From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.3559.1685496594178968936 for ; Tue, 30 May 2023 18:29:54 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=GCQAWoME; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: ray.ni@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685496594; x=1717032594; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=YPVkloafFElHxtG9HQJ8UVUUXeWxrh/hl/LeaoIYefc=; b=GCQAWoMEkF++zPYOEX7l4XXuivaa+KzBo7rasxjSoQ/frnNQRsFQV1Qw 0HlQdMWla0E7Qi04373kvkJvaJmkHaWPBpa37qd8DhPcL6Tn+itMsU/JU Q1gTRfAUKQUGpqzIA2o7a8mnLNGFOhONnIE694VoayZgUHxclWTfyQzaS aDaqodkbS2XwBCRggORFlCPQYu6HQpeCQJjI3ZhrMUfA5w6cuum578BZl 0EDSbfIBVdxFqKlbZx+Y2y7RgKHsJIYEoozt/d0zDwPz5/tk2cZDdnQgz j4asmgTeMlComIyY4ljWvEnfyrc9joc1PX+EH6biglD8mhk4t9CDMPR6Q A==; X-IronPort-AV: E=McAfee;i="6600,9927,10726"; a="441456241" X-IronPort-AV: E=Sophos;i="6.00,205,1681196400"; d="scan'208";a="441456241" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 May 2023 18:29:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10726"; a="796488618" X-IronPort-AV: E=Sophos;i="6.00,205,1681196400"; d="scan'208";a="796488618" Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by FMSMGA003.fm.intel.com with ESMTP; 30 May 2023 18:29:52 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 30 May 2023 18:29:51 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Tue, 30 May 2023 18:29:51 -0700 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (104.47.73.43) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Tue, 30 May 2023 18:29:51 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JvZvWw8bccOaSbW5+s7942iHDOmfxAzMDjeEzUgLdv4xZ8NSFXafXxLfn4rIuD+XHOjKLXdlLLR9lJhshb7Ohm3ct9sGYO7Hi0BOgRYkwppTsDy7DNI1izUXp+U0KEveq+o/vmx7KuR1JHCOSNTgGH3rMhczu4m/WnrXcvmhDIVeYWQMaz1PWwyoiKo0S5447fF2659hvZ020dbtiINUGxkgajnp0Rfqsx+Vpp8d56wQ5xIrntQzBQGr+YfztzTwnz4W4V3EuVgF9V5A8svmU3yIod/pZp3PDS7hnT3tQ/uUoa8fKdzaGlLq+WFrJ5YMwCYPBNf1nHeoNG16xo2ILw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=z8I1Xtfee7DFzhTgWukmc/yWy2f26PEpfEVIRNmUWIE=; b=oBJyWaeLklWZ1JQYprnBvXdTdtHct2lImfVZgdr/QyMkI2/XI19lEaGo8Iw6O+H7hgzpngyXYrOlIXLpsT2WHpH2spQ9leyYlL08T1OQV4jcC5e+9KqgOe1uR5u/3NcQPFk5GGTrW1/+MRPKgBEtnPvffprK9Y/hDW1uICImFnZrx29RLVOChf5/zi7yTgEga6ledG7kSP4m2s5UzmK6uA9N9hx7v55OQLl8m3XuI2ydwUeQfseUdLj8SpwhmNCiHy01pRhruE0BqjHRiZzBxV9CSfCcL1UNFLGAxbWDonKbqMK6mDe+HH3XyzMLmJDpwOGXLNuMzjbKpdrIuGMr9w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14) by IA0PR11MB7259.namprd11.prod.outlook.com (2603:10b6:208:43c::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.22; Wed, 31 May 2023 01:29:44 +0000 Received: from MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::892b:b8e6:bab7:635d]) by MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::892b:b8e6:bab7:635d%5]) with mapi id 15.20.6433.018; Wed, 31 May 2023 01:29:44 +0000 From: "Ni, Ray" To: "Tan, Dun" , Ard Biesheuvel , "devel@edk2.groups.io" , Abner Chang , Tom Lendacky CC: "Yao, Jiewen" , Gerd Hoffmann , Taylor Beebe , Oliver Smith-Denny , "Bi, Dandan" , "Gao, Liming" , "Kinney, Michael D" , Leif Lindholm , Sunil V L , "Warkentin, Andrei" Subject: Re: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX Thread-Topic: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX Thread-Index: AQHZjxWqFRCsFExerEudWMuzKoyfPq9yb5cQgAA0PYCAAPyToA== Date: Wed, 31 May 2023 01:29:43 +0000 Message-ID: References: <20230525143041.1172989-1-ardb@kernel.org> <20230525143041.1172989-10-ardb@kernel.org> In-Reply-To: Accept-Language: en-US X-Mentions: abner.chang@amd.com,thomas.lendacky@amd.com X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|IA0PR11MB7259:EE_ x-ms-office365-filtering-correlation-id: e2c6a2f0-fbba-42bb-693f-08db617682f2 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: UBCYrxOnDPS0aTja7Epu3gFj5p8czLZKMnMfCITCJMuj7BiqKwKJQ2RMvtE7OHHR4EXlaPO99NWeFcbjE3lgsvINTBklIhyNzMN4d+qTSRXcXvvIxutLo7qVJK0ERgqqszc3YNdzLss+Md5gsQPo8gC+5UeMkOe24ElyHDqKwbZeVcjjKVRKeKgBP+KxZneUyeG+r6As0Jd1u4z6Q7oUnjajAUcWP+z3JC/9e0aOHTHKmnoDh0uQVGbcRl8bJUVUZX72RKvJzR7N6O7i2GbwC22U5U0hyTpXk2BVjrtblZwvTg1oSek3zyfPtVF8bSt0IvmaMCSSCHmOuOR5w6qPQtM1voc6FIB+YPl8hDZsZF003Vm4XovRWn0LXdzlNa95ztZv/D67JtdS/bE5kZxNe+diqrwpDrZj+8aQjAW7K57EbO4xdZqamIhjBHwOdZCbhFL9Dhh0wQifBl77xEXVAsu1F5QQkqRkRMQJKvijIkywi4Orua9vJM4uUeMD0m1MEmSOOz/QujDicCeXl83/4eaBc2Ow5f99om2G7TBItthQIJbjDdGTkdBXiy4U/sVfcSw02tNrQjVb0qQ4ujWIlGJOgOJJARQwbSisWYMi5uMRMgFn7qTy6fIyauGjAyxF x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN6PR11MB8244.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(346002)(39860400002)(376002)(366004)(136003)(396003)(451199021)(38070700005)(8936002)(6506007)(9686003)(7416002)(83380400001)(26005)(2906002)(52536014)(186003)(8676002)(55016003)(107886003)(71200400001)(41300700001)(478600001)(33656002)(76116006)(66946007)(66476007)(66446008)(66556008)(4326008)(82960400001)(64756008)(53546011)(38100700002)(5660300002)(110136005)(122000001)(54906003)(86362001)(316002)(7696005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?6pZtSnWsOJIHffgeiCr0ulG1YqWV0v2QvOAqJ0uODE87ie5c/p/qV43iuGSr?= =?us-ascii?Q?GSNQ9bThRqMYcjbjHrVyO7ZwKN6S46uMRAUb60JfqyK75Z6a5EU73fbnYycM?= =?us-ascii?Q?sYQ63d1ZQfqDfv+LZa1iU6KcdlczJGMR58dxwjLn5eVZN1AhrIQfIMK8ATu4?= =?us-ascii?Q?qctT505sxav5BlNdMIXQuCCxIuFuF2rSc1OSIgqkx6d0zorvgva2xchBMtyU?= =?us-ascii?Q?ex6C2IGrffzgZQP6VDpdIVgJLkAo33MpujLvcbC/+kRlVQ1O19hAjZDmubki?= =?us-ascii?Q?T6FlcfVrjiIcxT2NmNU4HG0wXZEbH5YTTl6EeFQZInoeYtw2NhEi2HnIl4XD?= =?us-ascii?Q?m48bUel1cXhWKMdzDAfAfdNLBjQaXGCgQPZmIbfjDiRj1waj4Xya45EnLs/R?= =?us-ascii?Q?rQECQWM5mSJNMdWnf+/kmJgCDsHXPyPDnQGCti3eiO2OGbq7BOt8AousdE4A?= =?us-ascii?Q?wpO8Mt/sjyY1RewhU+a4Gen6vWAOL3MTDTatwxtmPc7/FLgA5Hfsn4qNZgJI?= =?us-ascii?Q?7XGZi27B8fZM4MGqHIVRy1p3A33OzXDjlOzWixBSKXQcRwk9AXpwqvat9g4c?= =?us-ascii?Q?icENHxeFMzjRCpF8fSstjDLrO14j/O1hHhb9emVkDCE5Zex02Thwe1mBJLNC?= =?us-ascii?Q?gCmORFvyM/EfH8thupGcWSuX1DlGPJjBhe1/HkSduFYpmJFkiUYjNC+/YQDd?= =?us-ascii?Q?bdW+QWNVuApjGBfSxugko+SmgujnWe8c1Mo+0I72K/TWepB9zpThaUO8SVBx?= =?us-ascii?Q?gaQPkAJaAwTAFyVqvdpB88OBS+Gb4Rftv9I93BUrlpHBnkj4QB2wr53RzzV8?= =?us-ascii?Q?Sp7vvpzLW4pNbigUgvvdJLVaPyNPb6djJlCwQeyjcvZoihSbDfYPaKxyZxf3?= =?us-ascii?Q?XVUL8Dc4icJbTYim4CbpcTVXD4rPVMlBKGViFj5Tt/C4UZ+J42nWHfXsiqVL?= =?us-ascii?Q?mPWL+eX0dn5OKfIgTJzKALmg8QIBHCvvlGF6pn5Veuo1zuBR0l28faYWYomC?= =?us-ascii?Q?RKxn1wctVGtY8dst6qjyVrJ46mkAhgaJJa5iLsxankoNne7+NXWvJx2X6/2F?= =?us-ascii?Q?wCEn0ciYTOrVNCR57v86ViUUhr2FOW0WulGaEcizWuMva/Dmt16+xNvtKNFB?= =?us-ascii?Q?pUJTBxH5g1QOl04pATKJvYn7JSPIGUD26IMheNh4JBgCVNtaS/Bry4nPT8+v?= =?us-ascii?Q?4JBEmCfB6QK52+LldUHAqmcjYWOWZOhqYP4IhsxEfSwywKQdi3wMnsQ0kDiH?= =?us-ascii?Q?Q4Kv+91SDTJ4vyCbH3KY+cNJhM++/5DPUtW63Xieww9JwKMg7c/hnyn7qAhT?= =?us-ascii?Q?JlIQUbY5QOkJAw6wGx/aWbaHOjbAMC94+QBL/KFQbvt38yva0/R/cu9KONBi?= =?us-ascii?Q?38cHJJ2EEPtdufjNrwqPeJ22wx6sarZSKfhaE0uH5ND8ICn7tMDzIofaNVBW?= =?us-ascii?Q?a0GoE5GkHCkluvQGygfipF2wbD0u/kBu3aVMEVBmZa45F06Xkm8oFivCx2BC?= =?us-ascii?Q?j7t+kdtbRPSdkJT4B46jceCPmfGTfJCCnTscb/TxkJ29IXHFam8X8YPxn60s?= =?us-ascii?Q?vgx+TsRgtf8VA3PA25I=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e2c6a2f0-fbba-42bb-693f-08db617682f2 X-MS-Exchange-CrossTenant-originalarrivaltime: 31 May 2023 01:29:43.3744 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 5k46QZjtYvQ3KywoBUNAnsSbXYVrb4cD6qKJIggvlxEXN8NnGXTdfDGvaVRSpsahoWNRnt04PV1pjhp2pcvXoQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR11MB7259 Return-Path: ray.ni@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable +@Abner Chang and @Tom Lendacky > -----Original Message----- > From: Tan, Dun > Sent: Tuesday, May 30, 2023 6:25 PM > To: Ni, Ray ; Ard Biesheuvel ; > devel@edk2.groups.io > Cc: Yao, Jiewen ; Gerd Hoffmann > ; Taylor Beebe ; Oliver Smith- > Denny ; Bi, Dandan ; Gao, > Liming ; Kinney, Michael D > ; Leif Lindholm ; > Sunil V L ; Warkentin, Andrei > > Subject: RE: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory > attribute PPI to remap the stack NX >=20 > Ray, > I think using MemoryAttribute PPI also looks good for X64 DxeIpl. > The only question that comes to my mind is the AMD sev feature. Since the > MemoryAttribute can't handle the AMD sev feature requirements(remapping > ghcb range from non-1:1 mapping to 1:1-mapping), we may need to find an > appropriate place to remap the Ghcb range. >=20 > Thanks, > Dun >=20 > -----Original Message----- > From: Ni, Ray > Sent: Tuesday, May 30, 2023 3:19 PM > To: Ard Biesheuvel ; devel@edk2.groups.io; Tan, Dun > > Cc: Yao, Jiewen ; Gerd Hoffmann > ; Taylor Beebe ; Oliver Smith- > Denny ; Bi, Dandan ; Gao, > Liming ; Kinney, Michael D > ; Leif Lindholm ; > Sunil V L ; Warkentin, Andrei > > Subject: RE: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory > attribute PPI to remap the stack NX >=20 > Looks good. >=20 > @Tan, Dun, can you please evaluate if using MemoryAttribute PPI, what > opens will there be for X64 DxeIpl? >=20 > > -----Original Message----- > > From: Ard Biesheuvel > > Sent: Thursday, May 25, 2023 10:31 PM > > To: devel@edk2.groups.io > > Cc: Ard Biesheuvel ; Ni, Ray ; Yao, > > Jiewen ; Gerd Hoffmann ; > > Taylor Beebe ; Oliver Smith-Denny > > ; Bi, Dandan ; Gao, Liming > > ; Kinney, Michael D > > ; Leif Lindholm > > ; Sunil V L ; > > Warkentin, Andrei > > Subject: [RFC PATCH 09/10] MdeModulePkg/DxeIpl: Use memory attribute > > PPI to remap the stack NX > > > > If the associated PCD is set to TRUE, use the memory attribute PPI to > > remap the stack non-executable. This provides a generic method for > > doing so, which will be used by ARM and AArch64 as well once they move > > to the generic DxeIpl handoff implementation. > > > > Signed-off-by: Ard Biesheuvel > > --- > > MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c | 29 > ++++++++++++++++++-- > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 +++- > > 2 files changed, 30 insertions(+), 4 deletions(-) > > > > diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > > b/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > > index a0f85ebea56e6cba..22caabb02840ba88 100644 > > --- a/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > > +++ b/MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c > > @@ -2,12 +2,15 @@ > > Generic version of arch-specific functionality for DxeLoad. > > > > > > > > Copyright (c) 2006 - 2018, Intel Corporation. All rights > > reserved.
> > > > +Copyright (c) 2023, Google, LLC. All rights reserved.
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > > > > **/ > > > > > > > > #include "DxeIpl.h" > > > > > > > > +#include > > > > + > > > > /** > > > > Transfers control to DxeCore. > > > > > > > > @@ -25,9 +28,10 @@ HandOffToDxeCore ( > > IN EFI_PEI_HOB_POINTERS HobList > > > > ) > > > > { > > > > - VOID *BaseOfStack; > > > > - VOID *TopOfStack; > > > > - EFI_STATUS Status; > > > > + VOID *BaseOfStack; > > > > + VOID *TopOfStack; > > > > + EFI_STATUS Status; > > > > + EDKII_MEMORY_ATTRIBUTE_PPI *MemoryPpi; > > > > > > > > // > > > > // Allocate 128KB for the Stack > > > > @@ -35,6 +39,25 @@ HandOffToDxeCore ( > > BaseOfStack =3D AllocatePages (EFI_SIZE_TO_PAGES (STACK_SIZE)); > > > > ASSERT (BaseOfStack !=3D NULL); > > > > > > > > + if (PcdGetBool (PcdSetNxForStack)) { > > > > + Status =3D PeiServicesLocatePpi ( > > > > + &gEdkiiMemoryAttributePpiGuid, > > > > + 0, > > > > + NULL, > > > > + (VOID **)&MemoryPpi > > > > + ); > > > > + ASSERT_EFI_ERROR (Status); > > > > + > > > > + Status =3D MemoryPpi->SetPermissions ( > > > > + MemoryPpi, > > > > + (UINTN)BaseOfStack, > > > > + STACK_SIZE, > > > > + EFI_MEMORY_XP, > > > > + 0 > > > > + ); > > > > + ASSERT_EFI_ERROR (Status); > > > > + } > > > > + > > > > // > > > > // Compute the top of the stack we were allocated. Pre-allocate a > > UINTN > > > > // for safety. > > > > diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > > b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > > index 60c998be6c1bad01..7126a96d8378d1f8 100644 > > --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > > +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf > > @@ -91,6 +91,7 @@ [Ppis] > > gEfiPeiMemoryDiscoveredPpiGuid ## SOMETIMES_CONSUMES > > > > gEdkiiPeiBootInCapsuleOnDiskModePpiGuid ## SOMETIMES_CONSUMES > > > > gEdkiiPeiCapsuleOnDiskPpiGuid ## SOMETIMES_CONSUMES # > Consumed > > on firmware update boot path > > > > + gEdkiiMemoryAttributePpiGuid ## SOMETIMES_CONSUMES > > > > > > > > [Guids] > > > > ## SOMETIMES_CONSUMES ## Variable:L"MemoryTypeInformation" > > > > @@ -117,10 +118,12 @@ [Pcd.IA32,Pcd.X64] > > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize = ## > CONSUMES > > > > > > > > [Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64] > > > > - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## > > SOMETIMES_CONSUMES > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## > > SOMETIMES_CONSUMES > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## > > SOMETIMES_CONSUMES > > > > > > > > +[Pcd] > > > > + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## > > SOMETIMES_CONSUMES > > > > + > > > > [Depex] > > > > gEfiPeiLoadFilePpiGuid AND gEfiPeiMasterBootModePpiGuid > > > > > > > > -- > > 2.39.2