From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.115; helo=mga14.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 697872034A878 for ; Thu, 26 Oct 2017 23:08:17 -0700 (PDT) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Oct 2017 23:12:04 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.44,303,1505804400"; d="scan'208";a="328373983" Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.47]) by fmsmga004.fm.intel.com with ESMTP; 26 Oct 2017 23:12:03 -0700 From: Jian J Wang To: edk2-devel@lists.01.org Date: Fri, 27 Oct 2017 14:11:33 +0800 Message-Id: <20171027061140.17160-1-jian.j.wang@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 Subject: [PATCH v4 0/7] Implement heap guard feature X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Oct 2017 06:08:17 -0000 > Path V4 changes: > a. Change names of gEdkiiSmmMemoryAttributeProtocolGuid related > definitions from EFI_ to EDKII_ > b. Coding style cleanup > c. Split patches in a more reasonable order and groups > Patch V3 changes: > a. Add new protocol gEdkiiSmmMemoryAttributeProtocolGuid to do > memory attributes update instead of doing it directly in SmmCore > b. Fix GCC build error > Patch V2 changes: > a. Remove local variable initializer with memory copy from globals > b. Change map table dump code to use DEBUG_PAGE|DEBUG_POOL level > message > c. Fix malfunction in 32-bit boot mode > d. Add comment for the use of mOnGuarding > e. Change name of function InitializePageTableLib to > InitializePageTableGlobals > f. Add code in 32-bit code to bypass setting page table to read-only > g. Coding style clean-up > This feature makes use of paging mechanism to add a hidden (not present) page just before and after the allocated memory block. If the code tries to access memory outside of the allocated part, page fault exception will be triggered. This feature is disabled by default and is not recommended to enable it in production build of BIOS. This patch has passed following validations: a. Boot to shell (OVMF, Intel real platform)(32/64) b. Boot to Fedora 25 (64) NT32 emulation platform was not validated with this feature enabled due to the fact that it doesn't support paging which is needed for this feature to work. But all are validated with feature is disabled. Suggested-by: Ayellet Wolman Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang Jian J Wang (7): MdeModulePkg/MdeModulePkg.dec,.uni: Add Protocol, PCDs and string tokens MdeModulePkg/SmmMemoryAttribute.h: Add new protocol definitions UefiCpuPkg/CpuDxe: Reduce debug message MdeModulePkg/DxeIpl: Enable paging for heap guard MdeModulePkg/DxeCore: Implement heap guard feature for UEFI UefiCpuPkg/PiSmmCpuDxeSmm: Add SmmMemoryAttribute protocol MdeModulePkg/PiSmmCore: Implement heap guard feature for SMM mode MdeModulePkg/Core/Dxe/DxeMain.inf | 4 + MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 1182 ++++++++++++++++ MdeModulePkg/Core/Dxe/Mem/HeapGuard.h | 394 ++++++ MdeModulePkg/Core/Dxe/Mem/Imem.h | 38 +- MdeModulePkg/Core/Dxe/Mem/Page.c | 130 +- MdeModulePkg/Core/Dxe/Mem/Pool.c | 154 +- MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 + MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 36 +- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 1467 ++++++++++++++++++++ MdeModulePkg/Core/PiSmmCore/HeapGuard.h | 398 ++++++ MdeModulePkg/Core/PiSmmCore/Page.c | 52 +- MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 7 +- MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 81 +- MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 8 + MdeModulePkg/Core/PiSmmCore/Pool.c | 81 +- MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h | 136 ++ MdeModulePkg/MdeModulePkg.dec | 60 + MdeModulePkg/MdeModulePkg.uni | 58 + UefiCpuPkg/CpuDxe/CpuPageTable.c | 5 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 10 + UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 20 + UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 98 ++ UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 2 + UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 163 +++ UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 10 +- 25 files changed, 4496 insertions(+), 99 deletions(-) create mode 100644 MdeModulePkg/Core/Dxe/Mem/HeapGuard.c create mode 100644 MdeModulePkg/Core/Dxe/Mem/HeapGuard.h create mode 100644 MdeModulePkg/Core/PiSmmCore/HeapGuard.c create mode 100644 MdeModulePkg/Core/PiSmmCore/HeapGuard.h create mode 100644 MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h -- 2.14.1.windows.1