TianoCore EDK2 master
Loading...
Searching...
No Matches
Macros | Functions | Variables
MemoryProtection.c File Reference
#include <PiDxe.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/DxeServicesTableLib.h>
#include <Library/DebugLib.h>
#include <Library/UefiLib.h>
#include <Library/ImagePropertiesRecordLib.h>
#include <Guid/EventGroup.h>
#include <Guid/MemoryAttributesTable.h>
#include <Protocol/FirmwareVolume2.h>
#include <Protocol/SimpleFileSystem.h>
#include "DxeMain.h"
#include "Mem/HeapGuard.h"

Go to the source code of this file.

Macros

#define IMAGE_UNKNOWN   0x00000001
 
#define IMAGE_FROM_FV   0x00000002
 
#define DO_NOT_PROTECT   0x00000000
 
#define PROTECT_IF_ALIGNED_ELSE_ALLOW   0x00000001
 
#define MEMORY_TYPE_OS_RESERVED_MIN   0x80000000
 
#define MEMORY_TYPE_OEM_RESERVED_MIN   0x70000000
 
#define PREVIOUS_MEMORY_DESCRIPTOR(MemoryDescriptor, Size)    ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) - (Size)))
 

Functions

UINT32 GetImageType (IN CONST EFI_DEVICE_PATH_PROTOCOL *File)
 
UINT32 GetProtectionPolicyFromImageType (IN UINT32 ImageType)
 
UINT32 GetUefiImageProtectionPolicy (IN EFI_LOADED_IMAGE_PROTOCOL *LoadedImage, IN EFI_DEVICE_PATH_PROTOCOL *LoadedImageDevicePath)
 
VOID SetUefiImageMemoryAttributes (IN UINT64 BaseAddress, IN UINT64 Length, IN UINT64 Attributes)
 
VOID SetUefiImageProtectionAttributes (IN IMAGE_PROPERTIES_RECORD *ImageRecord)
 
STATIC UINT32 GetMemoryProtectionSectionAlignment (IN EFI_MEMORY_TYPE MemoryType)
 
VOID ProtectUefiImage (IN EFI_LOADED_IMAGE_PROTOCOL *LoadedImage, IN EFI_DEVICE_PATH_PROTOCOL *LoadedImageDevicePath)
 
VOID UnprotectUefiImage (IN EFI_LOADED_IMAGE_PROTOCOL *LoadedImage, IN EFI_DEVICE_PATH_PROTOCOL *LoadedImageDevicePath)
 
STATIC UINT64 GetPermissionAttributeForMemoryType (IN EFI_MEMORY_TYPE MemoryType)
 
STATIC VOID SortMemoryMap (IN OUT EFI_MEMORY_DESCRIPTOR *MemoryMap, IN UINTN MemoryMapSize, IN UINTN DescriptorSize)
 
STATIC VOID MergeMemoryMapForProtectionPolicy (IN OUT EFI_MEMORY_DESCRIPTOR *MemoryMap, IN OUT UINTN *MemoryMapSize, IN UINTN DescriptorSize)
 
STATIC VOID InitializeDxeNxMemoryProtectionPolicy (VOID)
 
VOID EFIAPI MemoryProtectionCpuArchProtocolNotify (IN EFI_EVENT Event, IN VOID *Context)
 
VOID MemoryProtectionExitBootServicesCallback (VOID)
 
VOID EFIAPI DisableNullDetectionAtTheEndOfDxe (EFI_EVENT Event, VOID *Context)
 
VOID EFIAPI CoreInitializeMemoryProtection (VOID)
 
STATIC BOOLEAN IsInSmm (VOID)
 
EFI_STATUS EFIAPI ApplyMemoryProtectionPolicy (IN EFI_MEMORY_TYPE OldType, IN EFI_MEMORY_TYPE NewType, IN EFI_PHYSICAL_ADDRESS Memory, IN UINT64 Length)
 

Variables

UINT32 mImageProtectionPolicy
 
LIST_ENTRY mGcdMemorySpaceMap
 
STATIC LIST_ENTRY mProtectedImageRecordList
 

Detailed Description

UEFI Memory Protection support.

If the UEFI image is page aligned, the image code section is set to read only and the image data section is set to non-executable.

1) This policy is applied for all UEFI image including boot service driver, runtime driver or application. 2) This policy is applied only if the UEFI image meets the page alignment requirement. 3) This policy is applied only if the Source UEFI image matches the PcdImageProtectionPolicy definition. 4) This policy is not applied to the non-PE image region.

The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect the image. If the CpuArch protocol is not installed yet, the DxeCore enqueues the protection request. Once the CpuArch is installed, the DxeCore dequeues the protection request and applies policy.

Once the image is unloaded, the protection is removed automatically.

Copyright (c) 2017 - 2018, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file MemoryProtection.c.

Macro Definition Documentation

◆ DO_NOT_PROTECT

#define DO_NOT_PROTECT   0x00000000

Definition at line 55 of file MemoryProtection.c.

◆ IMAGE_FROM_FV

#define IMAGE_FROM_FV   0x00000002

Definition at line 50 of file MemoryProtection.c.

◆ IMAGE_UNKNOWN

#define IMAGE_UNKNOWN   0x00000001

Definition at line 49 of file MemoryProtection.c.

◆ MEMORY_TYPE_OEM_RESERVED_MIN

#define MEMORY_TYPE_OEM_RESERVED_MIN   0x70000000

Definition at line 59 of file MemoryProtection.c.

◆ MEMORY_TYPE_OS_RESERVED_MIN

#define MEMORY_TYPE_OS_RESERVED_MIN   0x80000000

Definition at line 58 of file MemoryProtection.c.

◆ PREVIOUS_MEMORY_DESCRIPTOR

#define PREVIOUS_MEMORY_DESCRIPTOR (   MemoryDescriptor,
  Size 
)     ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) - (Size)))

Definition at line 61 of file MemoryProtection.c.

◆ PROTECT_IF_ALIGNED_ELSE_ALLOW

#define PROTECT_IF_ALIGNED_ELSE_ALLOW   0x00000001

Definition at line 56 of file MemoryProtection.c.

Function Documentation

◆ ApplyMemoryProtectionPolicy()

EFI_STATUS EFIAPI ApplyMemoryProtectionPolicy ( IN EFI_MEMORY_TYPE  OldType,
IN EFI_MEMORY_TYPE  NewType,
IN EFI_PHYSICAL_ADDRESS  Memory,
IN UINT64  Length 
)

Manage memory permission attributes on a memory range, according to the configured DXE memory protection policy.

Parameters
OldTypeThe old memory type of the range
NewTypeThe new memory type of the range
MemoryThe base address of the range
LengthThe size of the range (in bytes)
Returns
EFI_SUCCESS If we are executing in SMM mode. No permission attributes are updated in this case
EFI_SUCCESS If the the CPU arch protocol is not installed yet
EFI_SUCCESS If no DXE memory protection policy has been configured
EFI_SUCCESS If OldType and NewType use the same permission attributes
other Return value of gCpu->SetMemoryAttributes()

Definition at line 1035 of file MemoryProtection.c.

◆ CoreInitializeMemoryProtection()

VOID EFIAPI CoreInitializeMemoryProtection ( VOID  )

Initialize Memory Protection support.

Definition at line 931 of file MemoryProtection.c.

◆ DisableNullDetectionAtTheEndOfDxe()

VOID EFIAPI DisableNullDetectionAtTheEndOfDxe ( EFI_EVENT  Event,
VOID *  Context 
)

Disable NULL pointer detection after EndOfDxe. This is a workaround resort in order to skip unfixable NULL pointer access issues detected in OptionROM or boot loaders.

Parameters
[in]EventThe Event this notify function registered to.
[in]ContextPointer to the context data registered to the Event.

Definition at line 884 of file MemoryProtection.c.

◆ GetImageType()

UINT32 GetImageType ( IN CONST EFI_DEVICE_PATH_PROTOCOL File)

Get the image type.

Parameters
[in]FileThis is a pointer to the device path of the file that is being dispatched.
Returns
UINT32 Image Type

Definition at line 79 of file MemoryProtection.c.

◆ GetMemoryProtectionSectionAlignment()

STATIC UINT32 GetMemoryProtectionSectionAlignment ( IN EFI_MEMORY_TYPE  MemoryType)

Return the section alignment requirement for the PE image section type.

Parameters
[in]MemoryTypePE/COFF image memory type
Return values
Therequired section alignment for this memory type

Definition at line 293 of file MemoryProtection.c.

◆ GetPermissionAttributeForMemoryType()

STATIC UINT64 GetPermissionAttributeForMemoryType ( IN EFI_MEMORY_TYPE  MemoryType)

Return the EFI memory permission attribute associated with memory type 'MemoryType' under the configured DXE memory protection policy.

Parameters
MemoryTypeMemory type.

Definition at line 440 of file MemoryProtection.c.

◆ GetProtectionPolicyFromImageType()

UINT32 GetProtectionPolicyFromImageType ( IN UINT32  ImageType)

Get UEFI image protection policy based upon image type.

Parameters
[in]ImageTypeThe UEFI image type
Returns
UEFI image protection policy

Definition at line 126 of file MemoryProtection.c.

◆ GetUefiImageProtectionPolicy()

UINT32 GetUefiImageProtectionPolicy ( IN EFI_LOADED_IMAGE_PROTOCOL LoadedImage,
IN EFI_DEVICE_PATH_PROTOCOL LoadedImageDevicePath 
)

Get UEFI image protection policy based upon loaded image device path.

Parameters
[in]LoadedImageThe loaded image protocol
[in]LoadedImageDevicePathThe loaded image device path protocol
Returns
UEFI image protection policy

Definition at line 146 of file MemoryProtection.c.

◆ InitializeDxeNxMemoryProtectionPolicy()

STATIC VOID InitializeDxeNxMemoryProtectionPolicy ( VOID  )

Remove exec permissions from all regions whose type is identified by PcdDxeNxMemoryProtectionPolicy.

Definition at line 572 of file MemoryProtection.c.

◆ IsInSmm()

STATIC BOOLEAN IsInSmm ( VOID  )

Returns whether we are currently executing in SMM mode.

Definition at line 1002 of file MemoryProtection.c.

◆ MemoryProtectionCpuArchProtocolNotify()

VOID EFIAPI MemoryProtectionCpuArchProtocolNotify ( IN EFI_EVENT  Event,
IN VOID *  Context 
)

A notification for CPU_ARCH protocol.

Parameters
[in]EventEvent whose notification function is being invoked.
[in]ContextPointer to the notification function's context, which is implementation-dependent.

Definition at line 773 of file MemoryProtection.c.

◆ MemoryProtectionExitBootServicesCallback()

VOID MemoryProtectionExitBootServicesCallback ( VOID  )

ExitBootServices Callback function for memory protection.

Definition at line 850 of file MemoryProtection.c.

◆ MergeMemoryMapForProtectionPolicy()

STATIC VOID MergeMemoryMapForProtectionPolicy ( IN OUT EFI_MEMORY_DESCRIPTOR MemoryMap,
IN OUT UINTN MemoryMapSize,
IN UINTN  DescriptorSize 
)

Merge adjacent memory map entries if they use the same memory protection policy

Parameters
[in,out]MemoryMapA pointer to the buffer in which firmware places the current memory map.
[in,out]MemoryMapSizeA pointer to the size, in bytes, of the MemoryMap buffer. On input, this is the size of the current memory map. On output, it is the size of new memory map after merge.
[in]DescriptorSizeSize, in bytes, of an individual EFI_MEMORY_DESCRIPTOR.

Definition at line 514 of file MemoryProtection.c.

◆ ProtectUefiImage()

VOID ProtectUefiImage ( IN EFI_LOADED_IMAGE_PROTOCOL LoadedImage,
IN EFI_DEVICE_PATH_PROTOCOL LoadedImageDevicePath 
)

Protect UEFI PE/COFF image.

Parameters
[in]LoadedImageThe loaded image protocol
[in]LoadedImageDevicePathThe loaded image device path protocol

Definition at line 330 of file MemoryProtection.c.

◆ SetUefiImageMemoryAttributes()

VOID SetUefiImageMemoryAttributes ( IN UINT64  BaseAddress,
IN UINT64  Length,
IN UINT64  Attributes 
)

Set UEFI image memory attributes.

Parameters
[in]BaseAddressSpecified start address
[in]LengthSpecified length
[in]AttributesSpecified attributes

Definition at line 188 of file MemoryProtection.c.

◆ SetUefiImageProtectionAttributes()

VOID SetUefiImageProtectionAttributes ( IN IMAGE_PROPERTIES_RECORD ImageRecord)

Set UEFI image protection attributes.

Parameters
[in]ImageRecordA UEFI image record

Definition at line 215 of file MemoryProtection.c.

◆ SortMemoryMap()

STATIC VOID SortMemoryMap ( IN OUT EFI_MEMORY_DESCRIPTOR MemoryMap,
IN UINTN  MemoryMapSize,
IN UINTN  DescriptorSize 
)

Sort memory map entries based upon PhysicalStart, from low to high.

Parameters
MemoryMapA pointer to the buffer in which firmware places the current memory map.
MemoryMapSizeSize, in bytes, of the MemoryMap buffer.
DescriptorSizeSize, in bytes, of an individual EFI_MEMORY_DESCRIPTOR.

Definition at line 471 of file MemoryProtection.c.

◆ UnprotectUefiImage()

VOID UnprotectUefiImage ( IN EFI_LOADED_IMAGE_PROTOCOL LoadedImage,
IN EFI_DEVICE_PATH_PROTOCOL LoadedImageDevicePath 
)

Unprotect UEFI image.

Parameters
[in]LoadedImageThe loaded image protocol
[in]LoadedImageDevicePathThe loaded image device path protocol

Definition at line 399 of file MemoryProtection.c.

Variable Documentation

◆ mGcdMemorySpaceMap

LIST_ENTRY mGcdMemorySpaceMap
extern

Definition at line 45 of file Gcd.c.

◆ mImageProtectionPolicy

UINT32 mImageProtectionPolicy

Definition at line 64 of file MemoryProtection.c.

◆ mProtectedImageRecordList

STATIC LIST_ENTRY mProtectedImageRecordList

Definition at line 68 of file MemoryProtection.c.