From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D6FD082219 for ; Mon, 20 Feb 2017 23:23:29 -0800 (PST) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga105.jf.intel.com with ESMTP; 20 Feb 2017 23:23:29 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.35,188,1484035200"; d="scan'208";a="67152738" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by orsmga005.jf.intel.com with ESMTP; 20 Feb 2017 23:23:29 -0800 Received: from fmsmsx102.amr.corp.intel.com (10.18.124.200) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.248.2; Mon, 20 Feb 2017 23:23:29 -0800 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by FMSMSX102.amr.corp.intel.com (10.18.124.200) with Microsoft SMTP Server (TLS) id 14.3.248.2; Mon, 20 Feb 2017 23:23:28 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX104.ccr.corp.intel.com ([10.239.4.70]) with mapi id 14.03.0248.002; Tue, 21 Feb 2017 15:23:26 +0800 From: "Fan, Jeff" To: "Yao, Jiewen" , "edk2-devel@lists.01.org" CC: "Kinney, Michael D" , Leif Lindholm , Ard Biesheuvel , "Zeng, Star" , "Tian, Feng" Thread-Topic: [PATCH V4 0/3] DXE Memory Protection Thread-Index: AQHSjA/I6oUpo4U31E68QXsTRoWsGqFzDpGg Date: Tue, 21 Feb 2017 07:23:26 +0000 Message-ID: <542CF652F8836A4AB8DBFAAD40ED192A4C5418A0@shsmsx102.ccr.corp.intel.com> References: <1487660229-4820-1-git-send-email-jiewen.yao@intel.com> In-Reply-To: <1487660229-4820-1-git-send-email-jiewen.yao@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOTRmNjFkNTYtZmZjMi00YTk5LWI5OGItYTMyNjMwMTk5NTQ1IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6Iml6TmRZOWNOVW4rNWo2RnlrQVVmNXpcL0xXRGpXUnZsSXVncmtjNmR6QTZ3PSJ9 x-ctpclassification: CTP_IC x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH V4 0/3] DXE Memory Protection X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Feb 2017 07:23:30 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jeff Fan -----Original Message----- From: Yao, Jiewen=20 Sent: Tuesday, February 21, 2017 2:57 PM To: edk2-devel@lists.01.org Cc: Fan, Jeff; Kinney, Michael D; Leif Lindholm; Ard Biesheuvel; Zeng, Star= ; Tian, Feng Subject: [PATCH V4 0/3] DXE Memory Protection =3D=3D=3D=3D V4 =3D=3D=3D=3D 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in anot= her series) 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) =3D=3D=3D=3D V3 =3D=3D=3D=3D 1) Add PCD for policy control (feedback from Ard Biesheuvel) (Discussed wit= h Mike Kinney) + # BIT0 - Image from unknown device.
+ # BIT1 - Image from firmware volume.
+ # @Prompt Set image protection policy. + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F + =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UIN + T32|0x00001047 2) Remove unused function in CpuDxe.(feedback from Liming Gao) 3) Add commit log on link option assumption (feedback from Feng Tian) 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) =3D=3D=3D=3D V2 =3D=3D=3D=3D 1) Clean up ArmPkg, (feedback from Leif Lindholm) =3D=3D=3D=3D V1 =3D=3D=3D=3D This series patch provides capability to protect PE/COFF image in DXE memor= y. If the UEFI image is page aligned, the image code section is set to read on= ly and the image data section is set to non-executable. The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect the ima= ge. Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal X64/= Tested OS: UEFI Win10, UEFI Ubuntu 16.04. Untested platform: ARM/AARCH64. Can ARM/AARCH64 owner help to take a look and try the ARM platform? Cc: Jeff Fan Cc: Michael Kinney Cc: Leif Lindholm Cc: Ard Biesheuvel Cc: Star Zeng Cc: Feng Tian Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao Jiewen Yao (3): UefiCpuPkg/CpuDxe: Add memory attribute setting. MdeModulePkg/dec: add PcdImageProtectionPolicy. MdeModulePkg/DxeCore: Add UEFI image protection. MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ M= deModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- MdeModulePkg/MdeModulePkg.dec | 10 + UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ 11 files changed, 1832 insertions(+), 87 deletions(-) create mode 100644 = MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c create mode 100644 Ue= fiCpuPkg/CpuDxe/CpuPageTable.h -- 2.7.4.windows.1