of platform specific device to store Cap= sule On Disk temp relocation file.
" = "If this PCD is set, Capsule On Disk temp relocation file = will be stored in the device specified by this PCD, instead of the EFI Syst= em Partition that stores capsule image file." =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdNullPointerDetectionProperty= Mask_PROMPT #language en-US "Enable NULL pointer detection" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdNullPointerDetectionProperty= Mask_HELP #language en-US "Mask to control the NULL address detection in= code for different phases.\n" - = " If enabled, accessing NULL address in UEFI o= r SMM code can be caught.\n\n" - = " BIT0 - Enable NULL pointer detection fo= r UEFI.\n" - = " BIT1 - Enable NULL pointer detection fo= r SMM.\n" - = " BIT2..6 - Reserved for future uses.\n" - = " BIT7 - Disable NULL pointer detection j= ust after EndOfDxe." - = " This is a workaround for those unsolvable NU= LL access issues in" - = " OptionROM, boot loader, etc. It can also hel= p to avoid unnecessary" - = " exception caused by legacy memory (0-4095) a= ccess after EndOfDxe," - = " such as Windows 7 boot on Qemu.\n" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdInitValueInTempStack_PROMPT = #language en-US "Init Value in Temp Stack" =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdInitValueInTempStack_HELP = #language en-US "Init Value in Temp Stack to be shared between SEC and PEI= _CORE\n" = "SEC fills the full temp stack with this values. When swit= ch stack, PeiCore can check\n" = "this value in the temp stack to know how many stack has b= een used.\n" =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_PROMPT #l= anguage en-US "The memory type mask for Page Guard" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_HELP #l= anguage en-US "Indicates which type allocation need guard page.\n\n" - = " If a bit is set, a head guard page and a tail guard page wi= ll be added just\n" - = " before and after corresponding type of pages allocated if t= here's enough\n" - = " free pages for all of them. The page allocation for the typ= e related to\n" - = " cleared bits keeps the same as ususal.\n\n" - = " This PCD is only valid if BIT0 and/or BIT2 are set in PcdHe= apGuardPropertyMask.\n\n" - = " Below is bit mask for this PCD: (Order is same as UEFI spec= )
\n" - = " EfiReservedMemoryType 0x0000000000000001\n" - = " EfiLoaderCode 0x0000000000000002\n" - = " EfiLoaderData 0x0000000000000004\n" - = " EfiBootServicesCode 0x0000000000000008\n" - = " EfiBootServicesData 0x0000000000000010\n" - = " EfiRuntimeServicesCode 0x0000000000000020\n" - = " EfiRuntimeServicesData 0x0000000000000040\n" - = " EfiConventionalMemory 0x0000000000000080\n" - = " EfiUnusableMemory 0x0000000000000100\n" - = " EfiACPIReclaimMemory 0x0000000000000200\n" - = " EfiACPIMemoryNVS 0x0000000000000400\n" - = " EfiMemoryMappedIO 0x0000000000000800\n" - = " EfiMemoryMappedIOPortSpace 0x0000000000001000\n" - = " EfiPalCode 0x0000000000002000\n" - = " EfiPersistentMemory 0x0000000000004000\n" - = " OEM Reserved 0x4000000000000000\n" - = " OS Reserved 0x8000000000000000\n" - = " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesDat= a are needed, 0x1E should be used.
" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_PROMPT #l= anguage en-US "The memory type mask for Pool Guard" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_HELP #l= anguage en-US "Indicates which type allocation need guard page.\n\n" - = " If a bit is set, a head guard page and a tail guard page wi= ll be added just\n" - = " before and after corresponding type of pages which the allo= cated pool occupies,\n" - = " if there's enough free memory for all of them. The pool all= ocation for the\n" - = " type related to cleared bits keeps the same as ususal.\n\n" - = " This PCD is only valid if BIT1 and/or BIT3 are set in PcdHe= apGuardPropertyMask.\n\n" - = " Below is bit mask for this PCD: (Order is same as UEFI spec= )
\n" - = " EfiReservedMemoryType 0x0000000000000001\n" - = " EfiLoaderCode 0x0000000000000002\n" - = " EfiLoaderData 0x0000000000000004\n" - = " EfiBootServicesCode 0x0000000000000008\n" - = " EfiBootServicesData 0x0000000000000010\n" - = " EfiRuntimeServicesCode 0x0000000000000020\n" - = " EfiRuntimeServicesData 0x0000000000000040\n" - = " EfiConventionalMemory 0x0000000000000080\n" - = " EfiUnusableMemory 0x0000000000000100\n" - = " EfiACPIReclaimMemory 0x0000000000000200\n" - = " EfiACPIMemoryNVS 0x0000000000000400\n" - = " EfiMemoryMappedIO 0x0000000000000800\n" - = " EfiMemoryMappedIOPortSpace 0x0000000000001000\n" - = " EfiPalCode 0x0000000000002000\n" - = " EfiPersistentMemory 0x0000000000004000\n" - = " OEM Reserved 0x4000000000000000\n" - = " OS Reserved 0x8000000000000000\n" - = " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesDat= a are needed, 0x1E should be used.
" - - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_PROMPT= #language en-US "The Heap Guard feature mask" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_HELP = #language en-US "This mask is to control Heap Guard behavior.\n" - = " Note:\n" - = " a) Heap Guard is for debug purpose and should not be = enabled in product" - = " BIOS.\n" - = " b) Due to the limit of pool memory implementation and= the alignment" - = " requirement of UEFI spec, BIT7 is a try-best setti= ng which cannot" - = " guarantee that the returned pool is exactly adjace= nt to head guard" - = " page or tail guard page.\n" - = " c) UEFI freed-memory guard and UEFI pool/page guard c= annot be enabled" - = " at the same time.\n" - = " BIT0 - Enable UEFI page guard.
\n" - = " BIT1 - Enable UEFI pool guard.
\n" - = " BIT2 - Enable SMM page guard.
\n" - = " BIT3 - Enable SMM pool guard.
\n" - = " BIT4 - Enable UEFI freed-memory guard (Use-After-Free= memory detection).
\n" - = " BIT7 - The direction of Guard Page for Pool Guard.\n" - = " 0 - The returned pool is near the tail guard p= age.
\n" - = " 1 - The returned pool is near the head guard p= age.
" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_PROMPT #langu= age en-US "Enable UEFI Stack Guard" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_HELP #langu= age en-US "Indicates if UEFI Stack Guard will be enabled.\n" - = " If enabled, stack overflow in UEFI can be caught, preventing c= haotic consequences.

\n" - = " TRUE - UEFI Stack Guard will be enabled.
\n" - = " FALSE - UEFI Stack Guard will be disabled.
" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdTraceHubDebugLevel_PROMPT #= language en-US "Debug level of Trace Hub." =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdTraceHubDebugLevel_HELP #= language en-US "Indicate debug level of Trace Hub" --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108890): https://edk2.groups.io/g/devel/message/108890 Mute This Topic: https://groups.io/mt/101469968/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-