From nobody Mon Feb 9 06:00:32 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+109424+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+109424+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1696810089; cv=none; d=zohomail.com; s=zohoarc; b=bzXAgpDjxJIcVD/a9/WL9cjcTUk7nWxWkVCiI7vSjFS26MmRlkcuKLxFNJ5N+e54exBByez6rzF4FsYRor6AbARn1gHVwyWa6Qp7nAJqx1V9GppqhIe32J/ujGe4jfOuZWiY9wm0U9mxHv9dbgQW4Ah0323Z01RdiHKBfxErPjQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1696810089; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=6UxPXMi22WBhRLlQOyFROa66X/ES3x2F/7XKiDpcvd8=; b=JcUHO95unJ6OtFb0yi9j/ge+5poR8fOA9ql8DSXkF1AAtLxKBLCpGSrx1Dv7H5f1DzqpIruiLJKssItFFCF4ya4dhicgQvSAEi12Z/NR3SLZu926YlKs3oLckse3OYb/siXnEkXUFeupKTmdiLVOd9HEZ4TsCxN5yXxpAe1uKOA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+109424+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1696810089289492.3109566944411; Sun, 8 Oct 2023 17:08:09 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=xvj6Nd9R44vicjsyAxrxL0bktwy934bA3kIWULzBsSE=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1696810088; v=1; b=Osp6KQYsKQEs/6pUD2afy+SKROemDYk5+tK61LZW5QHLJcYz1JDFYocnoZ6J4EdSUpXcC/QO 37TBj7ZSg9vboJX7yC+uYhjwpZfYqRyJyl1O3baOfdNDcA86vyK8kS22cLkSfT8JeiVxoCvscWA UgsxBrJ7D8fXf4u6mV9W1AEc= X-Received: by 127.0.0.2 with SMTP id UrNdYY1788612x71chIo2rUo; Sun, 08 Oct 2023 17:08:08 -0700 X-Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.50228.1696810088277635958 for ; Sun, 08 Oct 2023 17:08:08 -0700 X-Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-690fe10b6a4so3272469b3a.3 for ; Sun, 08 Oct 2023 17:08:08 -0700 (PDT) X-Gm-Message-State: BoRzuUhYevw4Pny59TLIkxrsx1787277AA= X-Google-Smtp-Source: AGHT+IHspRfBNrOUb9whJyHHWEs+AHa9tqCa9k/giECEFuqMbvYV4mb7+sDKZJqiTOnrDAeWzeFPgQ== X-Received: by 2002:a05:6a00:1892:b0:68e:496a:7852 with SMTP id x18-20020a056a00189200b0068e496a7852mr17467080pfh.27.1696810087425; Sun, 08 Oct 2023 17:08:07 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id t20-20020a62ea14000000b0068fcc7f6b00sm5048320pfh.74.2023.10.08.17.08.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 08 Oct 2023 17:08:07 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [edk2-devel] [PATCH v5 19/28] MdeModulePkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Date: Sun, 8 Oct 2023 17:07:31 -0700 Message-ID: <20231009000742.1792-20-taylor.d.beebe@gmail.com> In-Reply-To: <20231009000742.1792-1-taylor.d.beebe@gmail.com> References: <20231009000742.1792-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1696810090456100077 Content-Type: text/plain; charset="utf-8" Replace references to the memory protection PCDs to instead check the platform protections via GetMemoryProtectionsLib. Because the protection profile is equivalent to the PCD settings, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 4 +- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 46 ++++++++------ MdeModulePkg/Core/Dxe/Mem/Page.c | 2 +- MdeModulePkg/Core/Dxe/Mem/Pool.c | 4 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 67 +++++++++++--------- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 29 ++++----- MdeModulePkg/Core/PiSmmCore/Pool.c | 4 +- MdeModulePkg/Core/Dxe/DxeMain.h | 1 + MdeModulePkg/Core/Dxe/DxeMain.inf | 8 +-- MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 + MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 4 +- 11 files changed, 87 insertions(+), 83 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 0e0f9769b99d..66cb2fcf2ff7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -256,10 +256,12 @@ DxeMain ( Status =3D InitializeCpuExceptionHandlers (VectorInfoList); ASSERT_EFI_ERROR (Status); =20 + PopulateMpsGlobal (); + // // Setup Stack Guard // - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { Status =3D InitializeSeparateExceptionStacks (NULL, NULL); ASSERT_EFI_ERROR (Status); } diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.c index 0c0ca61872b4..59d8f36c89b7 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c @@ -553,7 +553,7 @@ UnsetGuardPage ( // memory. // Attributes =3D 0; - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & (1 << EfiConventionalMe= mory)) !=3D 0) { + if (gMps.Dxe.ExecutionProtection.EnabledForType[EfiConventionalMemory]) { Attributes |=3D EFI_MEMORY_XP; } =20 @@ -590,38 +590,48 @@ IsMemoryTypeToGuard ( IN UINT8 PageOrPool ) { - UINT64 TestBit; + UINT32 MpsMemoryType; UINT64 ConfigBit; =20 if (AllocateType =3D=3D AllocateAddress) { return FALSE; } =20 - if ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) =3D=3D 0) { + ConfigBit =3D gMps.Dxe.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAG= E : 0; + ConfigBit |=3D gMps.Dxe.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POO= L : 0; + ConfigBit |=3D gMps.Dxe.HeapGuard.FreedMemoryGuardEnabled ? GUARD_HEAP_T= YPE_FREED : 0; + + if ((PageOrPool & ConfigBit) =3D=3D 0) { return FALSE; } =20 - if (PageOrPool =3D=3D GUARD_HEAP_TYPE_POOL) { - ConfigBit =3D PcdGet64 (PcdHeapGuardPoolType); - } else if (PageOrPool =3D=3D GUARD_HEAP_TYPE_PAGE) { - ConfigBit =3D PcdGet64 (PcdHeapGuardPageType); - } else { - ConfigBit =3D (UINT64)-1; + if (((PageOrPool & GUARD_HEAP_TYPE_FREED) !=3D 0) && gMps.Dxe.HeapGuard.= FreedMemoryGuardEnabled) { + return TRUE; } =20 if ((UINT32)MemoryType >=3D MEMORY_TYPE_OS_RESERVED_MIN) { - TestBit =3D BIT63; + MpsMemoryType =3D OS_RESERVED_MPS_MEMORY_TYPE; } else if ((UINT32)MemoryType >=3D MEMORY_TYPE_OEM_RESERVED_MIN) { - TestBit =3D BIT62; + MpsMemoryType =3D OEM_RESERVED_MPS_MEMORY_TYPE; } else if (MemoryType < EfiMaxMemoryType) { - TestBit =3D LShiftU64 (1, MemoryType); + MpsMemoryType =3D MemoryType; } else if (MemoryType =3D=3D EfiMaxMemoryType) { - TestBit =3D (UINT64)-1; + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && IS_DXE_PAGE_GU= ARD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && IS_DXE_POOL_GU= ARD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_FREED) !=3D 0) && gMps.Dxe.Heap= Guard.FreedMemoryGuardEnabled); } else { - TestBit =3D 0; + return FALSE; } =20 - return ((ConfigBit & TestBit) !=3D 0); + if (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && gMps.Dxe.PageGuard.E= nabledForType[MpsMemoryType]) { + return TRUE; + } + + if (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && gMps.Dxe.PoolGuard.E= nabledForType[MpsMemoryType]) { + return TRUE; + } + + return FALSE; } =20 /** @@ -835,7 +845,7 @@ AdjustMemoryS ( // indicated to put the pool near the Tail Guard, we need extra bytes to // make sure alignment of the returned pool address. // - if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0) { + if (gMps.Dxe.HeapGuard.GuardAlignedToTail) { SizeRequested =3D ALIGN_VALUE (SizeRequested, 8); } =20 @@ -1019,7 +1029,7 @@ AdjustPoolHeadA ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // @@ -1050,7 +1060,7 @@ AdjustPoolHeadF ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index 6497af573353..05c18a413b80 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -181,7 +181,7 @@ CoreAddRange ( // used for other purposes. // if ((Type =3D=3D EfiConventionalMemory) && (Start =3D=3D 0) && (End >=3D= EFI_PAGE_SIZE - 1)) { - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) =3D=3D 0) { + if (!gMps.Dxe.NullPointerDetection.Enabled) { SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); } } diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/P= ool.c index 716dd045f9fd..ae1e8b67db10 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Pool.c +++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c @@ -385,7 +385,7 @@ CoreAllocatePoolI ( // =20 HasPoolTail =3D !(NeedGuard && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Dxe.HeapGuard.GuardAlignedToTail); PageAsPool =3D (IsHeapGuardEnabled (GUARD_HEAP_TYPE_FREED) && !mOnGuardi= ng); =20 // @@ -717,7 +717,7 @@ CoreFreePoolI ( IsGuarded =3D IsPoolTypeToGuard (Head->Type) && IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)Head); HasPoolTail =3D !(IsGuarded && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Dxe.HeapGuard.GuardAlignedToTail); PageAsPool =3D (Head->Signature =3D=3D POOLPAGE_HEAD_SIGNATURE); =20 if (HasPoolTail) { diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index 94ed3111688b..215a9f254065 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -9,7 +9,7 @@ 2) This policy is applied only if the UEFI image meets the page alignment requirement. 3) This policy is applied only if the Source UEFI image matches the - PcdImageProtectionPolicy definition. + Image Protection Policy definition. 4) This policy is not applied to the non-PE image region. =20 The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect @@ -60,7 +60,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define PREVIOUS_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \ ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) - (Size))) =20 -UINT32 mImageProtectionPolicy; +STATIC BOOLEAN mIsExecutionProtectionActive =3D FALSE; + +STATIC BOOLEAN mIsPageOrPoolGuardActive =3D FALSE; =20 extern LIST_ENTRY mGcdMemorySpaceMap; =20 @@ -149,11 +151,13 @@ GetProtectionPolicyFromImageType ( IN UINT32 ImageType ) { - if ((ImageType & mImageProtectionPolicy) =3D=3D 0) { - return DO_NOT_PROTECT; - } else { + if (((ImageType =3D=3D IMAGE_UNKNOWN) && gMps.Dxe.ImageProtection.Protec= tImageFromUnknown) || + ((ImageType =3D=3D IMAGE_FROM_FV) && gMps.Dxe.ImageProtection.Protec= tImageFromFv)) + { return PROTECT_IF_ALIGNED_ELSE_ALLOW; } + + return DO_NOT_PROTECT; } =20 /** @@ -611,7 +615,7 @@ UnprotectUefiImage ( IMAGE_PROPERTIES_RECORD *ImageRecord; LIST_ENTRY *ImageRecordLink; =20 - if (PcdGet32 (PcdImageProtectionPolicy) !=3D 0) { + if (IS_DXE_IMAGE_PROTECTION_ACTIVE) { for (ImageRecordLink =3D mProtectedImageRecordList.ForwardLink; ImageRecordLink !=3D &mProtectedImageRecordList; ImageRecordLink =3D ImageRecordLink->ForwardLink) @@ -648,21 +652,23 @@ GetPermissionAttributeForMemoryType ( IN EFI_MEMORY_TYPE MemoryType ) { - UINT64 TestBit; + UINT32 TestMemoryType; =20 if ((UINT32)MemoryType >=3D MEMORY_TYPE_OS_RESERVED_MIN) { - TestBit =3D BIT63; + TestMemoryType =3D OS_RESERVED_MPS_MEMORY_TYPE; } else if ((UINT32)MemoryType >=3D MEMORY_TYPE_OEM_RESERVED_MIN) { - TestBit =3D BIT62; + TestMemoryType =3D OEM_RESERVED_MPS_MEMORY_TYPE; + } else if (MemoryType >=3D EfiMaxMemoryType) { + return EFI_MEMORY_XP; } else { - TestBit =3D LShiftU64 (1, MemoryType); + TestMemoryType =3D MemoryType; } =20 - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & TestBit) !=3D 0) { + if (gMps.Dxe.ExecutionProtection.EnabledForType[TestMemoryType]) { return EFI_MEMORY_XP; - } else { - return 0; } + + return 0; } =20 /** @@ -772,7 +778,7 @@ MergeMemoryMapForProtectionPolicy ( =20 /** Remove exec permissions from all regions whose type is identified by - PcdDxeNxMemoryProtectionPolicy. + the DXE Execution Protection Policy. **/ STATIC VOID @@ -827,7 +833,7 @@ InitializeDxeNxMemoryProtectionPolicy ( ASSERT_EFI_ERROR (Status); =20 StackBase =3D 0; - if (PcdGetBool (PcdCpuStackGuard)) { + if (gMps.Dxe.CpuStackGuardEnabled) { // // Get the base of stack from Hob. // @@ -885,7 +891,7 @@ InitializeDxeNxMemoryProtectionPolicy ( // enabled. // if ((MemoryMapEntry->PhysicalStart =3D=3D 0) && - (PcdGet8 (PcdNullPointerDetectionPropertyMask) !=3D 0)) + (gMps.Dxe.NullPointerDetection.Enabled)) { ASSERT (MemoryMapEntry->NumberOfPages > 0); SetUefiImageMemoryAttributes ( @@ -903,7 +909,7 @@ InitializeDxeNxMemoryProtectionPolicy ( ((StackBase >=3D MemoryMapEntry->PhysicalStart) && (StackBase < MemoryMapEntry->PhysicalStart + LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT))) && - PcdGetBool (PcdCpuStackGuard)) + gMps.Dxe.CpuStackGuardEnabled) { SetUefiImageMemoryAttributes ( StackBase, @@ -1024,7 +1030,7 @@ MemoryProtectionCpuArchProtocolNotify ( // // Apply the memory protection policy on non-BScode/RTcode regions. // - if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) !=3D 0) { + if (IS_DXE_EXECUTION_PROTECTION_ACTIVE) { InitializeDxeNxMemoryProtectionPolicy (); } =20 @@ -1036,7 +1042,7 @@ MemoryProtectionCpuArchProtocolNotify ( // Mark the HOB list XP and RO. ProtectHobList (); =20 - if (mImageProtectionPolicy =3D=3D 0) { + if (!IS_DXE_IMAGE_PROTECTION_ACTIVE) { goto Done; } =20 @@ -1099,7 +1105,7 @@ MemoryProtectionExitBootServicesCallback ( // delay setting protections on RT code pages until after SetVirtualAddr= essMap(). // OS may set protection on RT based upon EFI_MEMORY_ATTRIBUTES_TABLE la= ter. // - if (mImageProtectionPolicy !=3D 0) { + if (IS_DXE_IMAGE_PROTECTION_ACTIVE) { for (Link =3D gRuntime->ImageHead.ForwardLink; Link !=3D &gRuntime->Im= ageHead; Link =3D Link->ForwardLink) { RuntimeImage =3D BASE_CR (Link, EFI_RUNTIME_IMAGE_ENTRY, Link); SetUefiImageMemoryAttributes ((UINT64)(UINTN)RuntimeImage->ImageBase= , ALIGN_VALUE (RuntimeImage->ImageSize, EFI_PAGE_SIZE), 0); @@ -1173,19 +1179,20 @@ CoreInitializeMemoryProtection ( EFI_EVENT EndOfDxeEvent; VOID *Registration; =20 - mImageProtectionPolicy =3D PcdGet32 (PcdImageProtectionPolicy); + mIsExecutionProtectionActive =3D IS_DXE_EXECUTION_PROTECTION_ACTIVE; + mIsPageOrPoolGuardActive =3D IS_DXE_PAGE_GUARD_ACTIVE || IS_DXE_POOL= _GUARD_ACTIVE; =20 InitializeListHead (&mProtectedImageRecordList); =20 // - // Sanity check the PcdDxeNxMemoryProtectionPolicy setting: + // Sanity check the DXE NX protection policy setting: // - code regions should have no EFI_MEMORY_XP attribute // - EfiConventionalMemory and EfiBootServicesData should use the // same attribute // - ASSERT ((GetPermissionAttributeForMemoryType (EfiBootServicesCode) & EFI= _MEMORY_XP) =3D=3D 0); - ASSERT ((GetPermissionAttributeForMemoryType (EfiRuntimeServicesCode) & = EFI_MEMORY_XP) =3D=3D 0); - ASSERT ((GetPermissionAttributeForMemoryType (EfiLoaderCode) & EFI_MEMOR= Y_XP) =3D=3D 0); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiLoaderCode]); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiBootServicesCode= ]); + ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiRuntimeServicesC= ode]); ASSERT ( GetPermissionAttributeForMemoryType (EfiBootServicesData) =3D=3D GetPermissionAttributeForMemoryType (EfiConventionalMemory) @@ -1213,9 +1220,7 @@ CoreInitializeMemoryProtection ( // // Register a callback to disable NULL pointer detection at EndOfDxe // - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7)) - =3D=3D (BIT0|BIT7)) - { + if (gMps.Dxe.NullPointerDetection.Enabled && gMps.Dxe.NullPointerDetecti= on.DisableEndOfDxe) { Status =3D CoreCreateEventEx ( EVT_NOTIFY_SIGNAL, TPL_NOTIFY, @@ -1279,7 +1284,7 @@ ApplyMemoryProtectionPolicy ( UINT64 NewAttributes; =20 // - // The policy configured in PcdDxeNxMemoryProtectionPolicy + // The policy configured in DXE Execution Protection Policy // does not apply to allocations performed in SMM mode. // if (IsInSmm ()) { @@ -1298,7 +1303,7 @@ ApplyMemoryProtectionPolicy ( // // Check if a DXE memory protection policy has been configured // - if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) =3D=3D 0) { + if (!mIsExecutionProtectionActive) { return EFI_SUCCESS; } =20 @@ -1306,7 +1311,7 @@ ApplyMemoryProtectionPolicy ( // Don't overwrite Guard pages, which should be the first and/or last pa= ge, // if any. // - if (IsHeapGuardEnabled (GUARD_HEAP_TYPE_PAGE|GUARD_HEAP_TYPE_POOL)) { + if (mIsPageOrPoolGuardActive) { if (IsGuardPage (Memory)) { Memory +=3D EFI_PAGE_SIZE; Length -=3D EFI_PAGE_SIZE; diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c b/MdeModulePkg/Core/Pi= SmmCore/HeapGuard.c index 25310122ca1b..eac38e699c30 100644 --- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c +++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c @@ -592,36 +592,29 @@ IsMemoryTypeToGuard ( IN UINT8 PageOrPool ) { - UINT64 TestBit; UINT64 ConfigBit; =20 - if ( ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) =3D=3D 0) + ConfigBit =3D gMps.Mm.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAGE= : 0; + ConfigBit |=3D gMps.Mm.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POOL= : 0; + + if ( ((ConfigBit & PageOrPool) =3D=3D 0) || mOnGuarding || (AllocateType =3D=3D AllocateAddress)) { return FALSE; } =20 - ConfigBit =3D 0; - if ((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) { - ConfigBit |=3D PcdGet64 (PcdHeapGuardPoolType); - } - - if ((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) { - ConfigBit |=3D PcdGet64 (PcdHeapGuardPageType); - } - if ((MemoryType =3D=3D EfiRuntimeServicesData) || (MemoryType =3D=3D EfiRuntimeServicesCode)) { - TestBit =3D LShiftU64 (1, MemoryType); + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && gMps.Mm.PageGu= ard.EnabledForType[MemoryType]) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && gMps.Mm.PoolGu= ard.EnabledForType[MemoryType]); } else if (MemoryType =3D=3D EfiMaxMemoryType) { - TestBit =3D (UINT64)-1; - } else { - TestBit =3D 0; + return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) !=3D 0) && IS_MM_PAGE_GUA= RD_ACTIVE) || + (((PageOrPool & GUARD_HEAP_TYPE_POOL) !=3D 0) && IS_MM_POOL_GUA= RD_ACTIVE); } =20 - return ((ConfigBit & TestBit) !=3D 0); + return FALSE; } =20 /** @@ -951,7 +944,7 @@ AdjustPoolHeadA ( IN UINTN Size ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // @@ -977,7 +970,7 @@ AdjustPoolHeadF ( IN EFI_PHYSICAL_ADDRESS Memory ) { - if ((Memory =3D=3D 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != =3D 0)) { + if ((Memory =3D=3D 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) { // // Pool head is put near the head Guard // diff --git a/MdeModulePkg/Core/PiSmmCore/Pool.c b/MdeModulePkg/Core/PiSmmCo= re/Pool.c index e1ff40a8ea55..991efaf33bdd 100644 --- a/MdeModulePkg/Core/PiSmmCore/Pool.c +++ b/MdeModulePkg/Core/PiSmmCore/Pool.c @@ -258,7 +258,7 @@ SmmInternalAllocatePool ( =20 NeedGuard =3D IsPoolTypeToGuard (PoolType); HasPoolTail =3D !(NeedGuard && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Mm.HeapGuard.GuardAlignedToTail); =20 // // Adjust the size by the pool header & tail overhead @@ -392,7 +392,7 @@ SmmInternalFreePool ( MemoryGuarded =3D IsHeapGuardEnabled () && IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)FreePoolHd= r); HasPoolTail =3D !(MemoryGuarded && - ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) =3D=3D 0)); + gMps.Mm.HeapGuard.GuardAlignedToTail); =20 if (HasPoolTail) { PoolTail =3D HEAD_TO_TAIL (&FreePoolHdr->Header); diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMai= n.h index 43daa037be44..8b8b97666f38 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -84,6 +84,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 // // attributes for reserved memory before it is promoted to system memory diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 6c896a0e7f0f..ddbbee5f68ce 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -94,6 +94,7 @@ [LibraryClasses] DebugAgentLib CpuExceptionHandlerLib PcdLib + GetMemoryProtectionsLib =20 [Guids] gEfiEventMemoryMapChangeGuid ## PRODUCES ##= Event @@ -179,13 +180,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileMemoryType = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask = ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth = ## CONSUMES gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel = ## CONSUMES =20 diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h b/MdeModulePkg/Core/Pi= SmmCore/PiSmmCore.h index b8a490a8c3b5..2fabed0670e0 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h @@ -55,6 +55,7 @@ #include #include #include +#include =20 #include "PiSmmCorePrivateData.h" #include "HeapGuard.h" diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf b/MdeModulePkg/Core/= PiSmmCore/PiSmmCore.inf index 3df44b38f13c..4586ec39d7c7 100644 --- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf +++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf @@ -61,6 +61,7 @@ [LibraryClasses] HobLib SmmMemLib SafeIntLib + GetMemoryProtectionsLib =20 [Protocols] gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerR= egister @@ -94,9 +95,6 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdSmiHandlerProfilePropertyMask ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType ##= CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##= CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ##= CONSUMES =20 [Guids] --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109424): https://edk2.groups.io/g/devel/message/109424 Mute This Topic: https://groups.io/mt/101843363/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-