From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ard.biesheuvel@linaro.org>
Received: from mail-it0-x235.google.com (mail-it0-x235.google.com
 [IPv6:2607:f8b0:4001:c0b::235])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id C9D6F81FEA
 for <edk2-devel@ml01.01.org>; Mon, 27 Feb 2017 01:57:06 -0800 (PST)
Received: by mail-it0-x235.google.com with SMTP id h10so55463986ith.1
 for <edk2-devel@ml01.01.org>; Mon, 27 Feb 2017 01:57:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=ZLsWAzVwQF4tEgqj5YGuYMJj10WZxnwEw2wMaqpTj+8=;
 b=JRIZxF/dwiu8NYxhvbPgc+4HpsbNVxFfyeI3oSLI+MH6/Oa+nogSfvab4Tg4+TC9MI
 mwm4FbUOKISyKK1LS0BZtIDiCXcFbw1ACv+buqFU8YmXXrGMxAVMK3b0j1sgozs+5SIs
 ZU2grjXs8OBpedFNNFoSziyK7nDTG9sSgonvg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=ZLsWAzVwQF4tEgqj5YGuYMJj10WZxnwEw2wMaqpTj+8=;
 b=jy+syWlvIg4hPXoRf0TOnHfrQbyCwatKb1T5kw3ypx31FsBc80xL/x8tVPqQUJyD4w
 mu7YZZwIz2oBHG7235ynfJkMWxA9uXE3ak2U6TBE+es17zYr44OEoeZmPvAa62ROS5vw
 iY1S+PH0q+GLMQUlqQAORDKsQbPLlAZX+VKxT/OEe3yN9VzsKtYRvON3/OVKuhJ0xJxp
 RrbSpFril2FcZ54XGE7zigo1t65tf2it483GSNiRCcnxki60RtqYoe3UAWYzSd8Ihpq9
 lJRVPzYieY6DY/LdOAIDDVLAzcX0hinhI+niWs3gPS4jDRBhpzvtuptWuKrHkFrN/dt5
 jNQQ==
X-Gm-Message-State: AMke39m14dFk21S8dAW3sPI8QGuVe5w2kVWnIzVsALOZWaqN1M8+mVHPboU/kg8LfXAbI93xzfUjZ1aPteimIgX7
X-Received: by 10.36.107.194 with SMTP id v185mr12759152itc.59.1488189426117; 
 Mon, 27 Feb 2017 01:57:06 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.10.27 with HTTP; Mon, 27 Feb 2017 01:57:05 -0800 (PST)
In-Reply-To: <28c66a26-0415-c84d-b2c1-6aa29174afcf@redhat.com>
References: <1488133805-4773-1-git-send-email-ard.biesheuvel@linaro.org>
 <1488133805-4773-7-git-send-email-ard.biesheuvel@linaro.org>
 <28c66a26-0415-c84d-b2c1-6aa29174afcf@redhat.com>
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Mon, 27 Feb 2017 09:57:05 +0000
Message-ID: <CAKv+Gu-2mjHt6gJzRuJHYo+tj5uLwjt7F7PVYCvXWcoRNoEPeg@mail.gmail.com>
To: Laszlo Ersek <lersek@redhat.com>
Cc: "edk2-devel@lists.01.org" <edk2-devel@ml01.01.org>, "Yao,
 Jiewen" <jiewen.yao@intel.com>, 
 Leif Lindholm <leif.lindholm@linaro.org>, "Tian, Feng" <feng.tian@intel.com>, 
 "afish@apple.com" <afish@apple.com>, "Gao, Liming" <liming.gao@intel.com>, 
 "Kinney, Michael D" <michael.d.kinney@intel.com>, "Zeng,
 Star" <star.zeng@intel.com>
Subject: Re: [PATCH v3 6/6] MdeModulePkg/DxeCore: implement memory protection policy
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Feb 2017 09:57:07 -0000
Content-Type: text/plain; charset=UTF-8

On 27 February 2017 at 09:56, Laszlo Ersek <lersek@redhat.com> wrote:
> On 02/26/17 19:30, Ard Biesheuvel wrote:
>> This implements a DXE memory protection policy that ensure that regions
>> that don't require executable permissions are mapped with the non-exec
>> attribute set.
>>
>> First of all, it iterates over all entries in the UEFI memory map, and
>> removes executable permissions according to the configured DXE memory
>> protection policy, as recorded in PcdDxeMemoryProtectionPolicy.
>>
>> Secondly, it sets or clears the non-executable attribute when allocating
>> or freeing pages, both for page based or pool based allocations.
>>
>> Note that this complements the image protection facility, which applies
>> strict permissions to BootServicesCode/RuntimeServicesCode regions when
>> the section alignment allows it. The memory protection configured by this
>> patch operates on non-code regions only.
>>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>>  MdeModulePkg/Core/Dxe/DxeMain.h               |  24 ++
>>  MdeModulePkg/Core/Dxe/DxeMain.inf             |   1 +
>>  MdeModulePkg/Core/Dxe/Mem/Page.c              |   4 +
>>  MdeModulePkg/Core/Dxe/Mem/Pool.c              |   7 +
>>  MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 306 +++++++++++++++++++-
>>  5 files changed, 341 insertions(+), 1 deletion(-)
>
> [snip]
>
>> diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
>> index 371e91cb0d7e..30d5984f7c1f 100644
>> --- a/MdeModulePkg/Core/Dxe/DxeMain.inf
>> +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
>> @@ -191,6 +191,7 @@ [Pcd]
>>    gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath                 ## CONSUMES
>>    gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable                   ## CONSUMES
>>    gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy                   ## CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy             ## CONSUMES
>>
>>  # [Hob]
>>  # RESOURCE_DESCRIPTOR   ## CONSUMES
>
> The series doesn't build for  me:
>
> .../MdeModulePkg/Core/Dxe/DxeMain.inf(194): error 3000: PCD
> [gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy] in
> [.../MdeModulePkg/Core/Dxe/DxeMain.inf] is not found in dependent packages:
>                 .../MdePkg/MdePkg.dec
>         .../MdeModulePkg/MdeModulePkg.dec
>
> I think you forgot to add the .dec hunk to this patch.
>

Apologies. I got the name wrong in the .dec, but I did update the
branch I pushed to the link above with the only change being a fix for
this.