From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6C57E81FD1 for ; Wed, 8 Feb 2017 23:20:36 -0800 (PST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga102.jf.intel.com with ESMTP; 08 Feb 2017 23:20:36 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.35,349,1484035200"; d="scan'208";a="1124128243" Received: from jyao1-mobl.ccr.corp.intel.com ([10.254.176.87]) by fmsmga002.fm.intel.com with ESMTP; 08 Feb 2017 23:20:35 -0800 From: Jiewen Yao To: edk2-devel@lists.01.org Cc: Jeff Fan , Michael Kinney , Leif Lindholm , Ard Biesheuvel , Star Zeng , Feng Tian Date: Wed, 8 Feb 2017 23:20:28 -0800 Message-Id: <1486624832-15736-1-git-send-email-jiewen.yao@intel.com> X-Mailer: git-send-email 2.7.4.windows.1 Subject: [PATCH V3 0/4] DXE Memory Protection X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Feb 2017 07:20:36 -0000 ==== V3 ==== 1) Add PCD for policy control (feedback from Ard Biesheuvel) (Discussed with Mike Kinney) + # BIT0 - Image from unknown device.
+ # BIT1 - Image from firmware volume.
+ # @Prompt Set image protection policy. + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 2) Remove unused function in CpuDxe.(feedback from Liming Gao) 3) Add commit log on link option assumption (feedback from Feng Tian) ==== V2 ==== 1) Clean up ArmPkg, (feedback from Leif Lindholm) ==== V1 ==== This series patch provides capability to protect PE/COFF image in DXE memory. If the UEFI image is page aligned, the image code section is set to read only and the image data section is set to non-executable. The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect the image. Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal X64/ Tested OS: UEFI Win10, UEFI Ubuntu 16.04. Untested platform: ARM/AARCH64. Can ARM/AARCH64 owner help to take a look and try the ARM platform? Cc: Jeff Fan Cc: Michael Kinney Cc: Leif Lindholm Cc: Ard Biesheuvel Cc: Star Zeng Cc: Feng Tian Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao Jiewen Yao (4): UefiCpuPkg/CpuDxe: Add memory attribute setting. ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage MdeModulePkg/dec: add PcdImageProtectionPolicy. MdeModulePkg/DxeCore: Add UEFI image protection. ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 3 +- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 14 +- ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c | 5 +- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 3 +- MdeModulePkg/Core/Dxe/DxeMain.h | 53 ++ MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 3 +- MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 735 ++++++++++++++++++ MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- MdeModulePkg/MdeModulePkg.dec | 10 + UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ 15 files changed, 1801 insertions(+), 99 deletions(-) create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h -- 2.7.4.windows.1