From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from g4t3425.houston.hpe.com (g4t3425.houston.hpe.com [15.241.140.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id EB61021E11D07 for ; Tue, 29 Aug 2017 08:14:17 -0700 (PDT) Received: from G2W6311.americas.hpqcorp.net (g2w6311.austin.hp.com [16.197.64.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by g4t3425.houston.hpe.com (Postfix) with ESMTPS id A6B38B4 for ; Tue, 29 Aug 2017 15:16:57 +0000 (UTC) Received: from G9W4608.americas.hpqcorp.net (2002:10d8:a08f::10d8:a08f) by G2W6311.americas.hpqcorp.net (2002:10c5:4035::10c5:4035) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 29 Aug 2017 15:16:36 +0000 Received: from G4W10205.americas.hpqcorp.net (16.207.82.15) by G9W4608.americas.hpqcorp.net (16.216.160.143) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 29 Aug 2017 15:16:36 +0000 Received: from NAM03-CO1-obe.outbound.protection.outlook.com (15.241.52.12) by G4W10205.americas.hpqcorp.net (16.207.82.15) with Microsoft SMTP Server (TLS) id 15.0.1178.4 via Frontend Transport; Tue, 29 Aug 2017 15:16:35 +0000 Received: from DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM (10.162.192.29) by DF4PR84MB0233.NAMPRD84.PROD.OUTLOOK.COM (10.162.193.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1385.9; Tue, 29 Aug 2017 15:16:33 +0000 Received: from DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM ([10.162.192.29]) by DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM ([10.162.192.29]) with mapi id 15.01.1385.014; Tue, 29 Aug 2017 15:16:33 +0000 From: "Johnson, Brian (EXL - Eagan)" To: "Yao, Jiewen" , "Wang, Jian J" , "edk2-devel@lists.01.org" Thread-Topic: [edk2] [PATCH 0/2] Implement NULL pointer detection feature Thread-Index: AQHTH6iYqSMZzfKr2UKq1NoCvUgNjKKZFvgAgAAD+YCAAAQggIACRs+Q Date: Tue, 29 Aug 2017 15:16:33 +0000 Message-ID: References: <20170828025109.5032-1-jian.j.wang@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A9A0884@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A9A09CB@shsmsx102.ccr.corp.intel.com> In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A9A09CB@shsmsx102.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=brian.johnson@hpe.com; x-originating-ip: [192.48.192.5] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; DF4PR84MB0233; 6:FlmXxHJ0kn5YWvY7u3ncbGdYWZBdQ2CZbnt/pCl1qe2vkaYY9C14FRLlXlg+qrVW6CZyBLRO1ymLk4K7lAVYvuCOFGi2AWg4sLlH0PV/C/SywL5GqjJLEJPcus5ATYhuHwVJErPk1mpNLswM0K+4UYePcPSCiyREDf86z3lC7P3FZ6tmh1lap1CGSEtNpLfHVIyqV+pJfrPuycOrSBaamTEFWQPRjnOtKX/zFVoq3tdv0Md8lYdUu3IcYcPJINwyoapBvz7ikznAnRdtdPgI5L7j8/6eBUfKDedefQC0bkgErJlKWsUWaL/ZQHsjvWERM570eM8c1kLFnZ3bJg97LQ==; 5:bT/xxMQO4r0/TE9ICm7G6oENmcy2djX8OUJWKxJug7aeJpntxUdRtbeomfZ33Y8gealDffvDS2II/aya6TSYi0mcSXMQUAJF54HIri52cWWx0/lSEu/uDpUQvbzH7es73JNzWBBayiID1AK7HpZkGA==; 24:6RFLfxddUAhGKJnKbP+tAkCbEfovYOoItRdRkc0FQHWiJnWWc5yOaxyutlOr3MTjRKs18hwNKZdV0prKbVhBT4YbMuqEDcldCZ5KtSjyBlc=; 7:NeQFQzSmd9LeXbF88tJFfgFxyAKPyAgWF7ongR1q3cio1BU8dJ66sPIHW32edOvOK5arfnTwTevzL7J4Ka/QXzFCl4u38pTGOTxGXLckaCa5/nwUqjsixKGqzRsR12etbSjGP5YcJ4JnQ6jewT0k9MwuNS3LVBbJAunN3CkXcK1JYUlk/T6zH0J7lQ7Hi470Tfc6D3izJlfZFblECSnt1WunoafHKLc/uG+RcXNM7Dw= x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: ca1b3dea-e2b6-4713-19c3-08d4eef0ef1b x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(300000503095)(300135400095)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DF4PR84MB0233; x-ms-traffictypediagnostic: DF4PR84MB0233: x-exchange-antispam-report-test: UriScan:(162533806227266)(228905959029699); x-microsoft-antispam-prvs: x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123562025)(20161123564025)(20161123555025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DF4PR84MB0233; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DF4PR84MB0233; x-forefront-prvs: 0414DF926F x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(377454003)(57704003)(189002)(13464003)(199003)(81166006)(6436002)(25786009)(3846002)(3660700001)(3280700002)(97736004)(8676002)(14454004)(6306002)(93886005)(6246003)(2501003)(81156014)(68736007)(9686003)(345774005)(2950100002)(86362001)(6506006)(74316002)(53936002)(2900100001)(53546010)(55016002)(229853002)(66066001)(7736002)(77096006)(966005)(305945005)(6116002)(33656002)(8936002)(478600001)(2906002)(189998001)(106356001)(54356999)(105586002)(7696004)(76176999)(101416001)(5660300001)(102836003)(50986999)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:DF4PR84MB0233; H:DF4PR84MB0155.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: hpe.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Aug 2017 15:16:33.6237 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-Transport-CrossTenantHeadersStamped: DF4PR84MB0233 X-OriginatorOrg: hpe.com Subject: Re: [PATCH 0/2] Implement NULL pointer detection feature X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Aug 2017 15:14:18 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thank you for implementing this feature! It is very helpful for catching = pointer-related problems. We have used a similar scheme on our systems for= years, and caught several important bugs. Some comments: * It's possible to implement similar protections in PEI (IA32) by modifying= the GDT descriptors. * For flexibility, I'd like NULL pointer protection to be controlled indepe= ndently in PEI, DXE, and SMM, using separate PCDs. * We have seen various option ROMs and OS boot loaders which have NULL poin= ter issues, but are outside of our control. It is useful to enable NULL po= inter protection during as much of the boot as possible, but disable it bef= ore running these other executables. So I'd suggest adding another PCD, pe= rhaps PcdNullPointerDetectionPostDxe, to control NULL pointer protection la= te in boot. If PcdNullPointerDetection !=3D PcdNullPointerDetectionPostDxe= , install an end-of-DXE event (gEfiEndOfDxeEventGroupGuid) which changes th= e protection of page 0 using a call to EFI_CPU_ARCH_PROTOCOL. SetMemoryAttr= ibutes(CpuArch, 0, EFI_PAGE_SIZE, 0). So ideally I'd like to have 4 PCDs: PcdNullPointerDetectionPei PcdNullPointerDetectionDxe PcdNullPointerDetectionSmm PcdNullPointerDetectionPostDxe Thanks, Brian Johnson HPE -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Yao,= Jiewen Sent: Sunday, August 27, 2017 10:39 PM To: Wang, Jian J ; edk2-devel@lists.01.org Subject: Re: [edk2] [PATCH 0/2] Implement NULL pointer detection feature Comment in line. From: Wang, Jian J Sent: Monday, August 28, 2017 11:24 AM To: Yao, Jiewen ; edk2-devel@lists.01.org Subject: RE: [edk2] [PATCH 0/2] Implement NULL pointer detection feature 1) I think this feature should be 'FALSE' by default. I forgot to rese= t its default value. This feature makes use of page mechanism to detect NUL= L pointer. So any ARCH doesn't support paging in EDK-II can't use it. Curre= ntly validated platform includes VLV2 and Denlow. Let me know if all platfo= rm must be validated or not. [Jiewen] Yes, I am OK to set to be FALSE to provide best compatibility. I suggest we validate all open source IA platforms, such as Quark, and OVMF= with TRUE. 2) It's hard to make it a dynamic feature because we need to setup pag= e table for physical address 0-4095 in advance. If there's no memory alloc/= free action after enabling this feature, there's no chance to make those ch= ange in page table. Then the usage of feature will be limited in such case. [Jiewen] Dynamic means the initial value is dynamic. I am not saying we nee= d modify the page table. An implementation could be: A platform can set this PCD in PEI phase based upon a setup variable to cho= ose CSM enable or disable. The IPL sets page table based upon this PCD value. The DXE Core cannot cons= ume PCD directly, because it might be dynamic. But we can pass the informat= ion from IPL via HOB. All the DXE module just checks the value based upon H= OB. From: Yao, Jiewen Sent: Monday, August 28, 2017 11:10 AM To: Wang, Jian J >; edk= 2-devel@lists.01.org Subject: RE: [edk2] [PATCH 0/2] Implement NULL pointer detection feature Thank you to enable this feature. I have 2 comments, after a very quick review. 1) I notice it is enabled by default "gEfiMdeModulePkgTokenSpaceGuid.P= cdNullPointerDetection|TRUE". Would you please provide the information on how many open source platforms = are validated? Such as, IA platform (VLV2, Quark), emu platform (OVMF, NT32)? Or do we need validate any ARM platform? 2) I am thinking about CSM platform. Do you think we can make it dynam= ic, as such, a platform may set the validate based upon CSM enable/disable? Or if we need update the CSM module to patch the page table automatically? = Once this is feature is ON. Thank you Yao Jiewen > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Wa= ng, > Jian J > Sent: Monday, August 28, 2017 10:51 AM > To: edk2-devel@lists.01.org > Subject: [edk2] [PATCH 0/2] Implement NULL pointer detection feature > > This patch is the implementation of NULL pointer detection feature, > which is one of the small features of Special Pool. > > Wang, Jian J (2): > Implement NULL pointer detection for EDK-II Core > Implement NULL pointer detection for EDK-II SMM Core and driver > > MdeModulePkg/Core/Dxe/DxeMain.inf | 3 ++- > MdeModulePkg/Core/Dxe/Mem/Page.c | 5 +++-- > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 + > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 6 ++++-- > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 26 > ++++++++++++++++-------- > MdeModulePkg/MdeModulePkg.dec | 7 +++++++ > UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 12 +++++++++++ > UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 25 > ++++++++++++++++++++++- > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 1 + > UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 12 +++++++++++ > 10 files changed, 84 insertions(+), 14 deletions(-) > > -- > 2.11.0.windows.1 > > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel