From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-it0-x22a.google.com (mail-it0-x22a.google.com [IPv6:2607:f8b0:4001:c0b::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A84C58213E for ; Tue, 21 Feb 2017 09:25:29 -0800 (PST) Received: by mail-it0-x22a.google.com with SMTP id 203so51044158ith.0 for ; Tue, 21 Feb 2017 09:25:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=iE3gNranazLh4TjRTSDXX4OkDfP+qekCFfm7Dxejd3s=; b=j0oWqGnKLYFUJF2Dz8HZA+EWTXUNyrLSHZLVvPtrrxUb6drHBZ8oLflBQmbiQMU509 ooNkN4AqcporeqIWpcu7NsAIqDX29f+6j0sLIm7euTq8DuCD0hRlFCIpKDpO2Dfic8Ir mDVkh91J16QemLz5FRaW08LKJVEsh4HPQqGCE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=iE3gNranazLh4TjRTSDXX4OkDfP+qekCFfm7Dxejd3s=; b=PJeoyce77x5pB1i6WPO8vKzV7Xg4m0+iDWVY2yMAOhWLVgLtwiV/JAM3DNCtmSsZUK +w14kOY7R3c/kGpAj0VTA8ve71flXjasrvIJrIxkwmPmxjO2Fs4FUfZ4ps2hMbJ6WPtV OJ0k0f62uH70JUWFRRtitXAg+yOykiEktYng81NdKMifVzKpXb8rbC/loBTlaCGm4tLL bLXIezX/t75u5Rvk5CBsR11I8zhCenMNEfdc7cG3GA4nDi6VrX5TW4jiWglaVGrBqHFn cP2fuW65ZhJND4lj3ZLHwwdiJAQQoDnTLg7Ucue2mHdqrQ97m0mcT7a3TiJgt/HNZ67a 1pGA== X-Gm-Message-State: AMke39kfOpnnWW0A/6bJC5GC6Ow797hS4zFbkD8yZGmV5TgCqDii7c97K67T8PK9IsnOFmg2xYks9vTOo8hYTRfw X-Received: by 10.107.168.25 with SMTP id r25mr2768541ioe.45.1487697925286; Tue, 21 Feb 2017 09:25:25 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.198.134 with HTTP; Tue, 21 Feb 2017 09:25:24 -0800 (PST) In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A8F2864@shsmsx102.ccr.corp.intel.com> References: <1487660229-4820-1-git-send-email-jiewen.yao@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8F2864@shsmsx102.ccr.corp.intel.com> From: Ard Biesheuvel Date: Tue, 21 Feb 2017 17:25:24 +0000 Message-ID: To: "Yao, Jiewen" Cc: Leif Lindholm , "edk2-devel@lists.01.org" , "Fan, Jeff" , "Kinney, Michael D" , "Zeng, Star" , "Tian, Feng" Subject: Re: [PATCH V4 0/3] DXE Memory Protection X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Feb 2017 17:25:29 -0000 Content-Type: text/plain; charset=UTF-8 On 21 February 2017 at 08:39, Yao, Jiewen wrote: > No problem. J > Pushed now. Thanks for you patience. > > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] > Sent: Tuesday, February 21, 2017 4:36 PM > To: Yao, Jiewen ; Leif Lindholm > > Cc: edk2-devel@lists.01.org; Fan, Jeff ; Kinney, Michael > D ; Zeng, Star ; Tian, Feng > > Subject: Re: [PATCH V4 0/3] DXE Memory Protection > > > > On 21 February 2017 at 06:57, Jiewen Yao wrote: >> ==== V4 ==== >> 1) Remove ARM patch. (Which was already submitted by Ard Biesheuvel in >> another series) >> 2) Unprotect RT image at ExitBootServices (feedback from Ard Biesheuvel) >> 3) Round up the ImageSize on protection (feedback from Ard Biesheuvel) >> > > Hello Jiewen, > > This works fine now on AARCH64. > > Tested-by: Ard Biesheuvel > > Could you please wait a little bit before merging this? Leif and I > need to get the AARCH64 prepatory patches merged first, but I am > hoping to do that today. > > Thanks, > Ard. > >> ==== V3 ==== >> 1) Add PCD for policy control (feedback from Ard Biesheuvel) >> (Discussed with Mike Kinney) >> + # BIT0 - Image from unknown device.
>> + # BIT1 - Image from firmware volume.
>> + # @Prompt Set image protection policy. >> + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F >> + >> gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 >> >> 2) Remove unused function in CpuDxe.(feedback from Liming Gao) >> 3) Add commit log on link option assumption (feedback from Feng Tian) >> 4) Rename file PageTableLib.h/.c to CpuPageTable.h/.c file (from Jeff Fan) >> 5) Remove multi-entrypoint usage (from Liming Gao/Mike Kinney) >> >> ==== V2 ==== >> 1) Clean up ArmPkg, (feedback from Leif Lindholm) >> >> ==== V1 ==== >> This series patch provides capability to protect PE/COFF image >> in DXE memory. >> If the UEFI image is page aligned, the image code section is set to read >> only and the image data section is set to non-executable. >> >> The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect >> the image. >> >> Tested platform: NT32/Quark IA32/OVMF IA32/OVMF IA32X64/Intel internal >> X64/ >> Tested OS: UEFI Win10, UEFI Ubuntu 16.04. >> >> Untested platform: ARM/AARCH64. >> Can ARM/AARCH64 owner help to take a look and try the ARM platform? >> >> >> Cc: Jeff Fan >> Cc: Michael Kinney >> Cc: Leif Lindholm >> Cc: Ard Biesheuvel >> Cc: Star Zeng >> Cc: Feng Tian >> Contributed-under: TianoCore Contribution Agreement 1.0 >> Signed-off-by: Jiewen Yao >> >> >> Jiewen Yao (3): >> UefiCpuPkg/CpuDxe: Add memory attribute setting. >> MdeModulePkg/dec: add PcdImageProtectionPolicy. >> MdeModulePkg/DxeCore: Add UEFI image protection. >> >> MdeModulePkg/Core/Dxe/DxeMain.h | 61 ++ >> MdeModulePkg/Core/Dxe/DxeMain.inf | 5 +- >> MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 5 +- >> MdeModulePkg/Core/Dxe/Image/Image.c | 7 +- >> MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 769 +++++++++++++++++++ >> MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 24 +- >> MdeModulePkg/MdeModulePkg.dec | 10 + >> UefiCpuPkg/CpuDxe/CpuDxe.c | 141 ++-- >> UefiCpuPkg/CpuDxe/CpuDxe.inf | 5 +- >> UefiCpuPkg/CpuDxe/CpuPageTable.c | 779 ++++++++++++++++++++ >> UefiCpuPkg/CpuDxe/CpuPageTable.h | 113 +++ >> 11 files changed, 1832 insertions(+), 87 deletions(-) >> create mode 100644 MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c >> create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.c >> create mode 100644 UefiCpuPkg/CpuDxe/CpuPageTable.h >> >> -- >> 2.7.4.windows.1 >>