From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52])
 by mx.groups.io with SMTP id smtpd.web11.2256.1627000367923068908
 for <devel@edk2.groups.io>;
 Thu, 22 Jul 2021 17:32:48 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@taylorbeebe.com header.s=google header.b=W7J7Ii3F;
 spf=pass (domain: taylorbeebe.com, ip: 209.85.216.52, mailfrom: t@taylorbeebe.com)
Received: by mail-pj1-f52.google.com with SMTP id ds11-20020a17090b08cbb0290172f971883bso6663013pjb.1
        for <devel@edk2.groups.io>; Thu, 22 Jul 2021 17:32:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=taylorbeebe.com; s=google;
        h=to:cc:from:subject:message-id:date:user-agent:mime-version
         :content-language:content-transfer-encoding;
        bh=krjhBov+6ZyMAc9WR6vPpPN7ZhSNzzR99CJN+5hFWFU=;
        b=W7J7Ii3FqgM2zvS7iiMSsyxUkRh4kF0BPVStQaTp1QgsGxIACALdwVtxe5aVeZzheA
         rTERPX/caijSofgv9VSspiQ071k+31oGFSTtozW9c4XS3IuYnmviYTRENdqSyrnu47TW
         isc+7zxCPAACLtPHxLq2urty1eFUqS0cmEci1qaAhjGRNWBZoaKlszjp8ITDuMezt9c9
         x+U+JO60bw4ookP5qo6l53nxw2DxgkTjuyn0wSSbT6zt+RktGkYTtSqiUoi5eM52OCNr
         KYqKrXUui+G+lNT+MzlBkAB6cSjCrR4TD/EWfj2AzEWs4VDWDa7vzW45S9sw3cV0hfDX
         Y3/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:to:cc:from:subject:message-id:date:user-agent
         :mime-version:content-language:content-transfer-encoding;
        bh=krjhBov+6ZyMAc9WR6vPpPN7ZhSNzzR99CJN+5hFWFU=;
        b=MVhBNY9iU0QgoLHo/HBgOddj6QKDD69z7ZBos9QVCTnOXY2wTooncw26oF+FOHW7sU
         ipCBOVraQWGxaXwGlTTb9u36qNoCQ5XkDOjADZwOqd/XlX08rgKkUdI/n+C/AFtpEFUX
         wA2FM9mxf5YL4x6hpkQ9VuzADNhGKdfpCNCkiF/rR1J8+xyrLpHnQ4yy+1fq/LM4KyQJ
         P4SId1l41uTD3EOwqg4n2eLsZI9uq5z9LgAxZVyiSbl0FZmznMkS1MF58X+1xahgje6S
         JFW4Ut2dwBLk6EeZ2XSGj32ifQ6TqJVkgQNsny1OBi1fUjv8LlX2QEhdsQ4LU81sYhZE
         lXYw==
X-Gm-Message-State: AOAM533VFhZ5Ungj4Bzftxz7YKs8As2GowPdH6J+an9bYhuyA8b9//Xl
	FFjy2du/SdlebKt8DPvMmw3G+w==
X-Google-Smtp-Source: ABdhPJzq15l/zzkq5RHGz0kItJS2V+BD+wlgWanpYMjJ2RzYtgm9lHWT3VGWyKXPSPvz4+fCjoGAGA==
X-Received: by 2002:a63:e26:: with SMTP id d38mr2471497pgl.42.1627000367534;
        Thu, 22 Jul 2021 17:32:47 -0700 (PDT)
Return-Path: <t@taylorbeebe.com>
Received: from [192.168.0.159] ([50.35.69.176])
        by smtp.gmail.com with ESMTPSA id u3sm4145888pjn.18.2021.07.22.17.32.47
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Thu, 22 Jul 2021 17:32:47 -0700 (PDT)
To: devel@edk2.groups.io
Cc: spbrogan@outlook.com, eric.dong@intel.com, ray.ni@intel.com,
 rahul1.kumar@intel.com, mikuback@linux.microsoft.com, jian.j.wang@intel.com,
 hao.a.wu@intel.com, dandan.bi@intel.com, gaoliming@byosoft.com.cn,
 guo.dong@intel.com, maurice.ma@intel.com, benjamin.you@intel.com
From: t@taylorbeebe.com
Subject: [RFC] MemoryProtectionLib for Dynamic Memory Guard Settings
Message-ID: <d3233211-5c52-64e7-c3c9-75e0ea0b1bdd@taylorbeebe.com>
Date: Thu, 22 Jul 2021 17:32:46 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.12.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit

Current memory protection settings rely on FixedAtBuild PCD values 
(minus PcdSetNxForStack). Because of this, the memory protection 
configuration interface is fixed in nature. Cases arise in which memory 
protections might need to be adjusted between boots (if platform design 
allows) to avoid disabling a system. For example, platforms might choose 
to allow the user to control their protection policies such as allow 
execution of critical 3rd party software that might violate memory 
protections.

This RFC seeks your feedback regarding introducing an interface that 
allows dynamic configuration of memory protection settings.

I would like to propose two options:
1. Describing the memory protection setting configuration in a HOB that 
is produced by the platform.
2. Introducing a library class (e.g. MemoryProtectionLib) that allows 
abstraction of the memory protection setting configuration data source.

In addition, I would like to know if the memory protection FixedAtBuild 
PCDs currently in MdeModulePkg can be removed so we can move the 
configuration interface entirely to an option above.

In any case, I would like the settings to be visible to environments 
such as Standalone MM where dynamic PCDs are not accessible.

I am seeking your feedback on this proposal in preparation for sending 
an edk2 patch series.

-- 
Taylor Beebe
Software Engineer @ Microsoft