From nobody Fri Dec 27 03:45:07 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1503888813652527.5301068443134; Sun, 27 Aug 2017 19:53:33 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 2BC3B21E47D5E; Sun, 27 Aug 2017 19:50:53 -0700 (PDT) Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D211521E11D2E for ; Sun, 27 Aug 2017 19:50:51 -0700 (PDT) Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga104.jf.intel.com with ESMTP; 27 Aug 2017 19:53:30 -0700 Received: from jwang36-mobl.ccr.corp.intel.com ([10.239.197.59]) by fmsmga001.fm.intel.com with ESMTP; 27 Aug 2017 19:53:28 -0700 X-Original-To: edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.41,439,1498546800"; d="scan'208";a="1188708375" From: "Wang, Jian J" To: edk2-devel@lists.01.org Date: Mon, 28 Aug 2017 10:51:08 +0800 Message-Id: <20170828025109.5032-2-jian.j.wang@intel.com> X-Mailer: git-send-email 2.11.0.windows.1 In-Reply-To: <20170828025109.5032-1-jian.j.wang@intel.com> References: <20170828025109.5032-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 1/2] Implement NULL pointer detection for EDK-II Core X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jiewen Yao , Eric Dong , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This feature is for debug purpose which helps to detect potential NULL pointer access in code at run-time. Cc: Star Zeng Cc: Jiewen Yao Cc: Eric Dong Suggested-by: Wolman, Ayellet Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Wang, Jian J --- MdeModulePkg/Core/Dxe/DxeMain.inf | 3 ++- MdeModulePkg/Core/Dxe/Mem/Page.c | 5 +++-- MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 + MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 6 ++++-- MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 26 ++++++++++++++++----= ---- MdeModulePkg/MdeModulePkg.dec | 7 +++++++ 6 files changed, 35 insertions(+), 13 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 30d5984f7c..3d75a0014d 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -179,7 +179,8 @@ gEfiWatchdogTimerArchProtocolGuid ## CONSUMES =20 [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFrameworkCompatibilitySupport ## CO= NSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFrameworkCompatibilitySupport = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetection = ## CONSUMES =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdLoadFixAddressBootTimeCodePageNumber = ## SOMETIMES_CONSUMES diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index a142c79ee2..3fe77391b7 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -185,9 +185,10 @@ CoreAddRange ( // compatibility with operating systems that may evaluate memory in this= page=20 // for legacy data structures. If memory of any other type is added sta= rting=20 // at address 0, then do not zero the page at address 0 because the page= is being=20 - // used for other purposes. + // used for other purposes. But don't do this if NULL pointer detection = mechanism=20 + // is used. // =20 - if (Type =3D=3D EfiConventionalMemory && Start =3D=3D 0 && (End >=3D EFI= _PAGE_SIZE - 1)) { + if (!PcdGetBool(PcdNullPointerDetection) && Type =3D=3D EfiConventionalM= emory && Start =3D=3D 0 && (End >=3D EFI_PAGE_SIZE - 1)) { SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0); } =20 diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/Dx= eIplPeim/DxeIpl.inf index c54afe4aa6..6b4d68cfa1 100644 --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf @@ -111,6 +111,7 @@ =20 [FeaturePcd] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetection ## CONSUMES =20 [Pcd.IA32,Pcd.X64] gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##= SOMETIMES_CONSUMES diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg= /Core/DxeIplPeim/Ia32/DxeLoadFunc.c index 1957326caf..d4e1b7c858 100644 --- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c +++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c @@ -123,7 +123,8 @@ Create4GPageTablesIa32Pae ( PageDirectoryPointerEntry->Bits.Present =3D 1; =20 for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries < = 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress += =3D SIZE_2MB) { - if ((PhysicalAddress < StackBase + StackSize) && ((PhysicalAddress += SIZE_2MB) > StackBase)) { + if ((PcdGetBool(PcdNullPointerDetection) && PhysicalAddress =3D=3D 0) + || ((PhysicalAddress < StackBase + StackSize) && ((PhysicalAddre= ss + SIZE_2MB) > StackBase))) { // // Need to split this 2M page that covers stack range. // @@ -379,7 +380,8 @@ HandOffToDxeCore ( TopOfStack =3D (EFI_PHYSICAL_ADDRESS) (UINTN) ALIGN_POINTER (TopOfStac= k, CPU_STACK_ALIGNMENT); =20 PageTables =3D 0; - BuildPageTablesIa32Pae =3D (BOOLEAN) (PcdGetBool (PcdSetNxForStack) &&= IsIa32PaeSupport () && IsExecuteDisableBitAvailable ()); + BuildPageTablesIa32Pae =3D (BOOLEAN) (IsIa32PaeSupport () && IsExecute= DisableBitAvailable () + && (PcdGetBool (PcdSetNxForStack) = || PcdGetBool (PcdNullPointerDetection))); if (BuildPageTablesIa32Pae) { PageTables =3D Create4GPageTablesIa32Pae (BaseOfStack, STACK_SIZE); EnableExecuteDisableBit (); diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePk= g/Core/DxeIplPeim/X64/VirtualMemory.c index 48150be4e1..c69f889d9e 100644 --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c @@ -89,9 +89,16 @@ Split2MPageTo4K ( // Fill in the Page Table entries // PageTableEntry->Uint64 =3D (UINT64) PhysicalAddress4K | AddressEncMask; - PageTableEntry->Bits.ReadWrite =3D 1; - PageTableEntry->Bits.Present =3D 1; - if ((PhysicalAddress4K >=3D StackBase) && (PhysicalAddress4K < StackBa= se + StackSize)) { + + if (PcdGetBool(PcdNullPointerDetection) && PhysicalAddress4K =3D=3D 0)= { + PageTableEntry->Bits.ReadWrite =3D 0; + PageTableEntry->Bits.Present =3D 0; + } else { + PageTableEntry->Bits.ReadWrite =3D 1; + PageTableEntry->Bits.Present =3D 1; + } + + if (PcdGetBool (PcdSetNxForStack) && (PhysicalAddress4K >=3D StackBase= ) && (PhysicalAddress4K < StackBase + StackSize)) { // // Set Nx bit for stack. // @@ -137,9 +144,10 @@ Split1GPageTo2M ( =20 PhysicalAddress2M =3D PhysicalAddress; for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries < 51= 2; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M += =3D SIZE_2MB) { - if ((PhysicalAddress2M < StackBase + StackSize) && ((PhysicalAddress2M= + SIZE_2MB) > StackBase)) { + if ((PcdGetBool(PcdNullPointerDetection) && PhysicalAddress2M =3D=3D 0) + || (PcdGetBool (PcdSetNxForStack) && (PhysicalAddress2M < StackBas= e + StackSize) && ((PhysicalAddress2M + SIZE_2MB) > StackBase))) { // - // Need to split this 2M page that covers stack range. + // Need to split this 2M page that covers NULL or stack range. // Split2MPageTo4K (PhysicalAddress2M, (UINT64 *) PageDirectoryEntry, S= tackBase, StackSize); } else { @@ -279,7 +287,8 @@ CreateIdentityMappingPageTables ( PageDirectory1GEntry =3D (VOID *) PageDirectoryPointerEntry; =20 for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries = < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress += =3D SIZE_1GB) { - if (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBase + St= ackSize) && ((PageAddress + SIZE_1GB) > StackBase)) { + if ((PcdGetBool (PcdNullPointerDetection) && PageAddress =3D=3D 0) + || (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBase = + StackSize) && ((PageAddress + SIZE_1GB) > StackBase))) { Split1GPageTo2M (PageAddress, (UINT64 *) PageDirectory1GEntry, S= tackBase, StackSize); } else { // @@ -308,9 +317,10 @@ CreateIdentityMappingPageTables ( PageDirectoryPointerEntry->Bits.Present =3D 1; =20 for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntrie= s < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress += =3D SIZE_2MB) { - if (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBase + = StackSize) && ((PageAddress + SIZE_2MB) > StackBase)) { + if ((PcdGetBool (PcdNullPointerDetection) && PageAddress =3D=3D = 0) + || (PcdGetBool (PcdSetNxForStack) && (PageAddress < StackBas= e + StackSize) && ((PageAddress + SIZE_2MB) > StackBase))) { // - // Need to split this 2M page that covers stack range. + // Need to split this 2M page that covers NULL or stack range. // Split2MPageTo4K (PageAddress, (UINT64 *) PageDirectoryEntry, S= tackBase, StackSize); } else { diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 593bff357a..713593dc38 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -802,6 +802,13 @@ # @Prompt Degrade 64-bit PCI MMIO BARs for legacy BIOS option ROMs gEfiMdeModulePkgTokenSpaceGuid.PcdPciDegradeResourceForOptionRom|TRUE|BO= OLEAN|0x0001003a =20 + ## Indicates if NULL address detection will be enabled. + # If enabled, accessing NULL address in UEFI can be caught.

+ # TRUE - NULL address detection will be enabled.
+ # FALSE - NULL address detection will be disabled.
+ # @Prompt Enable NULL address detection. + gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetection|TRUE|BOOLEAN|0x00= 04003d + [PcdsFeatureFlag.IA32, PcdsFeatureFlag.ARM, PcdsFeatureFlag.AARCH64] gEfiMdeModulePkgTokenSpaceGuid.PcdPciDegradeResourceForOptionRom|FALSE|B= OOLEAN|0x0001003a =20 --=20 2.11.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel