From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-oi1-f179.google.com (mail-oi1-f179.google.com [209.85.167.179]) by mx.groups.io with SMTP id smtpd.web10.1850.1689119585215199908 for ; Tue, 11 Jul 2023 16:53:05 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@taylorbeebe.com header.s=google header.b=LcbLNcBS; spf=pass (domain: taylorbeebe.com, ip: 209.85.167.179, mailfrom: t@taylorbeebe.com) Received: by mail-oi1-f179.google.com with SMTP id 5614622812f47-3a3efebcc24so3753572b6e.1 for ; Tue, 11 Jul 2023 16:53:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=taylorbeebe.com; s=google; t=1689119584; x=1691711584; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uySegFoqJ65A1ES3FQarVI9zNfOQm9/59at4iHtwEwA=; b=LcbLNcBS1HTikqMrTtaOyuBzXCLHnCAIsLCkHwmYgI4X+SPfoDSm6AVkWFds/ik4Cq i6dtRoZQhBlpakgrXEVT84hkJZotgQdYOt5FaJwxdadPho8ctEwTCOVHpCGgWH34Cxl/ sBu5E1xMrBlpBPuL9ktMpm+6DuNeGtSdGehOVXrLLVU4MvDpC4RlwqsiLZ+MoHI7KeuC Hek+MXc77iw9kEJWM+fwqRh710SsHHj5FyXr9T7bl8NEOz6b9px14sy4xBcUFJmqejtI d9Js2k4vsh/G6UJUkOy+PiiGY+T3ZAY/hKexdekN7luFRBwFUuEvlxZwqs0k9cq2fd/y bG2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689119584; x=1691711584; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uySegFoqJ65A1ES3FQarVI9zNfOQm9/59at4iHtwEwA=; b=b154naYoiYloe/CE9Rviuo6yukL+AEESlQjr1DfLQPQCjk2YsTgTaXHR1sqYng/nfs LHvIYfuUugyfp7w269kp0xfAsXvL221MzXxLV1aCRUKp6L7MaRcM8HB6hDOel5jWuD+/ y648aaCOtSRL+Q7wjfO4pCAeiDzvZQn3dbuTLC0XGHhznVXjWTHuM7DJ2Y5sXNnCAzMk uQZ+pL/J2hsePYDD5jxLEgliBmgf1pAJI8jKOAF0qfHUMf5bE2PeQ9GILPmVMoMGYzy/ +OYCYOJv61R8+KFl9trnKDlB5tojVr7wEN8SMWye/OloKwIRKK3mMQ6kT8DAaooFSzlX imXw== X-Gm-Message-State: ABy/qLb+N5OSzNtWxqTHrLT+V9NxdoUaDCekRunuI9iKXP2VEQu1ATi8 fpKNLHEFXXP7L23qU46YFqsLJ13ixHWeq8zSyTRh3Q== X-Google-Smtp-Source: APBJJlGHheeSwAIkZ6L5M4MlQ5ujkIMUu0JfJ+MP7c8Dpu7OX8a6qFEqI3e9hyjnPJYjcgH/sScrrg== X-Received: by 2002:a05:6808:238a:b0:3a3:61fc:f913 with SMTP id bp10-20020a056808238a00b003a361fcf913mr20719402oib.0.1689119584361; Tue, 11 Jul 2023 16:53:04 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([50.46.230.135]) by smtp.gmail.com with ESMTPSA id a13-20020a62e20d000000b00660d80087a8sm2232677pfi.187.2023.07.11.16.53.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Jul 2023 16:53:04 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao , Dandan Bi Subject: [PATCH 02/14] MdeModulePkg: Add MemoryProtectionHobLib Definitions and NULL Libs Date: Tue, 11 Jul 2023 16:52:39 -0700 Message-ID: X-Mailer: git-send-email 2.41.0.windows.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Taylor Beebe DxeMemoryProtectionHobLib and MmMemoryProtectionHobLib will fetch the memory protection settings HOB entry for their respective phase, validate the settings, and populate a global for access. Memory protection settings are currently dictated via FixedAtBuild PCDs where the settings needed to be masked. A future patch series will replace instances of checking the PCDs with checks to the memory protection globals populated by MemoryProtectionHobLib. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao Cc: Dandan Bi --- .../Library/DxeMemoryProtectionHobLib.h | 20 +++++++++++++ .../Library/MmMemoryProtectionHobLib.h | 20 +++++++++++++ .../DxeMemoryProtectionHobLibNull.c | 13 +++++++++ .../DxeMemoryProtectionHobLibNull.inf | 28 +++++++++++++++++++ .../MmMemoryProtectionHobLibNull.c | 13 +++++++++ .../MmMemoryProtectionHobLibNull.inf | 28 +++++++++++++++++++ MdeModulePkg/MdeModulePkg.dec | 8 ++++++ MdeModulePkg/MdeModulePkg.dsc | 8 ++++++ 8 files changed, 138 insertions(+) create mode 100644 MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h create mode 100644 MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c create mode 100644 MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf diff --git a/MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h b/MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h new file mode 100644 index 0000000000..a6809e564c --- /dev/null +++ b/MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h @@ -0,0 +1,20 @@ +/** @file + +Library for accessing memory protection settings. + +Copyright (C) Microsoft Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef DXE_MEMORY_PROTECTION_HOB_LIB_H_ +#define DXE_MEMORY_PROTECTION_HOB_LIB_H_ + +#include + +// +// The global used to access current Memory Protection Settings +// +extern DXE_MEMORY_PROTECTION_SETTINGS gDxeMps; + +#endif diff --git a/MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h b/MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h new file mode 100644 index 0000000000..09c25e878e --- /dev/null +++ b/MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h @@ -0,0 +1,20 @@ +/** @file + +Library for accessing memory protection settings. + +Copyright (C) Microsoft Corporation. All rights reserved. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef MM_MEMORY_PROTECTION_HOB_LIB_H_ +#define MM_MEMORY_PROTECTION_HOB_LIB_H_ + +#include + +// +// The global used to access current Memory Protection Settings +// +extern MM_MEMORY_PROTECTION_SETTINGS gMmMps; + +#endif diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c new file mode 100644 index 0000000000..2191a136b7 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c @@ -0,0 +1,13 @@ +/** @file +Library defines the gDxeMps global + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include + +// A global variable which is uninitialized will be zero. +// The net effect is memory protections will be OFF. +DXE_MEMORY_PROTECTION_SETTINGS gDxeMps; diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf new file mode 100644 index 0000000000..65f66936e3 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf @@ -0,0 +1,28 @@ +## @file +# NULL library which defines gDxeMps +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = DxeMemoryProtectionHobLibNull + FILE_GUID = a35c1dc1-0769-421b-a8bc-9db69fae4334 + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = DxeMemoryProtectionHobLib + +# +# VALID_ARCHITECTURES = IA32 X64 AARCH64 +# + +[Sources] + DxeMemoryProtectionHobLibNull.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + BaseMemoryLib diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c new file mode 100644 index 0000000000..6b3f6bae8d --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c @@ -0,0 +1,13 @@ +/** @file +Library defines the gMmMps global + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include + +// A global variable which is uninitialized will be zero. +// The net effect is memory protections will be OFF. +MM_MEMORY_PROTECTION_SETTINGS gMmMps; diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf new file mode 100644 index 0000000000..5621ccbdb6 --- /dev/null +++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf @@ -0,0 +1,28 @@ +## @file +# NULL library which defines gMmMps +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = MmMemoryProtectionHobLibNull + FILE_GUID = 4e3f6fd9-4ab5-4911-b80b-009d3338b4b2 + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = MmMemoryProtectionHobLib + +# +# VALID_ARCHITECTURES = IA32 X64 AARCH64 +# + +[Sources] + MmMemoryProtectionHobLibNull.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + BaseMemoryLib diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index f8c0fb4e93..2541b2b044 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -164,6 +164,14 @@ # VariableFlashInfoLib|Include/Library/VariableFlashInfoLib.h + ## @libraryclass Provides a way to toggle DXE memory protection settings + # + DxeMemoryProtectionHobLib|Include/Library/DxeMemoryProtectionHobLib.h + + ## @libraryclass Provides a way to toggle SMM memory protection settings + # + MmMemoryProtectionHobLib|Include/Library/MmMemoryProtectionHobLib.h + [Guids] ## MdeModule package token space guid # Include/Guid/MdeModulePkgTokenSpace.h diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 1aedfe280a..3fad493c7f 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -107,6 +107,12 @@ VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf IpmiCommandLib|MdeModulePkg/Library/BaseIpmiCommandLibNull/BaseIpmiCommandLibNull.inf +[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.DXE_CORE, LibraryClasses.common.UEFI_APPLICATION] + DxeMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf + +[LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER, LibraryClasses.common.MM_CORE_STANDALONE, LibraryClasses.common.MM_STANDALONE] + MmMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf + [LibraryClasses.EBC.PEIM] IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf @@ -231,6 +237,8 @@ MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf + MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf + MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf -- 2.41.0.windows.2