From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.1766.1689119591021619447 for ; Tue, 11 Jul 2023 16:53:11 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@taylorbeebe.com header.s=google header.b=Uk7jWYwc; spf=pass (domain: taylorbeebe.com, ip: 209.85.210.177, mailfrom: t@taylorbeebe.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-666e6ecb52dso3718046b3a.2 for ; Tue, 11 Jul 2023 16:53:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=taylorbeebe.com; s=google; t=1689119590; x=1691711590; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=fxKgX4Dot6cdsi3R0/EippBtTBvMznigFQSngkqU3hw=; b=Uk7jWYwc/9yOYQa0vtlcqPkFrY/t40i3M8K72KgWKR1bUo49mxz+32iuMbBWUS/OLE KdXb7BRGZR4AuFA/u4LSKDLGPgyA2lIwsBVWUHFL6v2KlOJiVdibUZ/3oY1uS5v5MUou RCyr5LIyg08+Btz6eWWrBOwpifk9EQqa46wbOqRaoDubVkg3E2cfsN3yBZucL0rpxijH XpFTHK5QSCeoaI2xd6OKP65hv0R86U1wuPvYpNnUoMb8DHaNvfyvMbjMxQzWX2rH0n5T j62lRcvfixRDmwTNcUMcvdW2LXm76XfDsxtRmbfZ2nyYP18N5XRF3WI403sYMw8tIOT+ fxyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689119590; x=1691711590; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fxKgX4Dot6cdsi3R0/EippBtTBvMznigFQSngkqU3hw=; b=RbBGMWwTH3duvCzEAhgSqQZudWxd5ZtPZdTpEzAqyPA3jHbt07PvONM7MF7qe0H/wl wUkTfu0jJoT82mOF4P7+MDQFz/gn5yGc2Y/RLeJ11wxxLq5PzafGvhQgJ0SZoWJqnH/S w3GPGUmGKOsY3tjIXWohXetT64efQhiHi5hw4OUUJ2X6UHnBkV00MeJ2S9TCvnNof5df IT3X15UvuG7wnZkyEJuFEgV8xbctPebw8aBGpuTizRIlf8V1AzZAIhrHsSqDUNNrD3vG tIybrjt0aa2mSofyaJupXXRrL/doQqo+JgpYYaOPXYtGC8fUEZ+Bb+z6cu/kI9gO3wWJ p2sA== X-Gm-Message-State: ABy/qLbNtaAyDIXMoo+aZoQebUsq8Vc5XLnRriIJIlYHI/NcZMcZedGB MtifkIbW17h62tcdEq4VSrHfSLLuWQBSbQjNSJRFcA== X-Google-Smtp-Source: APBJJlEgS9wEZJPRMR/Bd5NScsWFstyYwiG/vYoH9Lwrjr5S3vAYuYdYXn4RzSI9dgQ04P0kK0RjNA== X-Received: by 2002:a05:6a00:22cd:b0:674:1dde:4c59 with SMTP id f13-20020a056a0022cd00b006741dde4c59mr16072032pfj.28.1689119590272; Tue, 11 Jul 2023 16:53:10 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([50.46.230.135]) by smtp.gmail.com with ESMTPSA id a13-20020a62e20d000000b00660d80087a8sm2232677pfi.187.2023.07.11.16.53.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jul 2023 16:53:10 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Guo Dong , Sean Rhodes , James Lu , Gua Guo Subject: [PATCH 11/14] UefiPayloadPkg: Update to use memory protection HOB Date: Tue, 11 Jul 2023 16:52:48 -0700 Message-ID: X-Mailer: git-send-email 2.41.0.windows.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Taylor Beebe Replace references to the memory protection PCDs with references to the memory protection HOB. The X64/DxeLoadFunc.c will check the PcdDxeIplBuildPageTables PCD to determine if page tables should be built wheras before they would check both the PcdDxeIplBuildPageTables PCD and the memory protection settings. If PcdDxeIplBuildPageTables is FALSE but memory protections are active, ASSERT on X64. The Ia32/DxeLoadFunc.c was hard-coded to always build the page tables, and that is unchanged in this patch. However, this does remove the unused Create4GPageTablesIa32Pae() function in Ia32/DxeLoadFunc.c. Signed-off-by: Taylor Beebe Cc: Guo Dong Cc: Sean Rhodes Cc: James Lu Cc: Gua Guo --- .../UefiPayloadEntry/Ia32/DxeLoadFunc.c | 149 +----------------- UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c | 26 +++ .../UefiPayloadEntry/UefiPayloadEntry.h | 15 ++ .../UefiPayloadEntry/UefiPayloadEntry.inf | 9 +- .../UniversalPayloadEntry.inf | 9 +- .../UefiPayloadEntry/X64/DxeLoadFunc.c | 25 ++- .../UefiPayloadEntry/X64/VirtualMemory.c | 78 ++++----- .../UefiPayloadEntry/X64/VirtualMemory.h | 23 +-- UefiPayloadPkg/UefiPayloadPkg.dsc | 1 + 9 files changed, 98 insertions(+), 237 deletions(-) diff --git a/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c b/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c index 61a9f01ec9..fa1fa53aea 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c +++ b/UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c @@ -78,107 +78,6 @@ GLOBAL_REMOVE_IF_UNREFERENCED IA32_DESCRIPTOR gLidtDescriptor = { 0 }; -/** - Allocates and fills in the Page Directory and Page Table Entries to - establish a 4G page table. - - @param[in] StackBase Stack base address. - @param[in] StackSize Stack size. - - @return The address of page table. - -**/ -UINTN -Create4GPageTablesIa32Pae ( - IN EFI_PHYSICAL_ADDRESS StackBase, - IN UINTN StackSize - ) -{ - UINT8 PhysicalAddressBits; - EFI_PHYSICAL_ADDRESS PhysicalAddress; - UINTN IndexOfPdpEntries; - UINTN IndexOfPageDirectoryEntries; - UINT32 NumberOfPdpEntriesNeeded; - PAGE_MAP_AND_DIRECTORY_POINTER *PageMap; - PAGE_MAP_AND_DIRECTORY_POINTER *PageDirectoryPointerEntry; - PAGE_TABLE_ENTRY *PageDirectoryEntry; - UINTN TotalPagesNum; - UINTN PageAddress; - UINT64 AddressEncMask; - - // - // Make sure AddressEncMask is contained to smallest supported address field - // - AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64; - - PhysicalAddressBits = 32; - - // - // Calculate the table entries needed. - // - NumberOfPdpEntriesNeeded = (UINT32)LShiftU64 (1, (PhysicalAddressBits - 30)); - - TotalPagesNum = NumberOfPdpEntriesNeeded + 1; - PageAddress = (UINTN)AllocatePageTableMemory (TotalPagesNum); - ASSERT (PageAddress != 0); - - PageMap = (VOID *)PageAddress; - PageAddress += SIZE_4KB; - - PageDirectoryPointerEntry = PageMap; - PhysicalAddress = 0; - - for (IndexOfPdpEntries = 0; IndexOfPdpEntries < NumberOfPdpEntriesNeeded; IndexOfPdpEntries++, PageDirectoryPointerEntry++) { - // - // Each Directory Pointer entries points to a page of Page Directory entires. - // So allocate space for them and fill them in in the IndexOfPageDirectoryEntries loop. - // - PageDirectoryEntry = (VOID *)PageAddress; - PageAddress += SIZE_4KB; - - // - // Fill in a Page Directory Pointer Entries - // - PageDirectoryPointerEntry->Uint64 = (UINT64)(UINTN)PageDirectoryEntry | AddressEncMask; - PageDirectoryPointerEntry->Bits.Present = 1; - - for (IndexOfPageDirectoryEntries = 0; IndexOfPageDirectoryEntries < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress += SIZE_2MB) { - if ( (IsNullDetectionEnabled () && (PhysicalAddress == 0)) - || ( (PhysicalAddress < StackBase + StackSize) - && ((PhysicalAddress + SIZE_2MB) > StackBase))) - { - // - // Need to split this 2M page that covers stack range. - // - Split2MPageTo4K (PhysicalAddress, (UINT64 *)PageDirectoryEntry, StackBase, StackSize, 0, 0); - } else { - // - // Fill in the Page Directory entries - // - PageDirectoryEntry->Uint64 = (UINT64)PhysicalAddress | AddressEncMask; - PageDirectoryEntry->Bits.ReadWrite = 1; - PageDirectoryEntry->Bits.Present = 1; - PageDirectoryEntry->Bits.MustBe1 = 1; - } - } - } - - for ( ; IndexOfPdpEntries < 512; IndexOfPdpEntries++, PageDirectoryPointerEntry++) { - ZeroMem ( - PageDirectoryPointerEntry, - sizeof (PAGE_MAP_AND_DIRECTORY_POINTER) - ); - } - - // - // Protect the page table by marking the memory used for page table to be - // read-only. - // - EnablePageTableProtection ((UINTN)PageMap, FALSE); - - return (UINTN)PageMap; -} - /** The function will check if IA32 PAE is supported. @@ -207,41 +106,6 @@ IsIa32PaeSupport ( return Ia32PaeSupport; } -/** - The function will check if page table should be setup or not. - - @retval TRUE Page table should be created. - @retval FALSE Page table should not be created. - -**/ -BOOLEAN -ToBuildPageTable ( - VOID - ) -{ - if (!IsIa32PaeSupport ()) { - return FALSE; - } - - if (IsNullDetectionEnabled ()) { - return TRUE; - } - - if (PcdGet8 (PcdHeapGuardPropertyMask) != 0) { - return TRUE; - } - - if (PcdGetBool (PcdCpuStackGuard)) { - return TRUE; - } - - if (IsEnableNonExecNeeded ()) { - return TRUE; - } - - return FALSE; -} - /** Transfers control to DxeCore. @@ -268,12 +132,13 @@ HandOffToDxeCore ( UINT32 Index; X64_IDT_TABLE *IdtTableForX64; - // - // Clear page 0 and mark it as allocated if NULL pointer detection is enabled. - // - if (IsNullDetectionEnabled ()) { - ClearFirst4KPage (HobList.Raw); - BuildMemoryAllocationHob (0, EFI_PAGES_TO_SIZE (1), EfiBootServicesData); + PopulateDxeMemoryProtectionSettings (&mDxeMps); + + if (mDxeMps.NullPointerDetection.Enabled) { + ASSERT (CanAllocateNullPage (HobList.Raw)); + // Clear NULL page and mark it as allocated for NULL detection + SetMem (NULL, EFI_PAGE_SIZE, (UINTN)NULL); + BuildMemoryAllocationHob ((UINTN)NULL, EFI_PAGES_TO_SIZE (1), EfiBootServicesData); } BaseOfStack = (EFI_PHYSICAL_ADDRESS)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (STACK_SIZE)); diff --git a/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c b/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c index 898d610951..407afbe404 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c +++ b/UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c @@ -8,6 +8,8 @@ #include "UefiPayloadEntry.h" +DXE_MEMORY_PROTECTION_SETTINGS mDxeMps; + /** Allocate pages for code. @@ -359,3 +361,27 @@ UniversalLoadDxeCore ( return EFI_SUCCESS; } + +/** + Populates mDxeMps global with the data present in the memory + protection HOB entry if it exists. + + @param[in] DxeMps Pointer to the DXE memory protection settings. +**/ +VOID +EFIAPI +PopulateDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps + ) +{ + VOID *Ptr; + + Ptr = GetFirstGuidHob (&gDxeMemoryProtectionSettingsGuid); + + // Cache the Memory Protection Settings HOB entry + if ((Ptr != NULL) && DXE_MPS_IS_STRUCT_VALID (GET_GUID_HOB_DATA (Ptr))) { + CopyMem (DxeMps, GET_GUID_HOB_DATA (Ptr), sizeof (DXE_MEMORY_PROTECTION_SETTINGS)); + } else { + ZeroMem (DxeMps, sizeof (DXE_MEMORY_PROTECTION_SETTINGS)); + } +} diff --git a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h index ad8a9fd22b..56fd767036 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h +++ b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -51,6 +52,8 @@ #define E820_PMEM 7 #define E820_UNDEFINED 8 +extern DXE_MEMORY_PROTECTION_SETTINGS mDxeMps; + /** Auto-generated function that calls the library constructors for all of the module's dependent libraries. @@ -216,4 +219,16 @@ BuildHobFromAcpi ( IN UINT64 AcpiTableBase ); +/** + Populates mDxeMps global with the data present in the memory + protection HOB entry if it exists. + + @param[in] DxeMps Pointer to the DXE memory protection settings. +**/ +VOID +EFIAPI +PopulateDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps + ); + #endif diff --git a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf index e2af8a4b7c..8d5600b6ce 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf +++ b/UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf @@ -65,6 +65,7 @@ gUniversalPayloadSmbiosTableGuid gUniversalPayloadAcpiTableGuid gUniversalPayloadSerialPortInfoGuid + gDxeMemoryProtectionSettingsGuid [FeaturePcd.IA32] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode ## CONSUMES @@ -76,9 +77,6 @@ [Pcd.IA32,Pcd.X64] gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ## CONSUMES @@ -91,8 +89,3 @@ gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData gUefiPayloadPkgTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode - - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIMES_CONSUMES - diff --git a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf index 5112cdc1e5..e03f25d982 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf +++ b/UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf @@ -69,6 +69,7 @@ gUniversalPayloadAcpiTableGuid gUniversalPayloadPciRootBridgeInfoGuid gUniversalPayloadSmbios3TableGuid + gDxeMemoryProtectionSettingsGuid [FeaturePcd.IA32] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode ## CONSUMES @@ -81,17 +82,9 @@ gUefiPayloadPkgTokenSpaceGuid.PcdPcdDriverFile gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize ## CONSUMES gUefiPayloadPkgTokenSpaceGuid.PcdPayloadFdMemBase gUefiPayloadPkgTokenSpaceGuid.PcdPayloadFdMemSize gUefiPayloadPkgTokenSpaceGuid.PcdSystemMemoryUefiRegionSize - - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIMES_CONSUMES - diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c b/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c index 346e3feb04..53bfa3f8b4 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c @@ -40,12 +40,13 @@ HandOffToDxeCore ( VOID *GhcbBase; UINTN GhcbSize; - // - // Clear page 0 and mark it as allocated if NULL pointer detection is enabled. - // - if (IsNullDetectionEnabled ()) { - ClearFirst4KPage (HobList.Raw); - BuildMemoryAllocationHob (0, EFI_PAGES_TO_SIZE (1), EfiBootServicesData); + PopulateDxeMemoryProtectionSettings (&mDxeMps); + + if (mDxeMps.NullPointerDetection.Enabled) { + ASSERT (CanAllocateNullPage (HobList.Raw)); + // Clear NULL page and mark it as allocated for NULL detection + SetMem (NULL, EFI_PAGE_SIZE, (UINTN)NULL); + BuildMemoryAllocationHob ((UINTN)NULL, EFI_PAGES_TO_SIZE (1), EfiBootServicesData); } // @@ -78,17 +79,9 @@ HandOffToDxeCore ( (EFI_PHYSICAL_ADDRESS)(UINTN)GhcbBase, GhcbSize ); - } else { - // - // Set NX for stack feature also require PcdDxeIplBuildPageTables be TRUE - // for the DxeIpl and the DxeCore are both X64. - // - ASSERT (PcdGetBool (PcdSetNxForStack) == FALSE); - ASSERT (PcdGetBool (PcdCpuStackGuard) == FALSE); - } - - if (FeaturePcdGet (PcdDxeIplBuildPageTables)) { AsmWriteCr3 (PageTables); + } else { + ASSERT (!DXE_MPS_IS_MEMORY_PROTECTION_ACTIVE (&mDxeMps)); } // diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c index 1899404b24..f01ed175c6 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c @@ -30,37 +30,45 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include "VirtualMemory.h" +extern DXE_MEMORY_PROTECTION_SETTINGS mDxeMps; + // // Global variable to keep track current available memory used as page table. // PAGE_TABLE_POOL *mPageTablePool = NULL; /** - Clear legacy memory located at the first 4K-page, if available. - - This function traverses the whole HOB list to check if memory from 0 to 4095 - exists and has not been allocated, and then clear it if so. + Returns TRUE if the NULL page has not been allocated. @param HobStart The start of HobList passed to DxeCore. + @retval TRUE NULL page is unallocated + @retval FALSE NULL page cannot be allocated + **/ -VOID -ClearFirst4KPage ( +BOOLEAN +CanAllocateNullPage ( IN VOID *HobStart ) { EFI_PEI_HOB_POINTERS RscHob; EFI_PEI_HOB_POINTERS MemHob; - BOOLEAN DoClear; + BOOLEAN CanAllocate; - RscHob.Raw = HobStart; - MemHob.Raw = HobStart; - DoClear = FALSE; + if (HobStart == NULL) { + ASSERT (HobStart != NULL); + return FALSE; + } + + RscHob.Raw = HobStart; + MemHob.Raw = HobStart; + CanAllocate = FALSE; // - // Check if page 0 exists and free + // Check if page 0 exists and is free // while ((RscHob.Raw = GetNextHob ( EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, @@ -68,9 +76,9 @@ ClearFirst4KPage ( )) != NULL) { if ((RscHob.ResourceDescriptor->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) && - (RscHob.ResourceDescriptor->PhysicalStart == 0)) + (RscHob.ResourceDescriptor->PhysicalStart == (UINTN)NULL)) { - DoClear = TRUE; + CanAllocate = TRUE; // // Make sure memory at 0-4095 has not been allocated. // @@ -79,10 +87,10 @@ ClearFirst4KPage ( MemHob.Raw )) != NULL) { - if (MemHob.MemoryAllocation->AllocDescriptor.MemoryBaseAddress - < EFI_PAGE_SIZE) + if ((MemHob.MemoryAllocation->AllocDescriptor.MemoryBaseAddress >= (UINTN)NULL) && + (MemHob.MemoryAllocation->AllocDescriptor.MemoryBaseAddress < (UINTN)NULL + EFI_PAGE_SIZE)) { - DoClear = FALSE; + CanAllocate = FALSE; break; } @@ -95,27 +103,7 @@ ClearFirst4KPage ( RscHob.Raw = GET_NEXT_HOB (RscHob); } - if (DoClear) { - DEBUG ((DEBUG_INFO, "Clearing first 4K-page!\r\n")); - SetMem (NULL, EFI_PAGE_SIZE, 0); - } - - return; -} - -/** - Return configure status of NULL pointer detection feature. - - @return TRUE NULL pointer detection feature is enabled - @return FALSE NULL pointer detection feature is disabled - -**/ -BOOLEAN -IsNullDetectionEnabled ( - VOID - ) -{ - return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) != 0); + return CanAllocate; } /** @@ -169,9 +157,7 @@ IsEnableNonExecNeeded ( // XD flag (BIT63) in page table entry is only valid if IA32_EFER.NXE is set. // Features controlled by Following PCDs need this feature to be enabled. // - return (PcdGetBool (PcdSetNxForStack) || - PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0 || - PcdGet32 (PcdImageProtectionPolicy) != 0); + return TRUE; } /** @@ -214,7 +200,7 @@ ToSplitPageTable ( IN UINTN GhcbSize ) { - if (IsNullDetectionEnabled () && (Address == 0)) { + if ((Address == (UINTN)NULL) && mDxeMps.NullPointerDetection.Enabled) { return TRUE; } @@ -398,17 +384,17 @@ Split2MPageTo4K ( PageTableEntry->Bits.ReadWrite = 1; - if ((IsNullDetectionEnabled () && (PhysicalAddress4K == 0)) || - (PcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K == StackBase))) + if ((mDxeMps.NullPointerDetection.Enabled && (PhysicalAddress4K == (UINTN)NULL)) || + (mDxeMps.CpuStackGuardEnabled && (PhysicalAddress4K == StackBase))) { PageTableEntry->Bits.Present = 0; } else { PageTableEntry->Bits.Present = 1; } - if ( PcdGetBool (PcdSetNxForStack) - && (PhysicalAddress4K >= StackBase) - && (PhysicalAddress4K < StackBase + StackSize)) + if (mDxeMps.StackExecutionProtectionEnabled && + (PhysicalAddress4K >= StackBase) && + (PhysicalAddress4K < StackBase + StackSize)) { // // Set Nx bit for stack. diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.h b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.h index 616ebe42b0..c27bf68a04 100644 --- a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.h +++ b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.h @@ -265,28 +265,17 @@ AsmGetVectorTemplatInfo ( ); /** - Clear legacy memory located at the first 4K-page. + Returns TRUE if the NULL page has not been allocated. - This function traverses the whole HOB list to check if memory from 0 to 4095 - exists and has not been allocated, and then clear it if so. + @param HobStart The start of HobList passed to DxeCore. - @param HobStart The start of HobList passed to DxeCore. + @retval TRUE NULL page is unallocated + @retval FALSE NULL page cannot be allocated **/ -VOID -ClearFirst4KPage ( - IN VOID *HobStart - ); - -/** - Return configure status of NULL pointer detection feature. - - @return TRUE NULL pointer detection feature is enabled - @return FALSE NULL pointer detection feature is disabled -**/ BOOLEAN -IsNullDetectionEnabled ( - VOID +CanAllocateNullPage ( + IN VOID *HobStart ); /** diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc index 47812048dd..a7282f197b 100644 --- a/UefiPayloadPkg/UefiPayloadPkg.dsc +++ b/UefiPayloadPkg/UefiPayloadPkg.dsc @@ -207,6 +207,7 @@ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf HobLib|UefiPayloadPkg/Library/DxeHobLib/DxeHobLib.inf + DxeMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLib/DxeMemoryProtectionHobLib.inf # # UEFI & PI -- 2.41.0.windows.2