From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web10.120613.1680659950492314292 for ; Tue, 04 Apr 2023 18:59:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=d9m19SvQ; spf=pass (domain: linux.microsoft.com, ip: 13.77.154.182, mailfrom: mikuback@linux.microsoft.com) Received: from [192.168.4.22] (unknown [47.201.8.94]) by linux.microsoft.com (Postfix) with ESMTPSA id 72862210DEA7; Tue, 4 Apr 2023 18:59:08 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 72862210DEA7 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1680659950; bh=onlfEzsuKKJR4+0daN1PP0ashzftiGrZHoV6OtT6cb0=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=d9m19SvQlnImREg6z/TrZQcV+Mp0Vl9peaZ1LHZOz4DQw4kVvffMhy7261TCCOGjK 963nMM66vJLRq2z5ysZunPGW4sBCNxw2F44CEV3p0SaNL0PD1zKa26ZLf/zGWL4MWB +MJDTYqHX58Y9qbGQxi1TC9lx1woAanSxmnff68E= Message-ID: Date: Tue, 4 Apr 2023 21:59:07 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.9.1 Subject: Re: [edk2-devel] [PATCH v3 4/4] MdeModulePkg: Enable forward edge CFI in mem attributes table To: devel@edk2.groups.io, ardb@kernel.org Cc: Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe , =?UTF-8?Q?Marvin_H=c3=a4user?= , Bob Feng , Oliver Smith-Denny References: <20230404154022.2776035-1-ardb@kernel.org> <20230404154022.2776035-5-ardb@kernel.org> From: "Michael Kubacki" In-Reply-To: <20230404154022.2776035-5-ardb@kernel.org> Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Reviewed-by: Michael Kubacki On 4/4/2023 11:40 AM, Ard Biesheuvel wrote: > The memory attributes table has been extended with a flag that indicates > whether or not the OS is permitted to map the EFI runtime code regions > with strict enforcement for IBT/BTI landing pad instructions. > > Given that the PE/COFF spec now defines a DllCharacteristicsEx flag that > indicates whether or not a loaded image is compatible with this, we can > wire this up to the flag in the memory attributes table, and set it if > all loaded runtime image are compatible with it. > > Signed-off-by: Ard Biesheuvel > Reviewed-by: Leif Lindholm > Reviewed-by: Oliver Smith-Denny > --- > MdeModulePkg/Core/Dxe/DxeMain.h | 2 ++ > MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++++++++++ > MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +++++++- > 3 files changed, 19 insertions(+), 1 deletion(-) > > diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h > index 815a6b4bd844a452..43daa037be441150 100644 > --- a/MdeModulePkg/Core/Dxe/DxeMain.h > +++ b/MdeModulePkg/Core/Dxe/DxeMain.h > @@ -280,6 +280,8 @@ extern EFI_MEMORY_TYPE_INFORMATION gMemoryTypeInformation[EfiMaxMemoryType + 1] > extern BOOLEAN gDispatcherRunning; > > extern EFI_RUNTIME_ARCH_PROTOCOL gRuntimeTemplate; > > > > +extern BOOLEAN gMemoryAttributesTableForwardCfi; > > + > > extern EFI_LOAD_FIXED_ADDRESS_CONFIGURATION_TABLE gLoadModuleAtFixAddressConfigurationTable; > > extern BOOLEAN gLoadFixedAddressCodeMemoryReady; > > // > > diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c > index 8704ebea9a7c88c0..9dbfb2a1fad22ced 100644 > --- a/MdeModulePkg/Core/Dxe/Image/Image.c > +++ b/MdeModulePkg/Core/Dxe/Image/Image.c > @@ -1399,6 +1399,16 @@ CoreLoadImageCommon ( > CoreNewDebugImageInfoEntry (EFI_DEBUG_IMAGE_INFO_TYPE_NORMAL, &Image->Info, Image->Handle); > > } > > > > + // > > + // Check whether we are loading a runtime image that lacks support for > > + // IBT/BTI landing pads. > > + // > > + if ((Image->ImageContext.ImageCodeMemoryType == EfiRuntimeServicesCode) && > > + ((Image->ImageContext.DllCharacteristicsEx & EFI_IMAGE_DLLCHARACTERISTICS_EX_FORWARD_CFI_COMPAT) == 0)) > > + { > > + gMemoryAttributesTableForwardCfi = FALSE; > > + } > > + > > // > > // Reinstall loaded image protocol to fire any notifications > > // > > diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c b/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c > index 82fa026bceb990e5..fd127ee167e1ac9a 100644 > --- a/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c > +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c > @@ -89,6 +89,7 @@ BOOLEAN mMemoryAttributesTableEnable = TRUE; > BOOLEAN mMemoryAttributesTableEndOfDxe = FALSE; > > EFI_MEMORY_ATTRIBUTES_TABLE *mMemoryAttributesTable = NULL; > > BOOLEAN mMemoryAttributesTableReadyToBoot = FALSE; > > +BOOLEAN gMemoryAttributesTableForwardCfi = TRUE; > > > > /** > > Install MemoryAttributesTable. > > @@ -182,7 +183,12 @@ InstallMemoryAttributesTable ( > MemoryAttributesTable->Version = EFI_MEMORY_ATTRIBUTES_TABLE_VERSION; > > MemoryAttributesTable->NumberOfEntries = RuntimeEntryCount; > > MemoryAttributesTable->DescriptorSize = (UINT32)DescriptorSize; > > - MemoryAttributesTable->Flags = 0; > > + if (gMemoryAttributesTableForwardCfi) { > > + MemoryAttributesTable->Flags = EFI_MEMORY_ATTRIBUTES_FLAGS_RT_FORWARD_CONTROL_FLOW_GUARD; > > + } else { > > + MemoryAttributesTable->Flags = 0; > > + } > > + > > DEBUG ((DEBUG_VERBOSE, "MemoryAttributesTable:\n")); > > DEBUG ((DEBUG_VERBOSE, " Version - 0x%08x\n", MemoryAttributesTable->Version)); > > DEBUG ((DEBUG_VERBOSE, " NumberOfEntries - 0x%08x\n", MemoryAttributesTable->NumberOfEntries)); >