From: "Taylor Beebe" <taylor.d.beebe@gmail.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>
Subject: [edk2-devel] [PATCH v4 03/28] MdeModulePkg: Add NULL Instances for Get/SetMemoryProtectionsLib
Date: Tue, 19 Sep 2023 17:57:26 -0700 [thread overview]
Message-ID: <20230920005752.2041-4-taylor.d.beebe@gmail.com> (raw)
In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com>
The NULL instances for GetMemoryProtectionsLib and
SetMemoryProtectionsLib just zero out the memory protections
structure effectively disabling memory protections.
Signed-off-by: Taylor Beebe <taylor.d.beebe@gmail.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
---
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c | 29 ++++
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c | 144 ++++++++++++++++++++
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf | 25 ++++
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf | 25 ++++
MdeModulePkg/MdeModulePkg.dsc | 4 +
5 files changed, 227 insertions(+)
diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
new file mode 100644
index 000000000000..af341c2c893d
--- /dev/null
+++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
@@ -0,0 +1,29 @@
+/** @file
+NULL implementation for GetMemoryProtectionsLib
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Uefi.h>
+#include <Library/GetMemoryProtectionsLib.h>
+
+MEMORY_PROTECTION_SETTINGS_UNION gMps = { 0 };
+
+/**
+ Populates gMps global. This function is invoked by the library constructor and only needs to be
+ called if library contructors have not yet been invoked.
+
+ @retval EFI_SUCCESS gMps global was populated.
+ @retval EFI_NOT_FOUND The gMemoryProtectionSettingsGuid HOB was not found.
+ @retval EFI_ABORTED The version number of the DXE or MM memory protection settings was invalid.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+PopulateMpsGlobal (
+ VOID
+ )
+{
+ return EFI_UNSUPPORTED;
+}
diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
new file mode 100644
index 000000000000..0d3a32d70209
--- /dev/null
+++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
@@ -0,0 +1,144 @@
+/** @file
+Library for setting the memory protection settings for DXE.
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Uefi.h>
+#include <Library/SetMemoryProtectionsLib.h>
+
+DXE_MEMORY_PROTECTION_PROFILES DxeMemoryProtectionProfiles[DxeMemoryProtectionSettingsMax] = { 0 };
+MM_MEMORY_PROTECTION_PROFILES MmMemoryProtectionProfiles[MmMemoryProtectionSettingsMax] = { 0 };
+
+/**
+ Prevent further changes to the memory protection settings via this
+ library API.
+
+ @retval EFI_SUCCESS The memory protection settings are locked.
+ @retval EFI_ABORTED Unable to get/create the memory protection settings.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+LockMemoryProtectionSettings (
+ VOID
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Sets the DXE memory protection settings. If DxeMps is NULL, the settings will be set based
+ on ProfileIndex.
+
+ @param[in] DxeMps Pointer to the memory protection settings to publish. If NULL, the
+ settings will be created based on ProfileIndex.
+ @param[in] ProfileIndex The index of the memory protection profile to use if DxeMps is NULL.
+
+ @retval EFI_SUCCESS The memory protection HOB was successfully created.
+ @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the version number of the
+ input DxeMps was not equal to the version currently present
+ in the settings.
+ @retval EFI_ABORTED Unable to get/create the memory protection settings.
+ @retval EFI_ACCESS_DENIED The memory protection settings are locked.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+SetDxeMemoryProtectionSettings (
+ IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps OPTIONAL,
+ IN DXE_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Sets the MM memory protection HOB entry. If MmMps is NULL, the settings will be set based
+ on ProfileIndex.
+
+ @param[in] MmMps Pointer to the memory protection settings to publish. If NULL, the
+ settings will be created based on ProfileIndex.
+ @param[in] ProfileIndex The index of the memory protection profile to use if MmMps is NULL.
+
+ @retval EFI_SUCCESS The memory protection HOB was successfully created.
+ @retval EFI_OUT_OF_RESOURCES There was insufficient memory to create the HOB.
+ @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the version number of the
+ input MmMps was not equal to the version currently present
+ in the settings.
+ @retval EFI_ABORTED Unable to get/create the memory protection settings.
+ @retval EFI_ACCESS_DENIED The memory protection settings are locked.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+SetMmMemoryProtectionSettings (
+ IN MM_MEMORY_PROTECTION_SETTINGS *MmMps OPTIONAL,
+ IN MM_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Copies the current memory protection settings into the input buffer.
+
+ NOTE: The returned settings may not be the final settings used by the
+ platform on this boot. Unless LockMemoryProtectionSettings() has
+ been called, settings may be modified by drivers until DXE handoff.
+
+ @param[out] Mps The memory protection settings pointer to populate.
+
+ @retval EFI_SUCCESS The memory protection settings were copied
+ into the input buffer.
+ @retval EFI_INVALID_PARAMETER Mps was NULL.
+ @retval EFI_ABORTED Unable to get/create the memory protection settings.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+GetCurrentMemoryProtectionSettings (
+ OUT MEMORY_PROTECTION_SETTINGS *Mps
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Returns TRUE any form of DXE memory protection is currently active.
+
+ NOTE: The returned value may reflect the final settings used by the
+ platform on this boot. Unless LockMemoryProtectionSettings() has
+ been called, settings may be modified by drivers until DXE handoff.
+
+ @retval TRUE DXE Memory protection is active.
+ @retval FALSE DXE Memory protection is not active.
+**/
+BOOLEAN
+EFIAPI
+IsDxeMemoryProtectionActive (
+ VOID
+ )
+{
+ return FALSE;
+}
+
+/**
+ Returns TRUE any form of MM memory protection is currently active.
+
+ NOTE: The returned value may reflect the final settings used by the
+ platform on this boot. Unless LockMemoryProtectionSettings() has
+ been called, settings may be modified by drivers until DXE handoff.
+
+ @retval TRUE MM Memory protection is active.
+ @retval FALSE MM Memory protection is not active.
+**/
+BOOLEAN
+EFIAPI
+IsMmMemoryProtectionActive (
+ VOID
+ )
+{
+ return FALSE;
+}
diff --git a/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
new file mode 100644
index 000000000000..e7161412d9dc
--- /dev/null
+++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
@@ -0,0 +1,25 @@
+## @file
+# NULL implementation for GetMemoryProtectionsLib
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = GetMemoryProtectionsLibNull
+ FILE_GUID = C21A27EE-37DD-4024-8EDA-8BF5088C8CB1
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = GetMemoryProtectionsLib
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ GetMemoryProtectionsLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
diff --git a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
new file mode 100644
index 000000000000..fa660abe3b64
--- /dev/null
+++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
@@ -0,0 +1,25 @@
+## @file
+# Library for setting the memory protection settings for DXE.
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SetMemoryProtectionsLibNull
+ FILE_GUID = CBD02C10-1F4B-4374-A7B2-BB2547C08433
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = SetMemoryProtectionsLib|SEC PEI_CORE PEIM
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ SetMemoryProtectionsLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index c7af921782ee..0b5f2414dd72 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -106,6 +106,8 @@ [LibraryClasses]
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
IpmiCommandLib|MdeModulePkg/Library/BaseIpmiCommandLibNull/BaseIpmiCommandLibNull.inf
+ GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
+ SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
[LibraryClasses.EBC.PEIM]
IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
@@ -231,6 +233,8 @@ [Components]
MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf
+ MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
+ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf
MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
--
2.42.0.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#108865): https://edk2.groups.io/g/devel/message/108865
Mute This Topic: https://groups.io/mt/101469940/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-09-20 0:58 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-20 0:57 [edk2-devel] [PATCH v4 00/28] Implement Dynamic Memory Protection Settings Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 01/28] MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 02/28] MdeModulePkg: Define SetMemoryProtectionsLib and GetMemoryProtectionsLib Taylor Beebe
2023-09-20 0:57 ` Taylor Beebe [this message]
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 04/28] MdeModulePkg: Implement " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 05/28] MdeModulePkg: Copy PEI PCD Database Into New Buffer Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 06/28] MdeModulePkg: Apply Protections to the HOB List Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 07/28] MdeModulePkg: Check Print Level Before Dumping GCD Memory Map Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 08/28] UefiCpuPkg: Always Set Stack Guard in MpPei Init Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 09/28] ArmVirtPkg: Add Memory Protection Library Definitions to Platforms Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 10/28] OvmfPkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 11/28] OvmfPkg: Apply Memory Protections via SetMemoryProtectionsLib Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 12/28] OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 13/28] UefiPayloadPkg: Update DXE Handoff " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 14/28] MdeModulePkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 15/28] ArmPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 16/28] EmulatorPkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 17/28] OvmfPkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 18/28] UefiCpuPkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 19/28] MdeModulePkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 20/28] MdeModulePkg: Add Additional Profiles to SetMemoryProtectionsLib Taylor Beebe
2023-09-27 8:19 ` Gerd Hoffmann
2023-09-29 19:52 ` Taylor Beebe
2023-10-04 8:46 ` Gerd Hoffmann
2023-10-04 16:31 ` Taylor Beebe
2023-10-05 8:20 ` Laszlo Ersek
2023-10-05 9:29 ` Gerd Hoffmann
2023-10-05 10:23 ` Gerd Hoffmann
2023-10-05 12:57 ` Laszlo Ersek
2023-10-08 20:26 ` Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 21/28] OvmfPkg: Add QemuFwCfgParseString to QemuFwCfgSimpleParserLib Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 22/28] OvmfPkg: Add MemoryProtectionConfigLib Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 23/28] OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 24/28] ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 25/28] MdeModulePkg: Delete PCD Profile from SetMemoryProtectionsLib Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 26/28] OvmfPkg: Delete Memory Protection PCDs Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 27/28] ArmVirtPkg: " Taylor Beebe
2023-09-20 0:57 ` [edk2-devel] [PATCH v4 28/28] MdeModulePkg: " Taylor Beebe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230920005752.2041-4-taylor.d.beebe@gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox