From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.1759.1689119584131711070 for ; Tue, 11 Jul 2023 16:53:04 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@taylorbeebe.com header.s=google header.b=KkUiMLgs; spf=pass (domain: taylorbeebe.com, ip: 209.85.210.177, mailfrom: t@taylorbeebe.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-666ecb21f86so5707837b3a.3 for ; Tue, 11 Jul 2023 16:53:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=taylorbeebe.com; s=google; t=1689119583; x=1691711583; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=6S0WLXk72tseOzfgJeFVyu9GCiN0xS0/PQg4H6xhKtg=; b=KkUiMLgspvJ5gu+r5DNT9XdNsCWm95hYwRGSa9vCVYfZIY6tREo//DA4+aOffKg2M/ NHCfiPpu+zJQIB3+wc1e+3w829TfPCfp5Heew7npff66FG7EdP46zLDUxyXjbbtLvKkX bOdSNKzDHUClkzMFxYhAIYQ4Bme3deMyi3gztJFZq5C32Xac9wzMNlrZbPliVU5mLOrp W+rZCRG5V0yLtBe9+R73ZLvZFUeb9sJjiF3qAjuwcfg3hauDpU05F4BV+GO/iU1ftfHl 3jK39fD6gbNv8rlVBwQ6Gj8Ze+ws9k4gX9C7K1e+aDGWn0qtwxzY9NTk+FFpFlvraVVH mDpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689119583; x=1691711583; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6S0WLXk72tseOzfgJeFVyu9GCiN0xS0/PQg4H6xhKtg=; b=i2Uia8PtrghVvrYxr4Z72Aep1OJT7auNSR7zcStxmccNiKqV9i+EJWgViQC16A3Ke+ u4E12OoqR4SN+eAaDJSIvIM4Zrbj7Mx6rJiZ5o3c3hrgq1Sy654gRMsmMQfTufWDqUzb CJ78nSIPSTZNUTsdXs2nIzGVRb+kXu+T15tQItOS73ehMDAK7BkvQArSqHAHAz4vWQxO jtghppgema3YhUk5+oyBIlTql5joVvSou9kjA96vKCnkP/OFmfhjpsi4u2uGN4xyr2wC FlE7vxFM8/XovBVwqNNnnHTbpCUumyLGWoYm8LfDQiz3l2MuNVLx6SytvP5a9xiA+yu2 HKkw== X-Gm-Message-State: ABy/qLbR5wBEgz+a2z2ISZt0rY3RKHt2ONsOXZc60yq+1z8m4sx1KGYX 3vhLECUSlEaGxrGnt9ppsiCoTyTZW1Cg++D90BGJQXVg X-Google-Smtp-Source: APBJJlEKgZseeiDmaOYpkndTWVdz/Z+6i2dtqNHFv63JcnF9tHPKoTfaUSZ3kzfx5ew1RjrUFa7f7g== X-Received: by 2002:a05:6a20:4328:b0:132:c73a:3a26 with SMTP id h40-20020a056a20432800b00132c73a3a26mr375632pzk.43.1689119583194; Tue, 11 Jul 2023 16:53:03 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([50.46.230.135]) by smtp.gmail.com with ESMTPSA id a13-20020a62e20d000000b00660d80087a8sm2232677pfi.187.2023.07.11.16.53.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jul 2023 16:53:02 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi , Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Leif Lindholm , Sami Mujawar , Andrew Fish , Ray Ni , Eric Dong , Rahul Kumar , Guo Dong , Sean Rhodes , James Lu , Gua Guo Subject: [PATCH 00/14] Implement Dynamic Memory Protections Date: Tue, 11 Jul 2023 16:52:37 -0700 Message-ID: X-Mailer: git-send-email 2.41.0.windows.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit In the past, memory protection settings were configured via FixedAtBuild PCDs, which resulted in a build-time configuration of memory mitigations. This approach limited the flexibility of applying mitigations to the system and made it difficult to update or adjust the settings post-build. In a design, the configuration interface has been revised to allow for dynamic configuration. This is achieved with HOBs that are published prior to invocation of the HandoffToDxe() function. OvmfPkg/PlatformPei/Platform.c contains an example of how to publish the HOB for DXE and MM. To check the memory protection settings after PEI, the HOB can be easily consumed, sanity checked, and put into a global for access via the inclusion of the DXE or MM HOB libraries. This patch series also increases the memory protection level for OvmfPkg and ArmVirtPkg. Reference: https://github.com/tianocore/edk2/pull/4566 Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Leif Lindholm Cc: Sami Mujawar Cc: Andrew Fish Cc: Ray Ni Cc: Eric Dong Cc: Rahul Kumar Cc: Guo Dong Cc: Sean Rhodes Cc: James Lu Cc: Gua Guo Taylor Beebe (14): MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions MdeModulePkg: Add MemoryProtectionHobLib Definitions and NULL Libs MdeModulePkg: Add Phase-Specific MemoryProtectionHobLib Implementations OvmfPkg: Create the memory protection settings HOB ArmVirtPkg: Create memory protection settings HOB ArmPkg: Update to use memory protection HOB EmulatorPkg: Update to use memory protection HOB MdeModulePkg: Update to use memory protection HOB OvmfPkg: Update to use memory protection HOB UefiCpuPkg: Update to use memory protection HOB UefiPayloadPkg: Update to use memory protection HOB OvmfPkg: Delete Memory Protection PCDs ArmVirtPkg: Delete Memory Protection PCDs MdeModulePkg: Delete Memory Protection PCDs ArmPkg/ArmPkg.dsc | 1 + ArmPkg/Drivers/CpuDxe/CpuDxe.c | 5 +- ArmPkg/Drivers/CpuDxe/CpuDxe.inf | 2 +- ArmVirtPkg/ArmVirt.dsc.inc | 24 +- ArmVirtPkg/ArmVirtCloudHv.dsc | 5 - ArmVirtPkg/ArmVirtQemu.dsc | 5 - ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c | 25 +- ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf | 2 + EmulatorPkg/EmulatorPkg.dsc | 2 +- MdeModulePkg/Core/Dxe/DxeMain.h | 1 + MdeModulePkg/Core/Dxe/DxeMain.inf | 9 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 8 +- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 88 ++-- MdeModulePkg/Core/Dxe/Mem/HeapGuard.h | 24 +- MdeModulePkg/Core/Dxe/Mem/Page.c | 4 +- MdeModulePkg/Core/Dxe/Mem/Pool.c | 6 +- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 338 +++++++------- MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c | 4 +- MdeModulePkg/Core/DxeIplPeim/DxeIpl.h | 15 + MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 13 +- MdeModulePkg/Core/DxeIplPeim/DxeLoad.c | 26 ++ .../Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 57 +-- .../Core/DxeIplPeim/X64/DxeLoadFunc.c | 20 +- .../Core/DxeIplPeim/X64/VirtualMemory.c | 87 ++-- .../Core/DxeIplPeim/X64/VirtualMemory.h | 23 +- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 60 +-- MdeModulePkg/Core/PiSmmCore/HeapGuard.h | 20 +- MdeModulePkg/Core/PiSmmCore/Page.c | 6 +- MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 + MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 4 +- MdeModulePkg/Core/PiSmmCore/Pool.c | 9 +- .../Guid/DxeMemoryProtectionSettings.h | 413 ++++++++++++++++++ .../Include/Guid/MmMemoryProtectionSettings.h | 211 +++++++++ .../Library/DxeMemoryProtectionHobLib.h | 20 + .../Library/MmMemoryProtectionHobLib.h | 20 + .../DxeMemoryProtectionHobLib.c | 132 ++++++ .../DxeMemoryProtectionHobLib.inf | 34 ++ .../MmCommonMemoryProtectionHobLib.c | 89 ++++ .../SmmMemoryProtectionHobLib.c | 37 ++ .../SmmMemoryProtectionHobLib.inf | 35 ++ .../StandaloneMmMemoryProtectionHobLib.c | 37 ++ .../StandaloneMmMemoryProtectionHobLib.inf | 36 ++ .../DxeMemoryProtectionHobLibNull.c | 13 + .../DxeMemoryProtectionHobLibNull.inf | 28 ++ .../MmMemoryProtectionHobLibNull.c | 13 + .../MmMemoryProtectionHobLibNull.inf | 28 ++ MdeModulePkg/MdeModulePkg.dec | 187 +------- MdeModulePkg/MdeModulePkg.dsc | 11 + MdeModulePkg/MdeModulePkg.uni | 153 ------- OvmfPkg/AmdSev/AmdSevX64.dsc | 5 +- OvmfPkg/Bhyve/BhyveX64.dsc | 5 +- OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf | 1 - OvmfPkg/CloudHv/CloudHvX64.dsc | 5 +- OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c | 5 +- OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf | 4 +- .../Dsc/MemoryProtectionLibraries.dsc.inc | 15 + OvmfPkg/Include/Library/PlatformInitLib.h | 13 - OvmfPkg/IntelTdx/IntelTdxX64.dsc | 5 +- OvmfPkg/Library/PeilessStartupLib/DxeLoad.c | 25 +- .../PeilessStartupLib/PeilessStartup.c | 3 - .../PeilessStartupLib/PeilessStartupLib.inf | 5 +- .../PeilessStartupLib/X64/PageTables.h | 23 +- .../PeilessStartupLib/X64/VirtualMemory.c | 107 ++--- OvmfPkg/Library/PlatformInitLib/Platform.c | 15 - OvmfPkg/Microvm/MicrovmX64.dsc | 5 +- OvmfPkg/OvmfPkgIa32.dsc | 5 +- OvmfPkg/OvmfPkgIa32X64.dsc | 5 +- OvmfPkg/OvmfPkgX64.dsc | 5 +- OvmfPkg/OvmfXen.dsc | 5 +- OvmfPkg/PlatformPei/IntelTdx.c | 2 - OvmfPkg/PlatformPei/Platform.c | 43 +- OvmfPkg/PlatformPei/PlatformPei.inf | 3 +- OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf | 2 +- OvmfPkg/QemuVideoDxe/VbeShim.c | 5 +- OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc | 13 - OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc | 1 + OvmfPkg/TdxDxe/TdxDxe.c | 7 +- OvmfPkg/TdxDxe/TdxDxe.inf | 1 - UefiCpuPkg/CpuDxe/CpuDxe.c | 2 +- UefiCpuPkg/CpuDxe/CpuDxe.h | 11 +- UefiCpuPkg/CpuDxe/CpuDxe.inf | 4 +- UefiCpuPkg/CpuDxe/CpuMp.c | 2 +- UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf | 3 - UefiCpuPkg/CpuMpPei/CpuMpPei.c | 8 +- UefiCpuPkg/CpuMpPei/CpuMpPei.h | 3 +- UefiCpuPkg/CpuMpPei/CpuMpPei.inf | 1 - UefiCpuPkg/CpuMpPei/CpuPaging.c | 14 +- .../DxeCpuExceptionHandlerLib.inf | 1 - .../PeiCpuExceptionHandlerLib.inf | 1 - .../SecPeiCpuExceptionHandlerLib.inf | 1 - .../SmmCpuExceptionHandlerLib.inf | 1 - .../UnitTest/CpuExceptionHandlerTest.h | 3 +- .../UnitTest/CpuExceptionHandlerTestCommon.c | 27 +- .../DxeCpuExceptionHandlerLibUnitTest.inf | 2 +- .../PeiCpuExceptionHandlerLibUnitTest.inf | 4 +- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 3 +- UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 3 +- UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 2 +- UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 3 +- .../PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 13 +- UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 2 +- .../PiSmmCpuDxeSmm/SmmProfileInternal.h | 10 +- UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 2 +- UefiCpuPkg/UefiCpuPkg.dec | 7 +- UefiCpuPkg/UefiCpuPkg.dsc | 2 + UefiCpuPkg/UefiCpuPkg.uni | 10 +- .../UefiPayloadEntry/Ia32/DxeLoadFunc.c | 149 +------ UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c | 26 ++ .../UefiPayloadEntry/UefiPayloadEntry.h | 15 + .../UefiPayloadEntry/UefiPayloadEntry.inf | 9 +- .../UniversalPayloadEntry.inf | 9 +- .../UefiPayloadEntry/X64/DxeLoadFunc.c | 25 +- .../UefiPayloadEntry/X64/VirtualMemory.c | 78 ++-- .../UefiPayloadEntry/X64/VirtualMemory.h | 23 +- UefiPayloadPkg/UefiPayloadPkg.dsc | 1 + 115 files changed, 1888 insertions(+), 1321 deletions(-) create mode 100644 MdeModulePkg/Include/Guid/DxeMemoryProtectionSettings.h create mode 100644 MdeModulePkg/Include/Guid/MmMemoryProtectionSettings.h create mode 100644 MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h create mode 100644 MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/MmCommonMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf create mode 100644 OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc -- 2.41.0.windows.2