From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-oi1-f182.google.com (mail-oi1-f182.google.com [209.85.167.182]) by mx.groups.io with SMTP id smtpd.web11.1761.1689119585825186160 for ; Tue, 11 Jul 2023 16:53:06 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@taylorbeebe.com header.s=google header.b=SOj6lfE/; spf=pass (domain: taylorbeebe.com, ip: 209.85.167.182, mailfrom: t@taylorbeebe.com) Received: by mail-oi1-f182.google.com with SMTP id 5614622812f47-3942c6584f0so4518765b6e.3 for ; Tue, 11 Jul 2023 16:53:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=taylorbeebe.com; s=google; t=1689119585; x=1691711585; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EwYXGDEIhm1lAEfNH3HrlOVYfIXeQrDMCzyfz6sW+84=; b=SOj6lfE/fswZXRYTcmJwYVt7ExI2mGUWgLmitboEGIxnZq5srdtU+8ZfEGnPVoWSFt rUhxm6ZUlQcyUWKM4xDN/EjdsY7fftAMs85jfK1AUCc1DAqgNlO2Iz/H0i3gEiPM0tyn 78VP+d5l5/VABZXW1mcxeU/cvuPSZqgBqYJwDklLFkMUdVyFiXbLZwiM5uG9c2zXcNrM +g49QuADATbyb4Caiv4K6m3jjPcMZ47aaet3SErc7704iRRwmgK+zNq+wTTZbDtaVSYx +Ox7xoVt/S9Z008vBIujCBC3Ehwg7SbETB0KEDWBUGriOewqGwICxjLlVUVdoIlbs53U uZbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689119585; x=1691711585; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EwYXGDEIhm1lAEfNH3HrlOVYfIXeQrDMCzyfz6sW+84=; b=k78w3JhV8pNlBdDNoRXwyJ5ntkDm+qxF5TXUJaPBMGbkNSopHhds7Z/0EWRsgqh4dU kd4YvpT4Rz1CL1HWlBPv9U8hoa/SXMQDaIQyBDpVh6JOg/54gHr+IBEA1EJpWYvlYo38 BSLQ8y7uLFT6wtWqNYW4u82mQnu83h7v/q7boT4ciR8UzYCJmBDYTr6bvJir8uNY8/2i IOcXJAbhu8CnEGIcwEXr1A0T4XUJ6QRo3JUAKlouQLRgiVPMPhA8k4tyfeo9o1S0a51q nLyvzzpCnqlFpBiF2ZiyZXg62dkxAvyxLcQwXATC2bVgFrwwhFXzSCw3AhdEoxehAcWT h5tg== X-Gm-Message-State: ABy/qLY1mNxEwRBJntjOuNv5VzQPigllx9fNYABY/JRMauSQx+QOkAPl ekG6KiJpFug1gUtE5aslbZIoo10vK9gj3elZavCWlQ== X-Google-Smtp-Source: APBJJlEOz9aD/GGHkJRvAFtTpgP6ZSAt0Ey+owKIM1POJ+NQ2XiymjUzGYgyMnunzIwKak1F0WsFng== X-Received: by 2002:a05:6808:23c2:b0:3a3:7ee9:8f17 with SMTP id bq2-20020a05680823c200b003a37ee98f17mr19173100oib.39.1689119584976; Tue, 11 Jul 2023 16:53:04 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([50.46.230.135]) by smtp.gmail.com with ESMTPSA id a13-20020a62e20d000000b00660d80087a8sm2232677pfi.187.2023.07.11.16.53.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jul 2023 16:53:04 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [PATCH 03/14] MdeModulePkg: Add Phase-Specific MemoryProtectionHobLib Implementations Date: Tue, 11 Jul 2023 16:52:40 -0700 Message-ID: X-Mailer: git-send-email 2.41.0.windows.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Taylor Beebe Add DXE, SMM, and STANDALONE MM implementations of the MemoryProtectionHobLib. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- .../DxeMemoryProtectionHobLib.c | 132 ++++++++++++++++++ .../DxeMemoryProtectionHobLib.inf | 34 +++++ .../MmCommonMemoryProtectionHobLib.c | 89 ++++++++++++ .../SmmMemoryProtectionHobLib.c | 37 +++++ .../SmmMemoryProtectionHobLib.inf | 35 +++++ .../StandaloneMmMemoryProtectionHobLib.c | 37 +++++ .../StandaloneMmMemoryProtectionHobLib.inf | 36 +++++ MdeModulePkg/MdeModulePkg.dsc | 3 + 8 files changed, 403 insertions(+) create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/MmCommonMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.inf diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.c b/MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.c new file mode 100644 index 0000000000..fde568fcee --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.c @@ -0,0 +1,132 @@ +/** @file +Library fills out gDxeMps global + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include + +#include +#include +#include +#include + +DXE_MEMORY_PROTECTION_SETTINGS gDxeMps; + +/** + This function checks the memory protection settings and provides warnings of settings conflicts. + For compatibility, this logic will only ever turn off protections to create consistency, + never turn others on. +**/ +VOID +DxeMemoryProtectionSettingsConsistencyCheck ( + VOID + ) +{ + if ((gDxeMps.HeapGuard.PoolGuardEnabled || gDxeMps.HeapGuard.PageGuardEnabled) && + gDxeMps.HeapGuard.FreedMemoryGuardEnabled) + { + DEBUG (( + DEBUG_WARN, + "%a: - HeapGuard.FreedMemoryGuardEnabled and " + "UEFI HeapGuard.PoolGuardEnabled/HeapGuard.PageGuardEnabled " + "cannot be active at the same time. Setting all three to ZERO in " + "the memory protection settings global.\n", + __func__ + )); + ASSERT ( + !(gDxeMps.HeapGuard.FreedMemoryGuardEnabled && + (gDxeMps.HeapGuard.PoolGuardEnabled || gDxeMps.HeapGuard.PageGuardEnabled)) + ); + gDxeMps.HeapGuard.PoolGuardEnabled = FALSE; + gDxeMps.HeapGuard.PageGuardEnabled = FALSE; + gDxeMps.HeapGuard.FreedMemoryGuardEnabled = FALSE; + } + + if (DXE_MPS_IS_ANY_MEMORY_TYPE_ACTIVE (&gDxeMps.PoolGuard) && + (!(gDxeMps.HeapGuard.PoolGuardEnabled))) + { + DEBUG (( + DEBUG_WARN, + "%a: - PoolGuard protections are active " + "but HeapGuard.PoolGuardEnabled is inactive.\n", + __func__ + )); + } + + if (DXE_MPS_IS_ANY_MEMORY_TYPE_ACTIVE (&gDxeMps.PageGuard) && + (!(gDxeMps.HeapGuard.PageGuardEnabled))) + { + DEBUG (( + DEBUG_WARN, + "%a: - PageGuard protections are active " + "but HeapGuard.PageGuardEnabled is inactive\n", + __func__ + )); + } + + if (gDxeMps.ExecutionProtection.EnabledForType[EfiBootServicesData] != + gDxeMps.ExecutionProtection.EnabledForType[EfiConventionalMemory]) + { + DEBUG (( + DEBUG_WARN, + "%a: - EfiBootServicesData and EfiConventionalMemory must have the same " + "ExecutionProtection value. Setting both to ZERO in the memory protection " + "settings global.\n", + __func__ + )); + ASSERT ( + gDxeMps.ExecutionProtection.EnabledForType[EfiBootServicesData] == + gDxeMps.ExecutionProtection.EnabledForType[EfiConventionalMemory] + ); + gDxeMps.ExecutionProtection.EnabledForType[EfiBootServicesData] = FALSE; + gDxeMps.ExecutionProtection.EnabledForType[EfiConventionalMemory] = FALSE; + } +} + +/** + Populates gDxeMps global with the data present in the HOB. If the HOB entry does not exist, + this constructor will zero the memory protection settings. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. +**/ +EFI_STATUS +EFIAPI +DxeMemoryProtectionHobLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + VOID *Ptr; + DXE_MEMORY_PROTECTION_SETTINGS *DxeMps; + + Ptr = GetFirstGuidHob (&gDxeMemoryProtectionSettingsGuid); + + // + // Cache the Memory Protection Settings HOB entry + // + if (Ptr != NULL) { + DxeMps = (DXE_MEMORY_PROTECTION_SETTINGS *)GET_GUID_HOB_DATA (Ptr); + if (!DXE_MPS_IS_STRUCT_VALID (DxeMps)) { + DEBUG (( + DEBUG_ERROR, + "%a: - Version number of the DXE Memory Protection Settings HOB is invalid!\n", + __func__ + )); + ASSERT (DXE_MPS_IS_STRUCT_VALID (DxeMps)); + ZeroMem (&gDxeMps, sizeof (gDxeMps)); + return EFI_SUCCESS; + } + + CopyMem (&gDxeMps, DxeMps, sizeof (DXE_MEMORY_PROTECTION_SETTINGS)); + DxeMemoryProtectionSettingsConsistencyCheck (); + } + + return EFI_SUCCESS; +} diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf b/MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf new file mode 100644 index 0000000000..57ca55446b --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf @@ -0,0 +1,34 @@ +## @file +# DXE library instance to support platform-specific global controls for all memory protections. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = DxeMemoryProtectionHobLib + FILE_GUID = f497f7de-b9ab-4b9f-807e-89778922542d + MODULE_TYPE = UEFI_DRIVER + VERSION_STRING = 1.0 + LIBRARY_CLASS = DxeMemoryProtectionHobLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER + CONSTRUCTOR = DxeMemoryProtectionHobLibConstructor + +# +# VALID_ARCHITECTURES = IA32 X64 AARCH64 +# + +[Sources] + DxeMemoryProtectionHobLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + HobLib + DebugLib + BaseMemoryLib + +[Guids] + gDxeMemoryProtectionSettingsGuid diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/MmCommonMemoryProtectionHobLib.c b/MdeModulePkg/Library/MemoryProtectionHobLib/MmCommonMemoryProtectionHobLib.c new file mode 100644 index 0000000000..73f4b0cd88 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/MmCommonMemoryProtectionHobLib.c @@ -0,0 +1,89 @@ +/** @file +Library fills out gMmMps global + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include + +#include +#include +#include +#include + +MM_MEMORY_PROTECTION_SETTINGS gMmMps; + +/** + This function checks the memory protection settings and provides warnings of settings conflicts. + For compatibility, this logic will only ever turn off protections to create consistency, + never turn others on. +**/ +VOID +MmMemoryProtectionSettingsConsistencyCheck ( + VOID + ) +{ + if (MM_MPS_IS_ANY_MEMORY_TYPE_ACTIVE (&gMmMps.PoolGuard) && + (!gMmMps.HeapGuard.PoolGuardEnabled)) + { + DEBUG (( + DEBUG_WARN, + "%a: - PoolGuard protections are active " + "but HeapGuard.PoolGuardEnabled is inactive.\n", + __func__ + )); + } + + if (MM_MPS_IS_ANY_MEMORY_TYPE_ACTIVE (&gMmMps.PageGuard) && + (!gMmMps.HeapGuard.PageGuardEnabled)) + { + DEBUG (( + DEBUG_WARN, + "%a: - PageGuard protections are active " + "but HeapGuard.PageGuardEnabled is inactive\n", + __func__ + )); + } +} + +/** + Abstraction layer for library constructor of Standalone MM and SMM instances. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. +**/ +EFI_STATUS +EFIAPI +MmMemoryProtectionHobLibConstructorCommon ( + VOID + ) +{ + VOID *Ptr; + MM_MEMORY_PROTECTION_SETTINGS *MmMps; + + Ptr = GetFirstGuidHob (&gMmMemoryProtectionSettingsGuid); + + // + // Cache the Memory Protection Settings HOB entry + // + if (Ptr != NULL) { + MmMps = (MM_MEMORY_PROTECTION_SETTINGS *)GET_GUID_HOB_DATA (Ptr); + if (!MM_MPS_IS_STRUCT_VALID (MmMps)) { + DEBUG (( + DEBUG_ERROR, + "%a: - Version number of the MM Memory Protection Settings HOB is invalid!\n", + __func__ + )); + ASSERT (MM_MPS_IS_STRUCT_VALID (MmMps)); + ZeroMem (&gMmMps, sizeof (gMmMps)); + return EFI_SUCCESS; + } + + CopyMem (&gMmMps, MmMps, sizeof (MM_MEMORY_PROTECTION_SETTINGS)); + MmMemoryProtectionSettingsConsistencyCheck (); + } + + return EFI_SUCCESS; +} diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.c b/MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.c new file mode 100644 index 0000000000..fffc90a721 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.c @@ -0,0 +1,37 @@ +/** @file +Library fills out gMmMps global + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +/** + Abstraction layer for library constructor of Standalone MM and SMM instances. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. +**/ +EFI_STATUS +EFIAPI +MmMemoryProtectionHobLibConstructorCommon ( + VOID + ); + +/** + Library constructor of SMM instance. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. +**/ +EFI_STATUS +EFIAPI +SmmMemoryProtectionHobLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + return MmMemoryProtectionHobLibConstructorCommon (); +} diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.inf b/MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.inf new file mode 100644 index 0000000000..4651158bd4 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.inf @@ -0,0 +1,35 @@ +## @file +# SMM library instance to support platform-specific global controls for all memory protections. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = SmmMemoryProtectionHobLib + FILE_GUID = dc9666f4-917f-400d-8026-2b3beeeff195 + MODULE_TYPE = DXE_SMM_DRIVER + VERSION_STRING = 1.0 + LIBRARY_CLASS = MmMemoryProtectionHobLib|SMM_CORE DXE_SMM_DRIVER + CONSTRUCTOR = SmmMemoryProtectionHobLibConstructor + +# +# VALID_ARCHITECTURES = IA32 X64 AARCH64 +# + +[Sources] + MmCommonMemoryProtectionHobLib.c + SmmMemoryProtectionHobLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + HobLib + DebugLib + BaseMemoryLib + +[Guids] + gMmMemoryProtectionSettingsGuid diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.c b/MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.c new file mode 100644 index 0000000000..3fd8b9f259 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.c @@ -0,0 +1,37 @@ +/** @file +Library fills out gMmMps global + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +/** + Abstraction layer for library constructor of Standalone MM and SMM instances. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. +**/ +EFI_STATUS +EFIAPI +MmMemoryProtectionHobLibConstructorCommon ( + VOID + ); + +/** + Library constructor of Standalone MM instance. + + @param[in] ImageHandle The firmware allocated handle for the EFI image. + @param[in] SystemTable A pointer to the EFI MM System Table. + + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. +**/ +EFI_STATUS +EFIAPI +StandaloneMmMemoryProtectionHobLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_MM_SYSTEM_TABLE *SystemTable + ) +{ + return MmMemoryProtectionHobLibConstructorCommon (); +} diff --git a/MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.inf b/MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.inf new file mode 100644 index 0000000000..3cadb5ec6e --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.inf @@ -0,0 +1,36 @@ +## @file +# SMM library instance to support platform-specific global controls for all memory protections. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = StandaloneMmMemoryProtectionHobLib + FILE_GUID = C0A0D9C4-A249-483A-86EA-D73146D397B3 + MODULE_TYPE = MM_CORE_STANDALONE + PI_SPECIFICATION_VERSION = 0x00010032 + VERSION_STRING = 1.0 + LIBRARY_CLASS = MmMemoryProtectionHobLib|MM_CORE_STANDALONE MM_STANDALONE + CONSTRUCTOR = StandaloneMmMemoryProtectionHobLibConstructor + +# +# VALID_ARCHITECTURES = IA32 X64 AARCH64 +# + +[Sources] + MmCommonMemoryProtectionHobLib.c + StandaloneMmMemoryProtectionHobLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + HobLib + DebugLib + BaseMemoryLib + +[Guids] + gMmMemoryProtectionSettingsGuid diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 3fad493c7f..ec3c8913ad 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -237,6 +237,9 @@ MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf + MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf + MdeModulePkg/Library/MemoryProtectionHobLib/SmmMemoryProtectionHobLib.inf + MdeModulePkg/Library/MemoryProtectionHobLib/StandaloneMmMemoryProtectionHobLib.inf MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf -- 2.41.0.windows.2