From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 194C281F5C for ; Mon, 27 Feb 2017 05:14:50 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx16.intmail.prod.int.phx2.redhat.com [10.5.11.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8B7577F368; Mon, 27 Feb 2017 13:14:50 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-99.phx2.redhat.com [10.3.116.99]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3F6BD2D655; Mon, 27 Feb 2017 13:14:48 +0000 (UTC) To: Ard Biesheuvel , edk2-devel@lists.01.org, jiewen.yao@intel.com, leif.lindholm@linaro.org References: <1488133805-4773-1-git-send-email-ard.biesheuvel@linaro.org> Cc: feng.tian@intel.com, afish@apple.com, liming.gao@Intel.com, michael.d.kinney@intel.com, star.zeng@intel.com From: Laszlo Ersek Message-ID: <2dc96130-ef05-e561-9121-dec7841adbda@redhat.com> Date: Mon, 27 Feb 2017 14:14:46 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <1488133805-4773-1-git-send-email-ard.biesheuvel@linaro.org> X-Scanned-By: MIMEDefang 2.74 on 10.5.11.28 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Mon, 27 Feb 2017 13:14:50 +0000 (UTC) Subject: Re: [PATCH v3 0/6] RFC: increased memory protection X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Feb 2017 13:14:50 -0000 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit On 02/26/17 19:29, Ard Biesheuvel wrote: > Hello all, > > This is a proof of concept implementation that removes all executable > permissions from writable memory regions, which greatly enhances security. > It is based on Jiewen's recent work, which is a step in the right direction, > but still leaves most of memory exploitable due to the default R+W+X > permissions. > > The idea is that the implementation of the CPU arch protocol goes over the > memory map and removes exec permissions from all regions that are not already > marked as 'code. This requires some preparatory work to ensure that the DxeCore > itself is covered by a BootServicesCode region, not a BootServicesData region. > Exec permissions are re-granted selectively, when the PE/COFF loader allocates > the space for it. Combined with Jiewen's code/data split, this removes all > RWX mapped regions. > > Changes since v2: > - added patch to make EBC use EfiBootServicesCode pool allocations for thunks > - redefine PCD according to Jiewen's feedback, including default value > - use sorted memory map and merge adjacent entries with the same policy, to > prevent unnecessary page table splitting > - ignore policy when executing in SMM > - refactor the logic for managing permission attributes of pool allocations > - added some R-b's > > Changes since v1: > - allocate code pages for PE/COFF images in PeiCore, so that DxeCore pages have > the expected memory type (as suggested by Jiewen) > - add patch to inhibit page table updates while syncing the GCD memory space > map with the page tables > - add PCD to set memory protection policy, which allows the policy for reserved > and ACPI/NVS memory to be configured separately > - move attribute manipulation into DxeCore page allocation code: this way, we > should be able to solve the EBC case by allocating BootServicesCode pool > memory explicitly. > > Series can be found here: > https://git.linaro.org/people/ard.biesheuvel/uefi-next.git/log/?h=memprot-take2 > > Note that to test this properly, the default value of 0 should be changed > to 0x7FD5, which applies non-exec permissions to everything except Efi*Code > regions. > > Ard Biesheuvel (6): > ArmPkg/CpuDxe: ignore attribute changes during SyncCacheConfig() > MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF > images > MdeModulePkg/EbcDxe: use EfiBootServicesCode memory for thunks > MdeModulePkg/DxeCore: use separate lock for pool allocations > MdeModulePkg: define PCD for DXE memory protection policy > MdeModulePkg/DxeCore: implement memory protection policy > > ArmPkg/Drivers/CpuDxe/CpuDxe.c | 3 + > ArmPkg/Drivers/CpuDxe/CpuDxe.h | 1 + > ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c | 4 + > MdeModulePkg/Core/Dxe/DxeMain.h | 24 ++ > MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + > MdeModulePkg/Core/Dxe/Mem/Page.c | 4 + > MdeModulePkg/Core/Dxe/Mem/Pool.c | 60 +++- > MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 306 +++++++++++++++++++- > MdeModulePkg/Core/Pei/Image/Image.c | 10 +- > MdeModulePkg/MdeModulePkg.dec | 31 ++ > MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c | 2 +- > MdeModulePkg/Universal/EbcDxe/EbcInt.c | 23 ++ > MdeModulePkg/Universal/EbcDxe/EbcInt.h | 14 + > MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c | 2 +- > MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c | 2 +- > MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c | 2 +- > 16 files changed, 471 insertions(+), 18 deletions(-) > with the default 0 value for the PCD: Regression-tested-by: Laszlo Ersek For testing I more or less used , plus booted a few guests on aarch64/KVM with this (Fedora 24, RHEL-7.3, openSUSE Tumbleweed). Thanks Laszlo