From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web11.6459.1685442315161194745 for ; Tue, 30 May 2023 03:25:15 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=R2LbJRNP; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: dun.tan@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685442315; x=1716978315; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=u4l3OiIQIrYbUlHYJ/WE9hty4U21KfKMetbVywDZZ5s=; b=R2LbJRNP6uX7HFtll/SkJfJvoPhIM5mcPKtjCWCkgnUizIh6rYL0YMiv 7z/OrszPXhVW98SOLGrsNz+Ai/sDJQtAO4x+P+c3GHrK4fyQEYzSVb6PL f5Ii4XwLRw4u1hUZI5ydAFImHkAud/pedk4ONFvZkMcHGvhTLavJuD1nb SkpB8IpUA3gVBEIs8A9kuCQJf55tv9BibEMmA7Lx+MKEV044vTCFbsWZv mZhDZelO7/Y0Jo1qegCStpToCVJqHZN6oe02uMYH9TB6M/VmuKaz61RMp qtGyMEuoupHlrdYLcLy+u250uASLhNdWk6OvWqqjNCfVc8EPZV/LElmZj Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10725"; a="441232656" X-IronPort-AV: E=Sophos;i="6.00,203,1681196400"; d="scan'208";a="441232656" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 May 2023 03:25:10 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10725"; a="796220452" X-IronPort-AV: E=Sophos;i="6.00,203,1681196400"; d="scan'208";a="796220452" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by FMSMGA003.fm.intel.com with ESMTP; 30 May 2023 03:25:09 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 30 May 2023 03:25:09 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 30 May 2023 03:25:08 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Tue, 30 May 2023 03:25:08 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.41) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Tue, 30 May 2023 03:25:08 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cDrf/sUG5QEBlR3F1Hg0zHrXdjBNHeLz6SYLRFyUgW7RZdh8kkV1eoXF+luvDiz8t/HTvxoi80kArO/NiPiYdNxIVgrTKTb0cUW1E3EH0ZFI1z0RT4X6DFCd9sJdEDBK1YPyWCHDk3+zwYGTaR0mvkvSzzUV68QqqM4frFUZYHEADifTp//aaY4efbnQWfReCC8HCEb6wEX25EcAgozWxYQ717ZjRMPjAzsnudeMJe0qESNvzWONBA7OCgOx0TbSbWpq5GTbY/8S72Vi/iPiRdoBX4DYyY1+as2pxUObM7B1EykQT1EpP2EAxeFHVxmGCEHwoxupfGdPquU9mmz/NA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Fy9z9OQ4Za994sUsG/zf04OWyHoCHDRy3y7qQpBKR3c=; b=POkpMhDdO4LAeM9JREZPuN7K06/9kAs0h/eEo+KlIT78Cweq07h+op0xSe4aBHbC5daxIM8SzqVP5ZG7XGFBgHKZxlPmHfaZkbS8XnEVvz4k7IQ13yQ4i4i30w98eBgwx4Jx1ifsqVT4nuq1JZj31FOdVB0BkujP5uMUiQv8nJX7erqMVj1je2lwtMbq3Zocr9Y4npqcsFul01aE40RChmJGGHj5bDC6GtQRZYIp9Ai9OLVLsU9vwbPP4aUcPnP4PaScLqrEHiI+CKP0RxhMe45q7ZGRnTlU4cfcPNpkt6KFFTF6iFABv4c/lC6qsYr6L4syTnQT6bIlf5/KB38eaA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by PH0PR11MB7167.namprd11.prod.outlook.com (2603:10b6:510:1e9::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23; Tue, 30 May 2023 10:25:05 +0000 Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::37e4:7a65:b8a7:c4ae]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::37e4:7a65:b8a7:c4ae%5]) with mapi id 15.20.6433.022; Tue, 30 May 2023 10:25:05 +0000 From: "duntan" To: "Ni, Ray" , Ard Biesheuvel , "devel@edk2.groups.io" CC: "Yao, Jiewen" , Gerd Hoffmann , Taylor Beebe , Oliver Smith-Denny , "Bi, Dandan" , "Gao, Liming" , "Kinney, Michael D" , Leif Lindholm , Sunil V L , "Warkentin, Andrei" Subject: Re: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX Thread-Topic: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX Thread-Index: AQHZkscK+rGkxlzfF0OHfQYWbi7CIK9yiIdw Date: Tue, 30 May 2023 10:25:05 +0000 Message-ID: References: <20230525143041.1172989-1-ardb@kernel.org> <20230525143041.1172989-10-ardb@kernel.org> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN9PR11MB5483:EE_|PH0PR11MB7167:EE_ x-ms-office365-filtering-correlation-id: d7f39e02-eee0-47cb-e5eb-08db60f8228f x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: nE4nY59N1u7NBmh46qoTpQHXXWRee4i+mPZsdaVkmiJL/PShwgx7K77EzAKSJ1f8+ujXGiqbjtiIlhr+GAFSKSTknU0Emb3rytMhV35+bPtpwMbV6Z747xk9Rvadq88uK1kr5mXLsCZmsSuV+jg3MQv7OdlvXVGXoOpmL7WiQ9HTKqTkZDfTmJd3RHa49zOabvejLdcvyii7ti9JC7oL+agQLtQe86VIt2+Z6glR9KWZDd9RpC/ojiulAvEiDLjI1JSMShVHRbY3dCAd0X19Q79eNIDpHEJ1eb1AgQxIaEIY6zomxY5h7JfeqBR+l48rq0n2O4B1kO+BvWHMMpr1QCyBIO+GMMpT54IaOfjIZ4H5etC09ihwL05lkKNeRu+ssm+h0fQYr69SPERyjUyq+WWqa/LmYn72G/YPxZDKUWY5NKNHTpmHqMsYFYeRjrX8+LXFdsiI15egNuPGJjSFrgJWuw5SodcGD3W4BL6vn2WFb7g45qPan4H7dBHbe/ulO+XplgiEy7X7+KWRO4PAterRvPq8vZPP/sDpjnuKBpLaxqI2KG5HMnUX+FTrALsJcQhtmBHF7CHo4UmCJdGZO02cu4q2NSwnnXzQ2RkdOe+GvptZ0x+S+b3RdYV0FefL x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN9PR11MB5483.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(136003)(376002)(39860400002)(396003)(366004)(346002)(451199021)(26005)(107886003)(38100700002)(41300700001)(7696005)(186003)(83380400001)(53546011)(9686003)(6506007)(478600001)(110136005)(54906003)(71200400001)(82960400001)(66556008)(66446008)(66476007)(76116006)(64756008)(4326008)(122000001)(55016003)(316002)(66946007)(5660300002)(8676002)(8936002)(52536014)(2906002)(86362001)(38070700005)(33656002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?u9jpdvUFc7bGjQVnUs8PnkD9PBi7cdcKSlGuPQW6WhEOUZe3XhWb5AX2h4e0?= =?us-ascii?Q?sb4bU/K46n7maeefbe/eRfHyx/RXlt+RfE7K/dSBjj54JTDC1c3iYLbQVR9T?= =?us-ascii?Q?yFMsYeEpBwW7w/TsTfiMghpEhE4+f4eh9k3JwYGbHwweSbhO7pllxjfyJMNc?= =?us-ascii?Q?E6R4sbDUs71WnHe8JMSHhX+Ss4r+6xhBXFieX4Q4wkaJ8ktQZKJqiAHwwgOC?= =?us-ascii?Q?wYfOPE8Z9ZFwgcaFJprUiZGIhfODuzTndvYQATxbiEuwnO0X6efndgJLyhVm?= =?us-ascii?Q?w4vNzEgON5bTCBJUjR1T9E1si4tEOZFrnBxv+UgApm5hf0WBfmm5xvq9ycXZ?= =?us-ascii?Q?UncGYAxe9bk7OEm+jowWXHVO79cxrJbKQh1cwz9fkGnbf05Wk7Q/WYGdpm70?= =?us-ascii?Q?qNWjYw/0qUcYTM4RMV6uAT4EdUrCFyXv7B0cE5S9u0UbW7x68e0XlPOmRSXW?= =?us-ascii?Q?aFP4MKmzX/NJs2vw2/r0eZW3y6KOARfu6N559CQybYhLBnkKzbeLVF3wDyk+?= =?us-ascii?Q?pvCsk1QpfvzsGqbOjWrJvS9mzFqvBztwUZUicadZlP0urLflFtCaUuUZWNOu?= =?us-ascii?Q?Wyrxgcv8RXCZS7EYnXIn4MPO36roOvSW5170zMgddxVi4SGAMT/6m7z3Z1x4?= =?us-ascii?Q?JIxWUnpglOYCwcT/5HdG+/Qh4DMg2XVDEIz9JUtxRiru5bsXmyKSbDOemSwN?= =?us-ascii?Q?vbX+YBGdzDSGm+rNzeJwM41KptNwSlZSCnprQ8ZHqUJaqGSH+mc6W34oHp6o?= =?us-ascii?Q?3UUR0fg/M8wcfOKUxApfpFH+Fu0o+mWjwA3OTta1KmEbj2UfMkXihCFYSbHz?= =?us-ascii?Q?tPyipDUUQKoQf0dfleMXza8VKXJ6z6cczFXDejmFoSXUf75GdYrVaLErNYjJ?= =?us-ascii?Q?wlxxdR+yu8smmzvrHMHa9xAJUg7CyiNY85bLpiByHVbX7BOLZfRXmi346rIR?= =?us-ascii?Q?jrnWEHrmYHCzjASIBI8AN3bp7Rh0yKGTz9sxPwfiWWMa8J9M8Grk6q3DjbO6?= =?us-ascii?Q?V00DqCUm63qjS2Osn3aQWiZJiITFEftzHh08+VTX6QtqTncjyrmVgCkBcdx/?= =?us-ascii?Q?mC86Ipu+Do6IdkK5onBiPhathI6GYNDH6x2i782W4cpe2Wi2pAGLtlVUCa8Y?= =?us-ascii?Q?7tlqgF0IUf7CRiFn9Wc8cDasI+zFYzX8kAM3uAYw+TG+8jwA4M3+ArJw21Qb?= =?us-ascii?Q?jq6ngMzvoTIc020NUNBF/RCZqRvf9XiuTdbzj4sQVSnTatNQ/DYSvx5KkdsU?= =?us-ascii?Q?gsFv0AAHgwBed+AylWsKdF43y09F6qq+/QLyuskmWWhzv/bDolaAHXJft5Pw?= =?us-ascii?Q?k4xgsoppPNthgrICtkPjqAPcDiIL3zRnuK4sGlSXXm17ol4bLan7eKr5YaHx?= =?us-ascii?Q?Cb0koD71KwcPnUoG91PWB7kzt2lBSmTctUoanJkN34ndTWAWAGnASdEBN/jw?= =?us-ascii?Q?iEbmIHjR+tYbToCV8lI3OlyJBel1eVWiY8TxYprdWFfJ5TRBaaWaTSEWr8Ij?= =?us-ascii?Q?Z5fJ+l2z1UUhz60aXymWQAnB9N1ogivPCHtD1aBrP89EGAzBbYP3ukx4teZ0?= =?us-ascii?Q?AJN9K+a6POWsT3dY/S8=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d7f39e02-eee0-47cb-e5eb-08db60f8228f X-MS-Exchange-CrossTenant-originalarrivaltime: 30 May 2023 10:25:05.0792 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: V6x5lDLmlzwYN+IQUTg/4XFiN/sehF8upw8mIasW7EY5wmQ9bnvR0JF4pU+64qHInSc8sUU4yl+rGZHaL6wlDQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB7167 Return-Path: dun.tan@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Ray,=20 I think using MemoryAttribute PPI also looks good for X64 DxeIpl.=20 The only question that comes to my mind is the AMD sev feature. Since the M= emoryAttribute can't handle the AMD sev feature requirements(remapping ghcb= range from non-1:1 mapping to 1:1-mapping), we may need to find an appropr= iate place to remap the Ghcb range. Thanks, Dun -----Original Message----- From: Ni, Ray =20 Sent: Tuesday, May 30, 2023 3:19 PM To: Ard Biesheuvel ; devel@edk2.groups.io; Tan, Dun Cc: Yao, Jiewen ; Gerd Hoffmann ; = Taylor Beebe ; Oliver Smith-Denny ;= Bi, Dandan ; Gao, Liming ; = Kinney, Michael D ; Leif Lindholm ; Sunil V L ; Warkentin, Andrei Subject: RE: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute PP= I to remap the stack NX Looks good. @Tan, Dun, can you please evaluate if using MemoryAttribute PPI, what opens= will there be for X64 DxeIpl? > -----Original Message----- > From: Ard Biesheuvel > Sent: Thursday, May 25, 2023 10:31 PM > To: devel@edk2.groups.io > Cc: Ard Biesheuvel ; Ni, Ray ; Yao,=20 > Jiewen ; Gerd Hoffmann ;=20 > Taylor Beebe ; Oliver Smith-Denny=20 > ; Bi, Dandan ; Gao, Liming=20 > ; Kinney, Michael D=20 > ; Leif Lindholm=20 > ; Sunil V L ;=20 > Warkentin, Andrei > Subject: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute=20 > PPI to remap the stack NX >=20 > If the associated PCD is set to TRUE, use the memory attribute PPI to=20 > remap the stack non-executable. This provides a generic method for=20 > doing so, which will be used by ARM and AArch64 as well once they move=20 > to the generic DxeIpl handoff implementation. >=20 > Signed-off-by: Ard Biesheuvel > --- > MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c | 29 ++++++++++++++++++-- > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +++- > 2 files changed, 30 insertions(+), 4 deletions(-) >=20 > diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > b/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > index a0f85ebea56e6cba..22caabb02840ba88 100644 > --- a/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > +++ b/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > @@ -2,12 +2,15 @@ > Generic version of arch-specific functionality for DxeLoad. >=20 >=20 >=20 > Copyright (c) 2006 - 2018, Intel Corporation. All rights=20 > reserved.
>=20 > +Copyright (c) 2023, Google, LLC. All rights reserved.
>=20 > SPDX-License-Identifier: BSD-2-Clause-Patent >=20 >=20 >=20 > **/ >=20 >=20 >=20 > #include "DxeIpl.h" >=20 >=20 >=20 > +#include >=20 > + >=20 > /** >=20 > Transfers control to DxeCore. >=20 >=20 >=20 > @@ -25,9 +28,10 @@ HandOffToDxeCore ( > IN EFI_PEI_HOB_POINTERS HobList >=20 > ) >=20 > { >=20 > - VOID *BaseOfStack; >=20 > - VOID *TopOfStack; >=20 > - EFI_STATUS Status; >=20 > + VOID *BaseOfStack; >=20 > + VOID *TopOfStack; >=20 > + EFI_STATUS Status; >=20 > + EDKII_MEMORY_ATTRIBUTE_PPI *MemoryPpi; >=20 >=20 >=20 > // >=20 > // Allocate 128KB for the Stack >=20 > @@ -35,6 +39,25 @@ HandOffToDxeCore ( > BaseOfStack =3D AllocatePages (EFI_SIZE_TO_PAGES (STACK_SIZE)); >=20 > ASSERT (BaseOfStack !=3D NULL); >=20 >=20 >=20 > + if (PcdGetBool (PcdSetNxForStack)) { >=20 > + Status =3D PeiServicesLocatePpi ( >=20 > + &gEdkiiMemoryAttributePpiGuid, >=20 > + 0, >=20 > + NULL, >=20 > + (VOID **)&MemoryPpi >=20 > + ); >=20 > + ASSERT_EFI_ERROR (Status); >=20 > + >=20 > + Status =3D MemoryPpi->SetPermissions ( >=20 > + MemoryPpi, >=20 > + (UINTN)BaseOfStack, >=20 > + STACK_SIZE, >=20 > + EFI_MEMORY_XP, >=20 > + 0 >=20 > + ); >=20 > + ASSERT_EFI_ERROR (Status); >=20 > + } >=20 > + >=20 > // >=20 > // Compute the top of the stack we were allocated. Pre-allocate a=20 > UINTN >=20 > // for safety. >=20 > diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > index 60c998be6c1bad01..7126a96d8378d1f8 100644 > --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > @@ -91,6 +91,7 @@ [Ppis] > gEfiPeiMemoryDiscoveredPpiGuid ## SOMETIMES_CONSUMES >=20 > gEdkiiPeiBootInCapsuleOnDiskModePpiGuid ## SOMETIMES_CONSUMES >=20 > gEdkiiPeiCapsuleOnDiskPpiGuid ## SOMETIMES_CONSUMES # Consu= med > on firmware update boot path >=20 > + gEdkiiMemoryAttributePpiGuid ## SOMETIMES_CONSUMES >=20 >=20 >=20 > [Guids] >=20 > ## SOMETIMES_CONSUMES ## Variable:L"MemoryTypeInformation" >=20 > @@ -117,10 +118,12 @@ [Pcd.IA32,Pcd.X64] > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize = ## CONSUMES >=20 >=20 >=20 > [Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64] >=20 > - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## > SOMETIMES_CONSUMES >=20 > gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ##=20 > SOMETIMES_CONSUMES >=20 > gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## > SOMETIMES_CONSUMES >=20 >=20 >=20 > +[Pcd] >=20 > + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## > SOMETIMES_CONSUMES >=20 > + >=20 > [Depex] >=20 > gEfiPeiLoadFilePpiGuid AND gEfiPeiMasterBootModePpiGuid >=20 >=20 >=20 > -- > 2.39.2