From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from g2t2353.austin.hpe.com (g2t2353.austin.hpe.com [15.233.44.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3EDB921D492DE for ; Wed, 13 Sep 2017 09:30:48 -0700 (PDT) Received: from G4W9121.americas.hpqcorp.net (g4w9121.houston.hp.com [16.210.21.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by g2t2353.austin.hpe.com (Postfix) with ESMTPS id 75B99A0; Wed, 13 Sep 2017 16:33:45 +0000 (UTC) Received: from G1W8108.americas.hpqcorp.net (2002:10c1:483c::10c1:483c) by G4W9121.americas.hpqcorp.net (2002:10d2:1510::10d2:1510) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 13 Sep 2017 16:33:45 +0000 Received: from NAM01-BY2-obe.outbound.protection.outlook.com (15.241.52.10) by G1W8108.americas.hpqcorp.net (16.193.72.60) with Microsoft SMTP Server (TLS) id 15.0.1178.4 via Frontend Transport; Wed, 13 Sep 2017 16:33:45 +0000 Received: from DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM (10.162.192.29) by DF4PR84MB0250.NAMPRD84.PROD.OUTLOOK.COM (10.162.193.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.35.12; Wed, 13 Sep 2017 16:33:41 +0000 Received: from DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM ([10.162.192.29]) by DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM ([10.162.192.29]) with mapi id 15.20.0056.010; Wed, 13 Sep 2017 16:33:41 +0000 From: "Johnson, Brian (EXL - Eagan)" To: "Wang, Jian J" , "edk2-devel@lists.01.org" CC: "Justen@ml01.01.org" , Eric Dong , "Kinney@ml01.01.org" , Jordan L , "Wolman@ml01.01.org" , Jiewen Yao , Ayellet , Michael D , Laszlo Ersek , Star Zeng Thread-Topic: [edk2] [PATCH 3/4] IntelFrameworkModulePkg/Csm: Update CSM code to temporarily bypass NULL pointer detection if enabled. Thread-Index: AQHTLHJOjOUEth+KJE2/d8eN2npLN6KzAwXQ Date: Wed, 13 Sep 2017 16:33:41 +0000 Message-ID: References: <20170913092507.12504-1-jian.j.wang@intel.com> <20170913092507.12504-4-jian.j.wang@intel.com> In-Reply-To: <20170913092507.12504-4-jian.j.wang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=brian.johnson@hpe.com; x-originating-ip: [192.48.192.5] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DF4PR84MB0250; 6:X5UQX93ByHhEBWcX5Regm05RODZDFMbDEQ1ha9Qf5LSVG3m20/7isL97MgHkxS+rXsN4U3YT9bn5BvQhk+Jd7GP1yYjHYa+3LsQAHUXeYkY48EcaHTzQxRDX7JJTynco+FFMPHErArL/urAYiUsCHYUKd7SRpUj+k8j4S4P5I5+V/8tgshnma3GjM/PlRYHcKdEmPOTE+CalBrUG4BChYjQY3kuGV6xCVu6HNfrJnhBTKzSxYCRVfyZcihGs3JgrCyjw5XZvn4R+lhxqPT2H8hb4O1O8B7yeWvBq5g+g2J5wzkLcVEQtYNqRwPWMiYdPdHGPG7bLM6tp4SEVBar+jg==; 5:TwHBq7Dq8RNScXFXUe6gX0g6NncN9wcxG+rzrZZYVIvsEtHam99bqZFsSMgz/z5BxUpr56hBtT0uk4PYyJfAdXDcFLrXaIzDxYV/WLiTf48eGMFizzyUNoQXr3VZsJFip7ZIZjHuTE9nF6UnnQYmjA==; 24:FQERQRNMgGg4u03wzdGXwbZwlQdiA+p9Mic/qVaK+C+fHqr3PVQH0nbpcRsAoissvxcNK5QdygvcXpAfcNWlv7O/E8f9yPQDyYTvzQskZ58=; 7:dIb3v1E9gIbmMscogEr73TMZ6Xq1DZWiA1RLHoKhyP2C4UdlmozsjMPLa9O2riqpgtQAB4ZblkMG7cCT1PI6LKOjh2QcfzmNGcN6W1494QGHBNshryd5kPjBGebRN6Uzy2qgdq/RNRgipcfKyWOs2SjJMErElnOKszIc4wL+dp5s2knGBD4RZmt3x3iZPlUQlZ1gmILrxHQr3zyEm+EYf+cbnCoE/sa8yuRHMMvZ71w= x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 831cd09c-dfd5-435e-e1f4-08d4fac531ae x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(300000502095)(300135100095)(22001)(2017030254152)(48565401081)(300000503095)(300135400095)(2017052603199)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DF4PR84MB0250; x-ms-traffictypediagnostic: DF4PR84MB0250: x-exchange-antispam-report-test: UriScan:(227479698468861)(162533806227266)(228905959029699); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(6055026)(6041248)(20161123564025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123555025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DF4PR84MB0250; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DF4PR84MB0250; x-forefront-prvs: 042957ACD7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(346002)(376002)(366002)(13464003)(189002)(377454003)(199003)(8936002)(6506006)(77096006)(68736007)(6436002)(2900100001)(74316002)(966005)(81166006)(316002)(8676002)(7696004)(86362001)(15650500001)(575784001)(5660300001)(33656002)(25786009)(4326008)(189998001)(2950100002)(105586002)(9686003)(6306002)(3280700002)(2501003)(305945005)(101416001)(6116002)(102836003)(3846002)(3660700001)(55016002)(54906002)(106356001)(229853002)(53546010)(7736002)(76176999)(97736004)(14454004)(66066001)(478600001)(2906002)(6246003)(7416002)(53936002)(50986999)(81156014)(53946003)(54356999)(579004)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:DF4PR84MB0250; H:DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: hpe.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Sep 2017 16:33:41.4659 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-Transport-CrossTenantHeadersStamped: DF4PR84MB0250 X-OriginatorOrg: hpe.com Subject: Re: [PATCH 3/4] IntelFrameworkModulePkg/Csm: Update CSM code to temporarily bypass NULL pointer detection if enabled. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Sep 2017 16:30:48 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Acked-by: Brian J. Johnson -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Wang= , Jian J Sent: Wednesday, September 13, 2017 4:25 AM To: edk2-devel@lists.01.org Cc: Justen@ml01.01.org; Eric Dong ; Kinney@ml01.01.org= ; Jordan L ; Wolman@ml01.01.org; Jiewen Yao ; Ayellet ; Michael D ; Laszlo Ersek ; Star Zeng Subject: [edk2] [PATCH 3/4] IntelFrameworkModulePkg/Csm: Update CSM code to= temporarily bypass NULL pointer detection if enabled. CSM code has to access memory below 4096 (BDA, int vector, etc.). If NULL p= ointer detection is enabled, the page 0 must be enabled temporarily before = accessing it and disabled again afterwards. Otherwise page fault will be tr= iggered. Cc: Jiewen Yao Cc: Eric Dong Cc: Star Zeng Cc: Laszlo Ersek Cc: Justen, Jordan L Cc: Kinney, Michael D Cc: Wolman, Ayellet Suggested-by: Wolman, Ayellet Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wang, Jian J --- .../Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c | 10 +++- .../Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h | 18 +++++++ .../Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf | 2 + .../Csm/LegacyBiosDxe/LegacyBda.c | 4 ++ .../Csm/LegacyBiosDxe/LegacyBios.c | 55 ++++++++++++++++++= ---- .../Csm/LegacyBiosDxe/LegacyBiosDxe.inf | 2 + .../Csm/LegacyBiosDxe/LegacyBiosInterface.h | 23 +++++++++ .../Csm/LegacyBiosDxe/LegacyBootSupport.c | 33 ++++++++++--- .../Csm/LegacyBiosDxe/LegacyPci.c | 17 ++++++- IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c | 41 ++++++++++------ 10 files changed, 173 insertions(+), 32 deletions(-) diff --git a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard= .c b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c index 7308523ad8..96148ae367 100644 --- a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c +++ b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.c @@ -248,7 +248,7 @@ BiosKeyboardDriverBindingStart ( // // Allocate the private device structure // - BiosKeyboardPrivate =3D (BIOS_KEYBOARD_DEV *) AllocateZeroPool (sizeof= (BIOS_KEYBOARD_DEV)); + BiosKeyboardPrivate =3D (BIOS_KEYBOARD_DEV *) AllocateZeroPool (sizeof (= BIOS_KEYBOARD_DEV)); if (NULL =3D=3D BiosKeyboardPrivate) { Status =3D EFI_OUT_OF_RESOURCES; goto Done; @@ -281,6 +281,9 @@ BiosKeyboardDriverBindingStart ( BiosKeyboardPrivate->SimpleTextInputEx.UnregisterKeyNotify =3D BiosKeybo= ardUnregisterKeyNotify; =20 InitializeListHead (&BiosKeyboardPrivate->NotifyList); =20 + Status =3D gBS->LocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID **= ) &BiosKeyboardPrivate->Cpu); + ASSERT_EFI_ERROR(Status); + // // Report that the keyboard is being enabled // @@ -1842,7 +1845,9 @@ BiosKeyboardTimerHandler ( // // Clear the CTRL and ALT BDA flag // - KbFlag1 =3D *((UINT8 *) (UINTN) 0x417); // read the STATUS FLAGS 1 + DISABLE_NULL_DETECTION(BiosKeyboardPrivate); + + KbFlag1 =3D *((UINT8 *) (UINTN) 0x417); // read the STATUS FLAGS 1 KbFlag2 =3D *((UINT8 *) (UINTN) 0x418); // read STATUS FLAGS 2 =20 DEBUG_CODE ( @@ -1916,6 +1921,7 @@ BiosKeyboardTimerHandler ( KbFlag1 &=3D ~0x0C; =20 *((UINT8 *) (UINTN) 0x417) =3D KbFlag1;=20 =20 + ENABLE_NULL_DETECTION(BiosKeyboardPrivate); =20 // // Output EFI input key and shift/toggle state diff --git a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard= .h b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h index 0bf28ea140..b717ef676b 100644 --- a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h +++ b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/BiosKeyboard.h @@ -26,6 +26,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #include #include #include +#include =20 #include #include @@ -212,6 +213,7 @@ typedef struct { EFI_HANDLE Handle; EFI_LEGACY_BIOS_PROTOCOL *LegacyBios; EFI_ISA_IO_PROTOCOL *IsaIo; + EFI_CPU_ARCH_PROTOCOL *Cpu; EFI_SIMPLE_TEXT_INPUT_PROTOCOL SimpleTextIn; EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL SimpleTextInputEx; UINT16 DataRegisterAddress; @@ -242,6 +244,22 @@ typedef struct { BIOS_KEYBOARD_DEV_SIGNATURE \ ) =20 +// +// CSM needs to access memory between 0-4095, which will cause page fault = exception=20 +// if NULL pointer detection mechanism is enabled. Following macros can be= used +// to disable/enable NULL pointer detection before/after accessing those m= emory. +// +#define NULL_POINTER_DETECTION_ENABLED ((PcdGet8(PcdNullPointerDetectionP= ropertyMask) & BIT0) !=3D 0) +#define DISABLE_NULL_DETECTION(Instance) = \ + if (NULL_POINTER_DETECTION_ENABLED && (Instance)->Cpu !=3D NULL) { = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , 0); \ + } + =20 +#define ENABLE_NULL_DETECTION(Instance) = \ + if (NULL_POINTER_DETECTION_ENABLED && (Instance)->Cpu !=3D NULL) { = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , EFI_MEMORY_RP); \ + } + // // Global Variables // diff --git a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.= inf b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf index 4d4536466c..4291a10123 100644 --- a/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf +++ b/IntelFrameworkModulePkg/Csm/BiosThunk/KeyboardDxe/KeyboardDxe.inf @@ -67,12 +67,14 @@ gEfiSimpleTextInputExProtocolGuid ## BY_START gEfiLegacyBiosProtocolGuid ## CONSUMES gEfiPs2PolicyProtocolGuid ## SOMETIMES_CONSUMES + gEfiCpuArchProtocolGuid ## SOMETIMES_CONSUMES =20 [FeaturePcd] gEfiMdeModulePkgTokenSpaceGuid.PcdPs2KbdExtendedVerification|FALSE ## C= ONSUMES =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdFastPS2Detection ## S= OMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## C= ONSUMES =20 [UserExtensions.TianoCore."ExtraFiles"] KeyboardDxeExtra.uni diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c b/IntelF= rameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c index c45d5d4c3e..e7cee4b8a3 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBda.c @@ -34,6 +34,8 @@ LegacyBiosInitBda ( BDA_STRUC *Bda; UINT8 *Ebda; =20 + DISABLE_NULL_DETECTION(Private); + Bda =3D (BDA_STRUC *) ((UINTN) 0x400); Ebda =3D (UINT8 *) ((UINTN) 0x9fc00); =20 @@ -62,5 +64,7 @@ LegacyBiosInitBda ( =20 *Ebda =3D 0x01; =20 + ENABLE_NULL_DETECTION(Private); + return EFI_SUCCESS; } diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c b/Intel= FrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c index 3ead2d9828..c3ef542ea3 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c @@ -40,6 +40,7 @@ VOID *mRuntimeSmbiosEntryPoint =3D NULL; EFI_PHYSICAL_ADDRESS mReserveSmbiosEntryPoint =3D 0; EFI_PHYSICAL_ADDRESS mStructureTableAddress =3D 0; UINTN mStructureTablePages =3D 0; +BOOLEAN mEndOfDxe =3D FALSE; =20 /** Do an AllocatePages () of type AllocateMaxAddress for EfiBootServicesCod= e @@ -765,6 +766,26 @@ InstallSmbiosEventCallback ( } } =20 +/** + Callback function to toggle EndOfDxe status. NULL pointer detection need= s this=20 + status to decide if it's necessary to change attributes of page 0.=20 + + @param Event Event whose notification function is being= invoked. + @param Context The pointer to the notification function's= context, + which is implementation-dependent. + +**/ +VOID +EFIAPI +ToggleEndOfDxeStatus ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + mEndOfDxe =3D TRUE; + return; +} + /** Install Driver to produce Legacy BIOS protocol. =20 @@ -802,6 +823,7 @@ LegacyBiosInstall ( UINT64 Length; UINT8 *SecureBoot; EFI_EVENT InstallSmbiosEvent; + EFI_EVENT EndOfDxeEvent; =20 // // Load this driver's image to memory @@ -964,8 +986,10 @@ LegacyBiosInstall ( // Initialize region from 0x0000 to 4k. This initializes interrupt vecto= r // range. // - gBS->SetMem ((VOID *) ClearPtr, 0x400, INITIAL_VALUE_BELOW_1K); - ZeroMem ((VOID *) ((UINTN)ClearPtr + 0x400), 0xC00); + DISABLE_NULL_DETECTION(Private); + gBS->SetMem ((VOID *) ClearPtr, 0x400, INITIAL_VALUE_BELOW_1K); + ZeroMem ((VOID *) ((UINTN)ClearPtr + 0x400), 0xC00); + ENABLE_NULL_DETECTION(Private); =20 // // Allocate pages for OPROM usage @@ -1104,12 +1128,14 @@ LegacyBiosInstall ( // // Save Unexpected interrupt vector so can restore it just prior to boot // - BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE_V= ECTOR_MASTER); - Private->BiosUnexpectedInt =3D BaseVectorMaster[0]; - IntRedirCode =3D (UINT32) (UINTN) Private->IntThunk->InterruptRedirectio= nCode; - for (Index =3D 0; Index < 8; Index++) { - BaseVectorMaster[Index] =3D (EFI_SEGMENT (IntRedirCode + Index * 4) <<= 16) | EFI_OFFSET (IntRedirCode + Index * 4); - } + DISABLE_NULL_DETECTION(Private); + BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE= _VECTOR_MASTER); + Private->BiosUnexpectedInt =3D BaseVectorMaster[0]; + IntRedirCode =3D (UINT32) (UINTN) Private->IntThunk->InterruptRedirect= ionCode; + for (Index =3D 0; Index < 8; Index++) { + BaseVectorMaster[Index] =3D (EFI_SEGMENT (IntRedirCode + Index * 4) = << 16) | EFI_OFFSET (IntRedirCode + Index * 4); + } + ENABLE_NULL_DETECTION(Private); // // Save EFI value // @@ -1133,6 +1159,19 @@ LegacyBiosInstall ( ); ASSERT_EFI_ERROR (Status); =20 =20 + // + // Create callback to update status of EndOfDxe, which is needed by NULL= pointer detection + // + Status =3D gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + ToggleEndOfDxeStatus, + NULL, + &gEfiEndOfDxeEventGroupGuid, + &EndOfDxeEvent + ); + ASSERT_EFI_ERROR (Status); + // // Make a new handle and install the protocol // diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf b/= IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf index 48473a0713..10dc392800 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf @@ -108,6 +108,7 @@ gEfiDiskInfoIdeInterfaceGuid ## SOMETIMES_CONSUMES ##GU= ID #Used in LegacyBiosBuildIdeData() to assure device is a disk gEfiSmbiosTableGuid ## SOMETIMES_CONSUMES ##Sy= stemTable gEfiLegacyBiosGuid ## SOMETIMES_CONSUMES ##GU= ID #Used in LegacyBiosInstallVgaRom() to locate handle buffer + gEfiEndOfDxeEventGroupGuid =20 [Guids.IA32] gEfiAcpi20TableGuid ## SOMETIMES_CONSUMES ##Sy= stemTable @@ -147,6 +148,7 @@ gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdHighPmmMemorySize = ## CONSUMES gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdOpromReservedMemoryBase = ## CONSUMES gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdOpromReservedMemorySize = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask = ## CONSUMES =20 [Depex] gEfiLegacyRegion2ProtocolGuid AND gEfiLegacyInterruptProtocolGuid AND gE= fiLegacyBiosPlatformProtocolGuid AND gEfiLegacy8259ProtocolGuid AND gEfiGen= ericMemTestProtocolGuid AND gEfiCpuArchProtocolGuid AND gEfiTimerArchProtoc= olGuid AND gEfiVariableWriteArchProtocolGuid diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.= h b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h index fe9dd7463a..9d479309a4 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h @@ -108,6 +108,27 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EIT= HER EXPRESS OR IMPLIED. #define NORMALIZE_EFI_SEGMENT(_Adr) (UINT16) (((UINTN) (_Adr)) >> 4) #define NORMALIZE_EFI_OFFSET(_Adr) (UINT16) (((UINT16) ((UINTN) (_Ad= r))) & 0xf) =20 +// +// CSM needs to access memory between 0-4095, which will cause page fault = exception=20 +// if NULL pointer detection mechanism is enabled. Following macros can be= used +// to disable/enable NULL pointer detection before/after accessing those m= emory. +// +#define NULL_DETECTION_ENABLED = \ + ( ((mEndOfDxe =3D=3D FALSE) && ((PcdGet8(PcdNullPointerDetectionPropert= yMask) & BIT0) =3D=3D BIT0)) \ + || ((mEndOfDxe =3D=3D TRUE) && ((PcdGet8(PcdNullPointerDetectionPropert= yMask) & (BIT0|BIT7)) =3D=3D BIT0)) \ + ) +#define DISABLE_NULL_DETECTION(Instance) = \ + if (NULL_DETECTION_ENABLED) { = \ + DEBUG((DEBUG_INFO, "%a(): disable NULL detection\r\n", __func__)); = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , 0); \ + } + =20 +#define ENABLE_NULL_DETECTION(Instance) = \ + if (NULL_DETECTION_ENABLED) { = \ + (Instance)->Cpu->SetMemoryAttributes((Instance)->Cpu, 0, EFI_PAGE_SIZE= , EFI_MEMORY_RP); \ + DEBUG((DEBUG_INFO, "%a(): enable NULL detection\r\n", __func__)); = \ + } + // // Trace defines // @@ -509,6 +530,8 @@ extern BBS_TABLE *mBbsTable; =20 extern EFI_GENERIC_MEMORY_TEST_PROTOCOL *gGenMemoryTest; =20 +extern BOOLEAN mEndOfDxe; + #define PORT_70 0x70 #define PORT_71 0x71 =20 diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c = b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c index 1e098b3726..d381c2f735 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBootSupport.c @@ -1073,8 +1073,10 @@ GenericLegacyBoot ( // Use 182/10 to avoid floating point math. // LocalTime =3D (LocalTime * 182) / 10; - BdaPtr =3D (UINT32 *) (UINTN)0x46C; - *BdaPtr =3D LocalTime; + DISABLE_NULL_DETECTION(Private); + BdaPtr =3D (UINT32 *) (UINTN)0x46C; + *BdaPtr =3D LocalTime; + ENABLE_NULL_DETECTION(Private); =20 // // Shadow PCI ROMs. We must do this near the end since this will kick @@ -1320,6 +1322,7 @@ GenericLegacyBoot ( // set of TIANO vectors) or takes it over. // // + DISABLE_NULL_DETECTION(Private); BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE= _VECTOR_MASTER); for (Index =3D 0; Index < 8; Index++) { Private->ThunkSavedInt[Index] =3D BaseVectorMaster[Index]; @@ -1327,6 +1330,7 @@ GenericLegacyBoot ( BaseVectorMaster[Index] =3D (UINT32) (Private->BiosUnexpectedInt); } } + ENABLE_NULL_DETECTION(Private); =20 ZeroMem (&Regs, sizeof (EFI_IA32_REGISTER_SET)); Regs.X.AX =3D Legacy16Boot; @@ -1340,10 +1344,12 @@ GenericLegacyBoot ( 0 ); =20 + DISABLE_NULL_DETECTION(Private); BaseVectorMaster =3D (UINT32 *) (sizeof (UINT32) * PROTECTED_MODE_BASE= _VECTOR_MASTER); for (Index =3D 0; Index < 8; Index++) { BaseVectorMaster[Index] =3D Private->ThunkSavedInt[Index]; } + ENABLE_NULL_DETECTION(Private); } Private->LegacyBootEntered =3D TRUE; if ((mBootMode =3D=3D BOOT_LEGACY_OS) || (mBootMode =3D=3D BOOT_UNCONVEN= TIONAL_DEVICE)) { @@ -1731,9 +1737,11 @@ LegacyBiosBuildE820 ( // // First entry is 0 to (640k - EBDA) // - E820Table[0].BaseAddr =3D 0; - E820Table[0].Length =3D (UINT64) ((*(UINT16 *) (UINTN)0x40E) << 4); - E820Table[0].Type =3D EfiAcpiAddressRangeMemory; + DISABLE_NULL_DETECTION(Private); + E820Table[0].BaseAddr =3D 0; + E820Table[0].Length =3D (UINT64) ((*(UINT16 *) (UINTN)0x40E) << 4); + E820Table[0].Type =3D EfiAcpiAddressRangeMemory; + ENABLE_NULL_DETECTION(Private); =20 // // Second entry is (640k - EBDA) to 640k @@ -1967,6 +1975,8 @@ LegacyBiosCompleteBdaBeforeBoot ( UINT16 MachineConfig; DEVICE_PRODUCER_DATA_HEADER *SioPtr; =20 + DISABLE_NULL_DETECTION(Private); + Bda =3D (BDA_STRUC *) ((UINTN) 0x400); MachineConfig =3D 0; =20 @@ -2025,6 +2035,8 @@ LegacyBiosCompleteBdaBeforeBoot ( MachineConfig =3D (UINT16) (MachineConfig + 0x00 + 0x02 + (SioPtr-= >MousePresent * 0x04)); Bda->MachineConfig =3D MachineConfig; =20 + ENABLE_NULL_DETECTION(Private); + return EFI_SUCCESS; } =20 @@ -2049,15 +2061,20 @@ LegacyBiosUpdateKeyboardLedStatus ( UINT8 LocalLeds; EFI_IA32_REGISTER_SET Regs; =20 - Bda =3D (BDA_STRUC *) ((UINTN) 0x400); - Private =3D LEGACY_BIOS_INSTANCE_FROM_THIS (This); + + DISABLE_NULL_DETECTION(Private); + + Bda =3D (BDA_STRUC *) ((UINTN) 0x400); LocalLeds =3D Leds; Bda->LedStatus =3D (UINT8) ((Bda->LedStatus &~0x07) | LocalLeds); LocalLeds =3D (UINT8) (LocalLeds << 4); Bda->ShiftStatus =3D (UINT8) ((Bda->ShiftStatus &~0x70) | LocalLeds); LocalLeds =3D (UINT8) (Leds & 0x20); Bda->KeyboardStatus =3D (UINT8) ((Bda->KeyboardStatus &~0x20) | LocalLed= s); + + ENABLE_NULL_DETECTION(Private); + // // Call into Legacy16 code to allow it to do any processing // @@ -2102,7 +2119,9 @@ LegacyBiosCompleteStandardCmosBeforeBoot ( // to large capacity drives // CMOS 14 =3D BDA 40:10 plus bit 3(display enabled) // + DISABLE_NULL_DETECTION(Private); Bda =3D (UINT8)(*((UINT8 *)((UINTN)0x410)) | BIT3); + ENABLE_NULL_DETECTION(Private); =20 // // Force display enabled diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c b/IntelF= rameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c index 8ffdf0c1ff..2ca5dddf00 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyPci.c @@ -2279,6 +2279,7 @@ LegacyBiosInstallRom ( UINTN Function; EFI_IA32_REGISTER_SET Regs; UINT8 VideoMode; + UINT8 OldVideoMode; EFI_TIME BootTime; UINT32 *BdaPtr; UINT32 LocalTime; @@ -2299,6 +2300,7 @@ LegacyBiosInstallRom ( Device =3D 0; Function =3D 0; VideoMode =3D 0; + OldVideoMode =3D 0; PhysicalAddress =3D 0; MaxRomAddr =3D PcdGet32 (PcdEndOpromShadowAddress); =20 @@ -2401,6 +2403,8 @@ LegacyBiosInstallRom ( // 2. BBS compliants drives will not change 40:75 until boot time. // 3. Onboard IDE controllers will change 40:75 // + DISABLE_NULL_DETECTION(Private); + LocalDiskStart =3D (UINT8) ((*(UINT8 *) ((UINTN) 0x475)) + 0x80); if ((Private->Disk4075 + 0x80) < LocalDiskStart) { // @@ -2426,6 +2430,9 @@ LegacyBiosInstallRom ( // VideoMode =3D *(UINT8 *) ((UINTN) (0x400 + BDA_VIDEO_MODE)); } + + ENABLE_NULL_DETECTION(Private); + // // Notify the platform that we are about to scan the ROM // @@ -2466,9 +2473,11 @@ LegacyBiosInstallRom ( // Multiply result by 18.2 for number of ticks since midnight. // Use 182/10 to avoid floating point math. // + DISABLE_NULL_DETECTION(Private); LocalTime =3D (LocalTime * 182) / 10; BdaPtr =3D (UINT32 *) ((UINTN) 0x46C); *BdaPtr =3D LocalTime; + ENABLE_NULL_DETECTION(Private); =20 // // Pass in handoff data @@ -2564,7 +2573,11 @@ LegacyBiosInstallRom ( // // Set mode settings since PrepareToScanRom may change mode // - if (VideoMode !=3D *(UINT8 *) ((UINTN) (0x400 + BDA_VIDEO_MODE))) { + DISABLE_NULL_DETECTION(Private); + OldVideoMode =3D *(UINT8 *) ((UINTN) (0x400 + BDA_VIDEO_MODE)); + ENABLE_NULL_DETECTION(Private); + + if (VideoMode !=3D OldVideoMode) { // // The active video mode is changed, restore it to original mode. // @@ -2604,7 +2617,9 @@ LegacyBiosInstallRom ( } } =20 + DISABLE_NULL_DETECTION(Private); LocalDiskEnd =3D (UINT8) ((*(UINT8 *) ((UINTN) 0x475)) + 0x80); + ENABLE_NULL_DETECTION(Private); =20 // // Allow platform to perform any required actions after the diff --git a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c b/IntelFrame= workModulePkg/Csm/LegacyBiosDxe/Thunk.c index 3d9a8b9649..50f6247a99 100644 --- a/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c +++ b/IntelFrameworkModulePkg/Csm/LegacyBiosDxe/Thunk.c @@ -57,7 +57,11 @@ LegacyBiosInt86 ( IN EFI_IA32_REGISTER_SET *Regs ) { - UINT32 *VectorBase; + UINT16 Segment; + UINT16 Offset; + LEGACY_BIOS_INSTANCE *Private; + + Private =3D LEGACY_BIOS_INSTANCE_FROM_THIS (This); =20 Regs->X.Flags.Reserved1 =3D 1; Regs->X.Flags.Reserved2 =3D 0; @@ -72,12 +76,15 @@ LegacyBiosInt86 ( // The base address of legacy interrupt vector table is 0. // We use this base address to get the legacy interrupt handler. // - VectorBase =3D 0; + DISABLE_NULL_DETECTION(Private); + Segment =3D (UINT16)(((UINT32 *)0)[BiosInt] >> 16); + Offset =3D (UINT16)((UINT32 *)0)[BiosInt]; + ENABLE_NULL_DETECTION(Private); =20 return InternalLegacyBiosFarCall ( This, - (UINT16) ((VectorBase)[BiosInt] >> 16), - (UINT16) (VectorBase)[BiosInt], + Segment, + Offset, Regs, &Regs->X.Flags, sizeof (Regs->X.Flags) @@ -288,16 +295,22 @@ InternalLegacyBiosFarCall ( // EBDA base address, if the current EBDA base address is smaller, it in= dicates // PcdEbdaReservedMemorySize should be adjusted to larger for more OPROM= s. // - DEBUG_CODE ( - { - UINTN EbdaBaseAddress; - UINTN ReservedEbdaBaseAddress; - - EbdaBaseAddress =3D (*(UINT16 *) (UINTN) 0x40E) << 4; - ReservedEbdaBaseAddress =3D CONVENTIONAL_MEMORY_TOP - PcdGet32 (PcdE= bdaReservedMemorySize); - ASSERT (ReservedEbdaBaseAddress <=3D EbdaBaseAddress); - } - ); + if (!NULL_DETECTION_ENABLED) { + //=20 + // Only do following if NULL pointer detection is not enabled, because= it cannot=20 + // be disabled at this time due to current TPL(=3DTPL_HIGH_LEVEL). + // + DEBUG_CODE ( + { + UINTN EbdaBaseAddress; + UINTN ReservedEbdaBaseAddress; + + EbdaBaseAddress =3D (*(UINT16 *) (UINTN) 0x40E) << 4; + ReservedEbdaBaseAddress =3D CONVENTIONAL_MEMORY_TOP - PcdGet32 (Pc= dEbdaReservedMemorySize); + ASSERT (ReservedEbdaBaseAddress <=3D EbdaBaseAddress); + } + ); + } =20 if (Stack !=3D NULL && StackSize !=3D 0) { // --=20 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel