From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 72507202E5CD3 for ; Thu, 26 Oct 2017 00:35:46 -0700 (PDT) Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga105.fm.intel.com with ESMTP; 26 Oct 2017 00:39:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.43,434,1503385200"; d="scan'208";a="1029584022" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga003.jf.intel.com with ESMTP; 26 Oct 2017 00:39:31 -0700 Received: from fmsmsx152.amr.corp.intel.com (10.18.125.5) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 26 Oct 2017 00:39:31 -0700 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by FMSMSX152.amr.corp.intel.com (10.18.125.5) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 26 Oct 2017 00:39:30 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.213]) by SHSMSX104.ccr.corp.intel.com ([169.254.5.152]) with mapi id 14.03.0319.002; Thu, 26 Oct 2017 15:39:29 +0800 From: "Wang, Jian J" To: "Zeng, Star" , "Yao, Jiewen" , "edk2-devel@lists.01.org" CC: "Kinney, Michael D" , "Wolman, Ayellet" , "Dong, Eric" Thread-Topic: [edk2] [PATCH v3 0/6] Implement heap guard feature Thread-Index: AQHTS5kKnTwecoWP+EeIq4s699pmr6LzSUuAgAHmVwCAAIZu0IAADdRA Date: Thu, 26 Oct 2017 07:39:28 +0000 Message-ID: References: <20171023005054.7528-1-jian.j.wang@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503AA04EF0@shsmsx102.ccr.corp.intel.com> <0C09AFA07DD0434D9E2A0C6AEB0483103B9AE4A9@shsmsx102.ccr.corp.intel.com> In-Reply-To: <0C09AFA07DD0434D9E2A0C6AEB0483103B9AE4A9@shsmsx102.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNWU5OTA2N2YtMGJjNS00YzQyLWEwNjAtNTY4N2ViMzZkNTdiIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJubjcxOVpZNkVPd0s3dTlEZWNtRmFCbG9YVVZ2aWVoOElnMWxXb2QrNTJidVwvbmZSWHBVcVNpZTBFblg2NyttSyJ9 x-ctpclassification: CTP_IC dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH v3 0/6] Implement heap guard feature X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Oct 2017 07:35:46 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks for the feedback. I'll change the patch order in v4. > -----Original Message----- > From: Zeng, Star > Sent: Thursday, October 26, 2017 2:53 PM > To: Yao, Jiewen ; Wang, Jian J ; > edk2-devel@lists.01.org > Cc: Kinney, Michael D ; Wolman, Ayellet > ; Dong, Eric ; Zeng, Star > > Subject: RE: [edk2] [PATCH v3 0/6] Implement heap guard feature >=20 > I suggest putting [3/6] at the first patch as it adds definitions that ar= e used by > other patches. >=20 > Thanks, > Star > -----Original Message----- > From: Yao, Jiewen > Sent: Thursday, October 26, 2017 2:49 PM > To: Wang, Jian J ; edk2-devel@lists.01.org > Cc: Kinney, Michael D ; Wolman, Ayellet > ; Dong, Eric ; Zeng, Star > ; Yao, Jiewen > Subject: RE: [edk2] [PATCH v3 0/6] Implement heap guard feature >=20 > That is great work. Jian. >=20 > Some suggestion for your consideration: >=20 > 0) I suggest add Laszlo to review SMM part, and add Ruiyu to review > SMM_MEMORY_ATTRIBUTE_PROTOCOL. >=20 > 1) Would you please mention what test we have done for this feature? > Such as OVMF/realPlatform? IA32/X64? >=20 > Have you validated NT32? Or try to enable protection? :-) >=20 > 2) Is that any dependency of this patch? > I think there is OPENSSL wrapper reallocate() issue not resolved yet. >=20 > I suggest we check in all dependent patch at first, then check in this on= e. >=20 > 3) If you need submit V4, please separate > MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h from 2/6 to be a > standalone patch. In general, an interface and an implementation are sepa= rated. >=20 >=20 > Thank you > Yao Jiewen >=20 >=20 >=20 > > -----Original Message----- > > From: Wang, Jian J > > Sent: Wednesday, October 25, 2017 9:48 AM > > To: Wang, Jian J ; edk2-devel@lists.01.org > > Cc: Kinney, Michael D ; Wolman, Ayellet > > ; Yao, Jiewen ; Dong, > > Eric ; Zeng, Star > > Subject: RE: [edk2] [PATCH v3 0/6] Implement heap guard feature > > > > Hi, > > > > Just a warm reminding. I didn't see any feedbacks on the v3 patch. > > If no more comments, I'll check in the patch soon. > > > > Thanks, > > Jian > > > > > -----Original Message----- > > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf > > > Of Jian J Wang > > > Sent: Monday, October 23, 2017 8:51 AM > > > To: edk2-devel@lists.01.org > > > Cc: Kinney, Michael D ; Wolman, Ayellet > > > ; Yao, Jiewen ; > > > Dong, Eric ; Zeng, Star > > > Subject: [edk2] [PATCH v3 0/6] Implement heap guard feature > > > > > > > Patch V3 changes: > > > > a. Add new protocol gEdkiiSmmMemoryAttributeProtocolGuid to do > > > > memory attributes update instead of doing it directly in > > > > SmmCore b. Fix GCC build error > > > > > > > Patch V2 changes: > > > > a. Remove local variable initializer with memory copy from globals > > > > b. Change map table dump code to use DEBUG_PAGE|DEBUG_POOL level > > > > message > > > > c. Fix malfunction in 32-bit boot mode d. Add comment for the use > > > > of mOnGuarding e. Change name of function InitializePageTableLib > > > > to > > > > InitializePageTableGlobals > > > > f. Add code in 32-bit code to bypass setting page table to > > > > read-only g. Coding style clean-up > > > > > > > > > > This feature makes use of paging mechanism to add a hidden (not > > > present) page just before and after the allocated memory block. If > > > the code tries to access memory outside of the allocated part, page > > > fault exception will be triggered. > > > > > > This feature is disabled by default and is not recommended to enable > > > it in production build of BIOS. > > > > > > Cc: Star Zeng > > > Cc: Eric Dong > > > Cc: Jiewen Yao > > > Cc: Michael Kinney > > > Cc: Ayellet Wolman > > > Suggested-by: Ayellet Wolman > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > > Signed-off-by: Jian J Wang > > > > > > Jian J Wang (6): > > > MdeModulePkg/DxeCore: Implement heap guard feature for UEFI > > > MdeModulePkg/PiSmmCore: Implement heap guard feature for SMM > > mode > > > MdeModulePkg/MdeModulePkg.dec,.uni: Add Protocol, PCDs and string > > > tokens > > > UefiCpuPkg/CpuDxe: Reduce debug message > > > UefiCpuPkg/PiSmmCpuDxeSmm: Disable page table protection > > > MdeModulePkg/DxeIpl: Enable paging for heap guard > > > > > > MdeModulePkg/Core/Dxe/DxeMain.inf | 4 + > > > MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 1184 > > > ++++++++++++++++ > > > MdeModulePkg/Core/Dxe/Mem/HeapGuard.h | 380 > > +++++ > > > MdeModulePkg/Core/Dxe/Mem/Imem.h | 38 +- > > > MdeModulePkg/Core/Dxe/Mem/Page.c | 130 +- > > > MdeModulePkg/Core/Dxe/Mem/Pool.c | 154 +- > > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 + > > > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 29 +- > > > MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 1469 > > > ++++++++++++++++++++ > > > MdeModulePkg/Core/PiSmmCore/HeapGuard.h | 399 > > ++++++ > > > MdeModulePkg/Core/PiSmmCore/Page.c | 51 +- > > > MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 7 +- > > > MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 81 +- > > > MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 8 + > > > MdeModulePkg/Core/PiSmmCore/Pool.c | 81 +- > > > MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h | 136 ++ > > > MdeModulePkg/MdeModulePkg.dec | 60 + > > > MdeModulePkg/MdeModulePkg.uni | 58 + > > > UefiCpuPkg/CpuDxe/CpuPageTable.c | 5 +- > > > UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 7 + > > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 20 + > > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 98 ++ > > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 2 + > > > UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 163 > > +++ > > > UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 3 +- > > > 25 files changed, 4472 insertions(+), 96 deletions(-) create mode > > > 100644 MdeModulePkg/Core/Dxe/Mem/HeapGuard.c > > > create mode 100644 MdeModulePkg/Core/Dxe/Mem/HeapGuard.h > > > create mode 100644 MdeModulePkg/Core/PiSmmCore/HeapGuard.c > > > create mode 100644 MdeModulePkg/Core/PiSmmCore/HeapGuard.h > > > create mode 100644 > > MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h > > > > > > -- > > > 2.14.1.windows.1 > > > > > > _______________________________________________ > > > edk2-devel mailing list > > > edk2-devel@lists.01.org > > > https://lists.01.org/mailman/listinfo/edk2-devel