From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 13691D8027F for ; Wed, 30 Aug 2023 23:19:17 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=dandnKxV9NyX6HUhWcnK6JxusYZ6/QJv3W6YK/ltQEs=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693437556; v=1; b=G1rqAY0RQtpv7BR8FuVN0Px/oVCabs7usXWh0yvomaqzy6ucPPLFDlrrvqdx2/ATy+UIvrGf N+XZ/lUTmVNb2K05jUDNYrZqbrgep/s2e/Uomm54bEFkdPoZQ7PePjP7X0B+VH76ohi3joCAN47 SV9k8dpV9JE6FheJuzGDk1k0= X-Received: by 127.0.0.2 with SMTP id n7ikYY7687511xes6EwkB03L; Wed, 30 Aug 2023 16:19:16 -0700 X-Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.4869.1693437552925275693 for ; Wed, 30 Aug 2023 16:19:12 -0700 X-Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-68a3cae6d94so181020b3a.0 for ; Wed, 30 Aug 2023 16:19:12 -0700 (PDT) X-Gm-Message-State: O6lfm0Tz1V387gt5wRm56CaFx7686176AA= X-Google-Smtp-Source: AGHT+IF0mZH2Sh1aQtpUj8KaZjiM47GAADAbJ9Y9Y1cbueUCUzfTWzfZXIA+mNWTFwvgSOPiaVyUMg== X-Received: by 2002:a05:6a21:6da0:b0:11d:4c79:90ee with SMTP id wl32-20020a056a216da000b0011d4c7990eemr4424679pzb.25.1693437552154; Wed, 30 Aug 2023 16:19:12 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id x16-20020a62fb10000000b0064398fe3451sm102550pfm.217.2023.08.30.16.19.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Aug 2023 16:19:11 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Guo Dong , Sean Rhodes , James Lu , Gua Guo Subject: [edk2-devel] [PATCH v3 13/26] UefiPayloadPkg: Update DXE Handoff to use SetMemoryProtectionsLib Date: Wed, 30 Aug 2023 16:18:21 -0700 Message-ID: <20230830231851.779-14-taylor.d.beebe@gmail.com> In-Reply-To: <20230830231851.779-1-taylor.d.beebe@gmail.com> References: <20230830231851.779-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=G1rqAY0R; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none) Update the DXE handoff logic in UefiPayloadPkg to use SetMemoryProtectionsLib to fetch the platform memory protection settings and reference them when creating the page tables. Because the protection profile is equivalent to the PCD settings even when the platform does not explicitly set a profile, this updated does not cause a torn state. Signed-off-by: Taylor Beebe Cc: Guo Dong Cc: Sean Rhodes Cc: James Lu Cc: Gua Guo --- UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c | 11 +++++++++-- UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c | 2 ++ UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c | 8 ++++++-- UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c | 15 +++++++++------ UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h | 1 + UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf | 9 +-------- UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf | 9 +-------- UefiPayloadPkg/UefiPayloadPkg.dsc | 12 ++++++++++++ 8 files changed, 41 insertions(+), 26 deletions(-) diff --git a/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c b/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c index 61a9f01ec9e7..4ede962e6544 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c +++ b/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c @@ -78,6 +78,8 @@ GLOBAL_REMOVE_IF_UNREFERENCED IA32_DESCRIPTOR gLidtDescriptor = { 0 }; +extern MEMORY_PROTECTION_SETTINGS mMps; + /** Allocates and fills in the Page Directory and Page Table Entries to establish a 4G page table. @@ -227,11 +229,14 @@ ToBuildPageTable ( return TRUE; } - if (PcdGet8 (PcdHeapGuardPropertyMask) != 0) { + if (mMps.Dxe.HeapGuard.PageGuardEnabled || + mMps.Dxe.HeapGuard.PageGuardEnabled || + mMps.Dxe.HeapGuard.FreedMemoryGuardEnabled) + { return TRUE; } - if (PcdGetBool (PcdCpuStackGuard)) { + if (mMps.Dxe.CpuStackGuardEnabled) { return TRUE; } @@ -268,6 +273,8 @@ HandOffToDxeCore ( UINT32 Index; X64_IDT_TABLE *IdtTableForX64; + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is enabled. // diff --git a/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c b/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c index 898d610951fa..a4074346c059 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c +++ b/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c @@ -8,6 +8,8 @@ #include "UefiPayloadEntry.h" +MEMORY_PROTECTION_SETTINGS mMps = { 0 }; + /** Allocate pages for code. diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c b/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c index 346e3feb0459..002ae6e5ab97 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c @@ -17,6 +17,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "UefiPayloadEntry.h" #define STACK_SIZE 0x20000 +extern MEMORY_PROTECTION_SETTINGS mMps; + /** Transfers control to DxeCore. @@ -40,6 +42,8 @@ HandOffToDxeCore ( VOID *GhcbBase; UINTN GhcbSize; + GetCurrentMemoryProtectionSettings (&mMps); + // // Clear page 0 and mark it as allocated if NULL pointer detection is enabled. // @@ -83,8 +87,8 @@ HandOffToDxeCore ( // Set NX for stack feature also require PcdDxeIplBuildPageTables be TRUE // for the DxeIpl and the DxeCore are both X64. // - ASSERT (PcdGetBool (PcdSetNxForStack) == FALSE); - ASSERT (PcdGetBool (PcdCpuStackGuard) == FALSE); + ASSERT (!mMps.Dxe.StackExecutionProtectionEnabled); + ASSERT (!mMps.Dxe.CpuStackGuardEnabled); } if (FeaturePcdGet (PcdDxeIplBuildPageTables)) { diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c index 1899404b244c..6a986c82cc4b 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c @@ -27,11 +27,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include #include #include #include "VirtualMemory.h" +extern MEMORY_PROTECTION_SETTINGS mMps; + // // Global variable to keep track current available memory used as page table. // @@ -115,7 +118,7 @@ IsNullDetectionEnabled ( VOID ) { - return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) != 0); + return mMps.Dxe.NullPointerDetection.Enabled; } /** @@ -169,9 +172,9 @@ IsEnableNonExecNeeded ( // XD flag (BIT63) in page table entry is only valid if IA32_EFER.NXE is set. // Features controlled by Following PCDs need this feature to be enabled. // - return (PcdGetBool (PcdSetNxForStack) || - PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0 || - PcdGet32 (PcdImageProtectionPolicy) != 0); + return (mMps.Dxe.StackExecutionProtectionEnabled || + !IsZeroBuffer (&mMps.Dxe.ExecutionProtection.EnabledForType, MPS_MEMORY_TYPE_BUFFER_SIZE) || + (mMps.Dxe.ImageProtection.ProtectImageFromFv || mMps.Dxe.ImageProtection.ProtectImageFromUnknown)); } /** @@ -399,14 +402,14 @@ Split2MPageTo4K ( PageTableEntry->Bits.ReadWrite = 1; if ((IsNullDetectionEnabled () && (PhysicalAddress4K == 0)) || - (PcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K == StackBase))) + (mMps.Dxe.CpuStackGuardEnabled && (PhysicalAddress4K == StackBase))) { PageTableEntry->Bits.Present = 0; } else { PageTableEntry->Bits.Present = 1; } - if ( PcdGetBool (PcdSetNxForStack) + if ( mMps.Dxe.StackExecutionProtectionEnabled && (PhysicalAddress4K >= StackBase) && (PhysicalAddress4K < StackBase + StackSize)) { diff --git a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h index ad8a9fd22b66..c966f3583c77 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h +++ b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h @@ -13,6 +13,7 @@ #include #include +#include #include #include #include diff --git a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf index e2af8a4b7c1b..589dd9d3a99c 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf +++ b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf @@ -55,6 +55,7 @@ [LibraryClasses] PeCoffLib PlatformSupportLib CpuLib + SetMemoryProtectionsLib [Guids] gEfiMemoryTypeInformationGuid @@ -76,9 +77,6 @@ [FeaturePcd.X64] [Pcd.IA32,Pcd.X64] gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ## CONSUMES @@ -91,8 +89,3 @@ [Pcd.IA32,Pcd.X64] gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode - - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIMES_CONSUMES - diff --git a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf index 5112cdc1e5df..3e99011e0ac6 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf +++ b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf @@ -53,6 +53,7 @@ [LibraryClasses] HobLib PeCoffLib CpuLib + SetMemoryProtectionsLib [Guids] gEfiMemoryTypeInformationGuid @@ -81,17 +82,9 @@ [Pcd.IA32,Pcd.X64] gUefiPayloadPkgTokenSpaceGuid.PcdPcdDriverFile gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ## CONSUMES gUefiPayloadPkgTokenSpaceGuid.PcdPayloadFdMemBase gUefiPayloadPkgTokenSpaceGuid.PcdPayloadFdMemSize gUefiPayloadPkgTokenSpaceGuid.PcdSystemMemoryUefiRegionSize - - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIMES_CONSUMES - diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index 47812048ddcf..b00d75ba08db 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -312,6 +312,18 @@ [LibraryClasses] CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf +# +# Memory Protection Libraries +# +[LibraryClasses.common] + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf + +[LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER] + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf + +[LibraryClasses.common.DXE_CORE, LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_APPLICATION, LibraryClasses.common.UEFI_DRIVER] + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.inf + [LibraryClasses.common] !if $(BOOTSPLASH_IMAGE) SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf -- 2.42.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108167): https://edk2.groups.io/g/devel/message/108167 Mute This Topic: https://groups.io/mt/101064087/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-