From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jian.j.wang@intel.com>
Received-SPF: Permerror (SPF Permanent Error: Void lookup limit of 2 exceeded)
 identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com;
 envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 7B99021F833C3
 for <edk2-devel@lists.01.org>; Mon, 15 Jan 2018 00:49:31 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
 by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 15 Jan 2018 00:54:49 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,362,1511856000"; d="scan'208";a="21534542"
Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.117])
 by fmsmga004.fm.intel.com with ESMTP; 15 Jan 2018 00:54:47 -0800
From: Jian J Wang <jian.j.wang@intel.com>
To: edk2-devel@lists.01.org
Cc: Jiewen Yao <jiewen.yao@intel.com>, Ruiyu Ni <ruiyu.ni@intel.com>,
 Eric Dong <eric.dong@intel.com>, Star Zeng <star.zeng@intel.com>
Date: Mon, 15 Jan 2018 16:54:33 +0800
Message-Id: <20180115085433.25008-7-jian.j.wang@intel.com>
X-Mailer: git-send-email 2.15.1.windows.2
In-Reply-To: <20180115085433.25008-1-jian.j.wang@intel.com>
References: <20180115085433.25008-1-jian.j.wang@intel.com>
Subject: [PATCH 6/6] MdeModulePkg/BootScriptExecutorDxe: remove NX attr for FfsBuffer
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jan 2018 08:49:31 -0000

If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory
of EfiReservedMemoryType, the BIOS will hang at a page fault exception
triggered by BootScriptExecutorDxe.

The root cause is that this driver will allocate memory of
EfiReservedMemoryType and relocate itself into this new memory. Since
EfiReservedMemoryType of memory is marked non-executable, re-start this
driver after relocation will cause exception. The fix is removing the NX
attribute after memory allocation.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
 .../Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf   |  1 +
 .../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c   | 14 ++++++++++++++
 .../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h   |  1 +
 3 files changed, 16 insertions(+)

diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
index 29af7f55ec..aac132122c 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
@@ -68,6 +68,7 @@
   LockBoxLib
   CpuExceptionHandlerLib
   DevicePathLib
+  DxeServicesTableLib
 
 [Guids]
   gEfiBootScriptExecutorVariableGuid    ## PRODUCES ## UNDEFINED # SaveLockBox
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
index 4545d6e581..263a282188 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
@@ -273,6 +273,7 @@ ReadyToLockEventNotify (
   UINTN                                         Pages;
   EFI_PHYSICAL_ADDRESS                          FfsBuffer;
   PE_COFF_LOADER_IMAGE_CONTEXT                  ImageContext;
+  EFI_GCD_MEMORY_SPACE_DESCRIPTOR               MemDesc;
 
   Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface);
   if (EFI_ERROR (Status)) {
@@ -322,6 +323,19 @@ ReadyToLockEventNotify (
                   &FfsBuffer
                   );
   ASSERT_EFI_ERROR (Status);
+
+  //
+  // Make sure that the buffer can be used to store code.
+  //
+  Status = gDS->GetMemorySpaceDescriptor (FfsBuffer, &MemDesc);
+  if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) {
+    gDS->SetMemorySpaceAttributes (
+           FfsBuffer,
+           EFI_PAGES_TO_SIZE (Pages),
+           MemDesc.Attributes & (~EFI_MEMORY_XP)
+           );
+  }
+
   ImageContext.ImageAddress = (PHYSICAL_ADDRESS)(UINTN)FfsBuffer;
   //
   // Align buffer on section boundary
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
index 75327569d7..94deae87e6 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
@@ -38,6 +38,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/LockBoxLib.h>
 #include <Library/CpuExceptionHandlerLib.h>
 #include <Library/DevicePathLib.h>
+#include <Library/DxeServicesTableLib.h>
 
 #include <Guid/AcpiS3Context.h>
 #include <Guid/BootScriptExecutorVariable.h>
-- 
2.15.1.windows.2