From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.46513.1685355464268754848 for ; Mon, 29 May 2023 03:17:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=j8NeUpoc; spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id C5FD160AF5; Mon, 29 May 2023 10:17:43 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CB55AC433EF; Mon, 29 May 2023 10:17:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1685355463; bh=HcfSS7/rTtrm1QGJYei+KzR567ZKXVULJfAdjZcFo9k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=j8NeUpocfyPsQTRCuuHb7ETs3W0RyP8H+/n60vHMzXChPCiJpDQEfL1T4d/yqw502 rUzHaFuAuANwtfNnmnPeoRDCVOODac2q6BKt0HOvyDhYZ1gG2ieTeVLbbv/WwEmQAB RoyUSeUi6PFfJoDlx8pgTO1eYnOiH2+Wi0WBb1Ge0v+G+vJPIVFZg1fguz8hrh10ZW cpuRgkC5fRR7PDRmxG5X9PMVQlFES1dGHNoRoOGFkZJEWqKNNo7Gy5IE8Tqi+gwV0i fGJscqsGsH9dofZ+y0ops1ZZU+UCG7qeR5881WVY9dEm8r3FNPvS0m3oW3xQzc/Dnx kdCu5/UcWbYPw== From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Ray Ni , Jiewen Yao , Gerd Hoffmann , Taylor Beebe , Oliver Smith-Denny , Dandan Bi , Liming Gao , "Kinney, Michael D" , Leif Lindholm , Michael Kubacki Subject: [RFC PATCH 09/11] MdeModulePkg/DxeCore: Add PCD NX policy bit for default NX state Date: Mon, 29 May 2023 12:17:03 +0200 Message-Id: <20230529101705.2476949-10-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230529101705.2476949-1-ardb@kernel.org> References: <20230529101705.2476949-1-ardb@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Introduce a new bit in the NX memory protection policy PCD mask that specifies that the platform enters DXE with all unused and all non-code regions mapped with non-execute permissions. This removes the need to do a pass over all memory regions to update their NX memory attributes. Signed-off-by: Ard Biesheuvel --- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 7 +++++++ MdeModulePkg/MdeModulePkg.dec | 3 +++ 2 files changed, 10 insertions(+) diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index 7cc829b17402c2bc..983ed450f143d62d 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -861,6 +861,13 @@ InitializeDxeNxMemoryProtectionPolicy ( ASSERT (StackBase !=3D 0);=0D }=0D =0D + //=0D + // If the platform maps all DRAM non-execute by default, we are done her= e.=0D + //=0D + if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & BIT61) !=3D 0) {=0D + return;=0D + }=0D +=0D DEBUG ((=0D DEBUG_INFO,=0D "%a: applying strict permissions to active memory regions\n",=0D diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 2d72ac733d82195e..d2bd0cbb40300889 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -1416,12 +1416,15 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # EfiMemoryMappedIOPortSpace 0x1000
=0D # EfiPalCode 0x2000
=0D # EfiPersistentMemory 0x4000
=0D + # Default state 0x2000000000000000
=0D # OEM Reserved 0x4000000000000000
=0D # OS Reserved 0x8000000000000000
=0D #=0D # NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServi= cesCode / EfiRuntimeServicesCode.
=0D # User MUST set the same NX protection for EfiBootServicesData and= EfiConventionalMemory.
=0D #=0D + # If the platform enters DXE with all unused and non-code regions mapped= NX, bit 61 should be set.
=0D + #=0D # e.g. 0x7FD5 can be used for all memory except Code.
=0D # e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserve= d.
=0D #=0D --=20 2.39.2