From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 2A16A780091 for ; Fri, 18 Aug 2023 22:57:52 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=OzDxZPTtel6iDTNqFf8qBhZtLxrjxjgjmYBJLDYiO9Y=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1692399470; v=1; b=uZf1DI7YMlb+ny/eoWidf4B4RONeEQwOEiXZa0roMfusMunX4JRX/OWM8A9gvjlWICILoUXw x7SFtmmWec3jd64SLYUMZidVEbRuYitwrBnZ++NyIthZwi/T/ju+GxS59Q6vbC4PpEoOe2y/XGD I5bRz1NpO2GXMJ7kmWxWGEH8= X-Received: by 127.0.0.2 with SMTP id tkqbYY7687511xFKpMH0NvG5; Fri, 18 Aug 2023 15:57:50 -0700 X-Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web11.3230.1692397945372097087 for ; Fri, 18 Aug 2023 15:32:25 -0700 X-Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-68874269df4so1205687b3a.2 for ; Fri, 18 Aug 2023 15:32:25 -0700 (PDT) X-Gm-Message-State: QzFUQSPEh2VM7mtGzM7s8Bbhx7686176AA= X-Google-Smtp-Source: AGHT+IGS5QjFGivr2rKbPS103OQfHN44Q4aS6pfmoUmPdkXvNU6uzSsqS0WpjL4MhQYLXSJ0jrmv+Q== X-Received: by 2002:a05:6a20:1008:b0:133:cf5c:4d2e with SMTP id gs8-20020a056a20100800b00133cf5c4d2emr549586pzc.20.1692397944503; Fri, 18 Aug 2023 15:32:24 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 7-20020aa79207000000b0068779015507sm1989330pfo.194.2023.08.18.15.32.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 18 Aug 2023 15:32:24 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Abner Chang , Andrei Warkentin , Anatol Belski , Andrew Fish , Anthony Perard , Ard Biesheuvel , =?UTF-8?q?Corvin=20K=C3=B6hne?= , Dandan Bi , Eric Dong , Erdem Aktas , Gerd Hoffmann , Guo Dong , Gua Guo , James Bottomley , James Lu , Jian J Wang , Jianyong Wu , Jiewen Yao , Jordan Justen , Julien Grall , Leif Lindholm , Liming Gao , Michael Roth , Min Xu , Peter Grehan , Rahul Kumar , Ray Ni , Rebecca Cran , Sami Mujawar , Sean Rhodes , Sunil V L , Tom Lendacky Subject: [edk2-devel] [PATCH v2 00/25] Implement Dynamic Memory Protections Date: Fri, 18 Aug 2023 15:31:32 -0700 Message-ID: <20230818223159.1073-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=uZf1DI7Y; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io In the past, memory protection settings were configured via FixedAtBuild PCDs, which resulted in a build-time configuration of memory mitigations. This approach limited the flexibility of applying mitigations to the system and made it difficult to update or adjust the settings post-build. In a design, the configuration interface has been revised to allow for dynamic configuration. This is achieved by setting memory protections via a library interface which stores/updates the memory protection settings in a GUIDed HOB, which is then consumed during and after DXE handoff. This patch series adds two libraries: SetMemoryProtectionsLib: A PEIM that allows for setting/fetching memory protections and "locking" to prevent further updates via the library interface. The backing for the settings are a GUIDed HOB that is created by the library whenever its API is invoked. GetMemoryProtectionsLib: A DXE library that allows for getting the memory protection settings for the current boot. This library populates a global with the settings from the HOB entry (if present) for access in the module. Previous references to the PCDs are replaced with references to the global. OvmfPkg has been updated to allow the setting of the memory protection profile via QemuCfg instead of just the NxForStack setting. If no profile is passed, the platform will default to the Debug profile for DXE and Off profile for MM. ArmVirtPkg will use the Release profile. Reference: https://github.com/tianocore/edk2/pull/4566 Cc: Abner Chang Cc: Andrei Warkentin Cc: Anatol Belski Cc: Andrew Fish Cc: Anthony Perard Cc: Ard Biesheuvel Cc: Corvin Köhne Cc: Dandan Bi Cc: Eric Dong Cc: Erdem Aktas Cc: Gerd Hoffmann Cc: Guo Dong Cc: Gua Guo Cc: James Bottomley Cc: James Lu Cc: Jian J Wang Cc: Jianyong Wu Cc: Jiewen Yao Cc: Jordan Justen Cc: Julien Grall Cc: Leif Lindholm Cc: Liming Gao Cc: Michael Roth Cc: Min Xu Cc: Peter Grehan Cc: Rahul Kumar Cc: Ray Ni Cc: Rebecca Cran Cc: Sami Mujawar Cc: Sean Rhodes Cc: Sunil V L Cc: Tom Lendacky Taylor Beebe (25): MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions MdeModulePkg: Define SetMemoryProtectionsLib and GetMemoryProtectionsLib MdeModulePkg: Add NULL Instances for Get/SetMemoryProtectionsLib MdeModulePkg: Implement SetMemoryProtectionsLib and GetMemoryProtectionsLib MdeModulePkg: Apply Protections to the HOB List MdeModulePkg: Check Print Level Before Dumping GCD Memory Map UefiCpuPkg: Always Set Stack Guard in MpPei Init ArmVirtPkg: Add Memory Protection Library Definitions to Platforms OvmfPkg: Add Memory Protection Library Definitions to Platforms OvmfPkg: Apply Memory Protections via SetMemoryProtectionsLib OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib UefiPayloadPkg: Update DXE Handoff to use SetMemoryProtectionsLib MdeModulePkg: Update DXE Handoff to use SetMemoryProtectionsLib ArmPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs EmulatorPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs OvmfPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs UefiCpuPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs MdeModulePkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs MdeModulePkg: Add Additional Profiles to SetMemoryProtectionsLib OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib MdeModulePkg: Delete PCD Profile from SetMemoryProtectionsLib OvmfPkg: Delete Memory Protection PCDs ArmVirtPkg: Delete Memory Protection PCDs MdeModulePkg: Delete Memory Protection PCDs ArmPkg/Drivers/CpuDxe/CpuDxe.c | 5 +- ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c | 11 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 4 +- MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 22 +- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 46 +- MdeModulePkg/Core/Dxe/Mem/Page.c | 2 +- MdeModulePkg/Core/Dxe/Mem/Pool.c | 4 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 96 ++- MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c | 4 +- MdeModulePkg/Core/DxeIplPeim/DxeLoad.c | 2 + MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 9 +- MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 6 +- MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 16 +- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 29 +- MdeModulePkg/Core/PiSmmCore/Pool.c | 4 +- MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.c | 158 ++++ MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c | 29 + MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.c | 124 ++++ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c | 781 ++++++++++++++++++++ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c | 144 ++++ OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c | 5 +- OvmfPkg/Library/PeilessStartupLib/DxeLoad.c | 6 +- OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c | 59 +- OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c | 26 +- OvmfPkg/Library/PlatformInitLib/Platform.c | 15 - OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser.c | 11 + OvmfPkg/PlatformPei/IntelTdx.c | 2 - OvmfPkg/PlatformPei/Platform.c | 73 +- OvmfPkg/QemuVideoDxe/VbeShim.c | 3 +- OvmfPkg/TdxDxe/TdxDxe.c | 7 +- UefiCpuPkg/CpuDxe/CpuDxe.c | 2 +- UefiCpuPkg/CpuDxe/CpuMp.c | 2 +- UefiCpuPkg/CpuMpPei/CpuMpPei.c | 8 +- UefiCpuPkg/CpuMpPei/CpuPaging.c | 16 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTestCommon.c | 6 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerUnitTest.c | 15 + UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerUnitTest.c | 21 + UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 3 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 13 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 2 +- UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c | 11 +- UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c | 2 + UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c | 8 +- UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c | 15 +- ArmPkg/ArmPkg.dsc | 1 + ArmPkg/Drivers/CpuDxe/CpuDxe.inf | 2 +- ArmVirtPkg/ArmVirt.dsc.inc | 21 +- ArmVirtPkg/ArmVirtCloudHv.dsc | 5 - ArmVirtPkg/ArmVirtQemu.dsc | 5 - ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf | 1 + EmulatorPkg/EmulatorPkg.dsc | 3 +- MdeModulePkg/Core/Dxe/DxeMain.h | 1 + MdeModulePkg/Core/Dxe/DxeMain.inf | 9 +- MdeModulePkg/Core/DxeIplPeim/DxeIpl.h | 3 + MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 11 +- MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 + MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 4 +- MdeModulePkg/Include/Guid/MemoryProtectionSettings.h | 216 ++++++ MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h | 83 +++ MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h | 157 ++++ MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.inf | 34 + MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf | 25 + MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf | 34 + MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf | 37 + MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf | 25 + MdeModulePkg/MdeModulePkg.dec | 182 +---- MdeModulePkg/MdeModulePkg.dsc | 7 + MdeModulePkg/MdeModulePkg.uni | 153 ---- OvmfPkg/AmdSev/AmdSevX64.dsc | 4 +- OvmfPkg/Bhyve/BhyveX64.dsc | 4 +- OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf | 1 - OvmfPkg/CloudHv/CloudHvX64.dsc | 4 +- OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf | 4 +- OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc | 15 + OvmfPkg/Include/Library/PlatformInitLib.h | 13 - OvmfPkg/Include/Library/QemuFwCfgSimpleParserLib.h | 8 + OvmfPkg/IntelTdx/IntelTdxX64.dsc | 5 +- OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 6 +- OvmfPkg/Microvm/MicrovmX64.dsc | 5 +- OvmfPkg/OvmfPkgIa32.dsc | 4 +- OvmfPkg/OvmfPkgIa32X64.dsc | 4 +- OvmfPkg/OvmfPkgX64.dsc | 4 +- OvmfPkg/OvmfXen.dsc | 5 +- OvmfPkg/PlatformCI/PlatformBuildLib.py | 31 +- OvmfPkg/PlatformPei/PlatformPei.inf | 2 +- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf | 2 +- OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc | 13 - OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc | 2 + OvmfPkg/TdxDxe/TdxDxe.inf | 1 - UefiCpuPkg/CpuDxe/CpuDxe.h | 11 +- UefiCpuPkg/CpuDxe/CpuDxe.inf | 4 +- UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf | 3 - UefiCpuPkg/CpuMpPei/CpuMpPei.h | 3 +- UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf | 1 - UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTest.h | 13 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerLibUnitTest.inf | 2 +- UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerLibUnitTest.inf | 2 +- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 3 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 3 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h | 9 +- UefiCpuPkg/UefiCpuPkg.dec | 7 +- UefiCpuPkg/UefiCpuPkg.dsc | 2 + UefiCpuPkg/UefiCpuPkg.uni | 10 +- UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h | 1 + UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf | 9 +- UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf | 9 +- UefiPayloadPkg/UefiPayloadPkg.dsc | 12 + 113 files changed, 2404 insertions(+), 692 deletions(-) create mode 100644 MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.c create mode 100644 MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c create mode 100644 MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.c create mode 100644 MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c create mode 100644 MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c create mode 100644 MdeModulePkg/Include/Guid/MemoryProtectionSettings.h create mode 100644 MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h create mode 100644 MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h create mode 100644 MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.inf create mode 100644 MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf create mode 100644 MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf create mode 100644 MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf create mode 100644 MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf create mode 100644 OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc -- 2.41.0.windows.3 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107855): https://edk2.groups.io/g/devel/message/107855 Mute This Topic: https://groups.io/mt/100830898/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-