From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com; envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F19C122135D2C for ; Tue, 6 Mar 2018 04:09:58 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Mar 2018 04:16:12 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.47,431,1515484800"; d="scan'208";a="22177047" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by fmsmga007.fm.intel.com with ESMTP; 06 Mar 2018 04:16:12 -0800 Received: from fmsmsx157.amr.corp.intel.com (10.18.116.73) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 6 Mar 2018 04:16:12 -0800 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by FMSMSX157.amr.corp.intel.com (10.18.116.73) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 6 Mar 2018 04:16:11 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.124]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.116]) with mapi id 14.03.0319.002; Tue, 6 Mar 2018 20:16:10 +0800 From: "Zeng, Star" To: "Wu, Hao A" , "edk2-devel@lists.01.org" CC: "Wang, Jian J" , "Dong, Eric" , "Yao, Jiewen" , "Ni, Ruiyu" , "Zeng, Star" Thread-Topic: [PATCH 2/2] MdeModulePkg/Core: Fix feature conflict between NX and Stack guard Thread-Index: AQHTtURHe1yjCExYtkamTTAHR6/4laPDHo/Q Date: Tue, 6 Mar 2018 12:16:09 +0000 Message-ID: <0C09AFA07DD0434D9E2A0C6AEB0483103BA473E5@shsmsx102.ccr.corp.intel.com> References: <20180306121122.4704-1-hao.a.wu@intel.com> <20180306121122.4704-3-hao.a.wu@intel.com> In-Reply-To: <20180306121122.4704-3-hao.a.wu@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH 2/2] MdeModulePkg/Core: Fix feature conflict between NX and Stack guard X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Mar 2018 12:09:59 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable A quick minor comment. GetHobList() could be used instead of EfiGetSystemConfigurationTable (&gEfi= HobListGuid, &HobList). Thanks, Star -----Original Message----- From: Wu, Hao A=20 Sent: Tuesday, March 6, 2018 8:11 PM To: edk2-devel@lists.01.org Cc: Wu, Hao A ; Wang, Jian J ; Z= eng, Star ; Dong, Eric ; Yao, Jie= wen ; Ni, Ruiyu Subject: [PATCH 2/2] MdeModulePkg/Core: Fix feature conflict between NX and= Stack guard If enabled, NX memory protection feature will mark some types of active mem= ory as NX (non-executable), which includes the first page of the stack. This will overwrite the attributes of the first page of the stack if the st= ack guard feature is also enabled. The solution is to override the attributes setting to the first page of the= stack by adding back the 'EFI_MEMORY_RP' attribute when the stack guard fe= ature is enabled. Cc: Jian J Wang Cc: Star Zeng Cc: Eric Dong Cc: Jiewen Yao Cc: Ruiyu Ni Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu --- MdeModulePkg/Core/Dxe/DxeMain.inf | 4 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 61 +++++++++++++++++++++++= ++++ 2 files changed, 64 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 7334780326..d2e7360ed4 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -3,7 +3,7 @@ # # It provides an implementation of DXE Core that is compliant with DXE CI= S. # -# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2018, Intel Corporation. All rights=20 +reserved.
# This program and the accompanying materials # are licensed and made a= vailable under the terms and conditions of the BSD License # which accomp= anies this distribution. The full text of the license may be found at @@ -= 130,6 +130,7 @@ gEfiPropertiesTableGuid ## SOMETIMES_PRODUCES ##= SystemTable gEfiMemoryAttributesTableGuid ## SOMETIMES_PRODUCES ##= SystemTable gEfiEndOfDxeEventGroupGuid ## SOMETIMES_CONSUMES ##= Event + gEfiHobMemoryAllocStackGuid ## SOMETIMES_CONSUMES ##= SystemTable =20 [Ppis] gEfiVectorHandoffInfoPpiGuid ## UNDEFINED # HOB @@ -198,6 +199,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard = ## CONSUMES =20 # [Hob] # RESOURCE_DESCRIPTOR ## CONSUMES diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index a2ea445eef..a6de22d3af 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -801,6 +801,11 @@ InitializeDxeNxMemoryProtectionPolicy ( UINT64 Attributes; LIST_ENTRY *Link; EFI_GCD_MAP_ENTRY *Entry; + VOID *HobList; + EFI_PEI_HOB_POINTERS Hob; + EFI_HOB_MEMORY_ALLOCATION *MemoryHob; + EFI_PHYSICAL_ADDRESS StackBase; + BOOLEAN StackBaseFound; =20 // // Get the EFI memory map. @@ -832,6 +837,45 @@ InitializeDxeNxMemoryProtectionPolicy ( } while (Status =3D=3D EFI_BUFFER_TOO_SMALL); ASSERT_EFI_ERROR (Status); =20 + StackBase =3D 0; + StackBaseFound =3D FALSE; + if (PcdGetBool (PcdCpuStackGuard)) { + // + // Get the base of stack from Hob. + // + Status =3D EfiGetSystemConfigurationTable (&gEfiHobListGuid, &HobList)= ; + if (!EFI_ERROR (Status)) { + for (Hob.Raw =3D HobList; !END_OF_HOB_LIST (Hob); Hob.Raw =3D GET_NE= XT_HOB (Hob)) { + if (GET_HOB_TYPE(Hob) =3D=3D EFI_HOB_TYPE_MEMORY_ALLOCATION) { + MemoryHob =3D Hob.MemoryAllocation; + if (CompareGuid(&gEfiHobMemoryAllocStackGuid, &MemoryHob->AllocD= escriptor.Name)) { + DEBUG (( + DEBUG_INFO, + "%a: StackBase =3D 0x%016lx StackSize =3D 0x%016lx\n", + __FUNCTION__, + MemoryHob->AllocDescriptor.MemoryBaseAddress, + MemoryHob->AllocDescriptor.MemoryLength + )); + + StackBase =3D MemoryHob->AllocDescriptor.MemoryBaseAddress; + // + // Ensure the base of the stack is page-size aligned. + // + ASSERT ((StackBase & EFI_PAGE_MASK) =3D=3D 0); + StackBaseFound =3D TRUE; + break; + } + } + } + } + + // + // Ensure the base of stack can be found from Hob when stack guard is + // enabled. + // + ASSERT (StackBaseFound); + } + DEBUG (( DEBUG_INFO, "%a: applying strict permissions to active memory regions\n", @@ -864,= 6 +908,23 @@ InitializeDxeNxMemoryProtectionPolicy ( EFI_PAGES_TO_SIZE (1), EFI_MEMORY_RP | Attributes); } + + if (StackBaseFound && + (StackBase >=3D MemoryMapEntry->PhysicalStart && + StackBase < MemoryMapEntry->PhysicalStart + + LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE= _SHIFT)) && + PcdGetBool (PcdCpuStackGuard)) { + + // + // Add EFI_MEMORY_RP attribute for the first page of the stack if = stack + // guard is enabled. + // + SetUefiImageMemoryAttributes ( + StackBase, + EFI_PAGES_TO_SIZE (1), + EFI_MEMORY_RP | Attributes); + } + } MemoryMapEntry =3D NEXT_MEMORY_DESCRIPTOR (MemoryMapEntry, DescriptorS= ize); } -- 2.12.0.windows.1