From nobody Tue Dec 24 00:27:02 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1512957325085447.19635548709937; Sun, 10 Dec 2017 17:55:25 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id EC917221EA0A1; Sun, 10 Dec 2017 17:50:45 -0800 (PST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 27FA120352ABD for ; Sun, 10 Dec 2017 17:50:45 -0800 (PST) Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Dec 2017 17:55:22 -0800 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.56]) by FMSMGA003.fm.intel.com with ESMTP; 10 Dec 2017 17:55:21 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Permerror (SPF Permanent Error: More than 10 MX records returned) identity=mailfrom; client-ip=192.55.52.136; helo=mga12.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,391,1508828400"; d="scan'208";a="10778594" From: Jian J Wang To: edk2-devel@lists.01.org Date: Mon, 11 Dec 2017 09:55:17 +0800 Message-Id: <20171211015518.9404-2-jian.j.wang@intel.com> X-Mailer: git-send-email 2.15.1.windows.2 In-Reply-To: <20171211015518.9404-1-jian.j.wang@intel.com> References: <20171211015518.9404-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 1/2] MdeModulePkg/DxeCore: Fix issues in Heap Guard X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jie Lin , Eric Dong , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" One issue is that macros defined in HeapGuard.h GUARD_HEAP_TYPE_PAGE GUARD_HEAP_TYPE_POOL doesn't match the definition of PCD PcdHeapGuardPropertyMask in MdeModulePkg.dec. This patch fixed it by exchanging the BIT0 and BIT1 of them. Another is that method AdjustMemoryF() will return a bigger NumberOfPages t= han the value passed in. This is caused by counting twice of a shared Guard page which can be used for both head and tail Guard of the memory before it and after it. This happens only when partially freeing just one page in the mid= dle of a bunch of allocated pages. The freed page should be turned into a new Guard page. Cc: Jie Lin Cc: Star Zeng Cc: Eric Dong Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang Reviewed-by: Star Zeng --- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 93 ++++++++++++++++++++++++++++---= ---- MdeModulePkg/Core/Dxe/Mem/HeapGuard.h | 4 +- MdeModulePkg/Core/Dxe/Mem/Page.c | 15 +++--- MdeModulePkg/Core/Dxe/Mem/Pool.c | 4 +- 4 files changed, 88 insertions(+), 28 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.c index 3a829854af..bee229f4c8 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c @@ -768,6 +768,7 @@ UnsetGuardForMemory ( ) { EFI_PHYSICAL_ADDRESS GuardPage; + UINT64 GuardBitmap; =20 if (NumberOfPages =3D=3D 0) { return; @@ -776,16 +777,29 @@ UnsetGuardForMemory ( // // Head Guard must be one page before, if any. // + // MSB-> 1 0 <-LSB + // ------------------- + // Head Guard -> 0 1 -> Don't free Head Guard (shared Guard) + // Head Guard -> 0 0 -> Free Head Guard either (not shared Guard) + // 1 X -> Don't free first page (need a new Guard) + // (it'll be turned into a Guard page later) + // ------------------- + // Start -> -1 -2 + // GuardPage =3D Memory - EFI_PAGES_TO_SIZE (1); - if (IsHeadGuard (GuardPage)) { - if (!IsMemoryGuarded (GuardPage - EFI_PAGES_TO_SIZE (1))) { + GuardBitmap =3D GetGuardedMemoryBits (Memory - EFI_PAGES_TO_SIZE (2), 2); + if ((GuardBitmap & BIT1) =3D=3D 0) { + // + // Head Guard exists. + // + if ((GuardBitmap & BIT0) =3D=3D 0) { // // If the head Guard is not a tail Guard of adjacent memory block, // unset it. // UnsetGuardPage (GuardPage); } - } else if (IsMemoryGuarded (GuardPage)) { + } else { // // Pages before memory to free are still in Guard. It's a partial free // case. Turn first page of memory block to free into a new Guard. @@ -796,16 +810,29 @@ UnsetGuardForMemory ( // // Tail Guard must be the page after this memory block to free, if any. // + // MSB-> 1 0 <-LSB + // -------------------- + // 1 0 <- Tail Guard -> Don't free Tail Guard (shared Guard) + // 0 0 <- Tail Guard -> Free Tail Guard either (not shared G= uard) + // X 1 -> Don't free last page (need a new G= uard) + // (it'll be turned into a Guard page la= ter) + // -------------------- + // +1 +0 <- End + // GuardPage =3D Memory + EFI_PAGES_TO_SIZE (NumberOfPages); - if (IsTailGuard (GuardPage)) { - if (!IsMemoryGuarded (GuardPage + EFI_PAGES_TO_SIZE (1))) { + GuardBitmap =3D GetGuardedMemoryBits (GuardPage, 2); + if ((GuardBitmap & BIT0) =3D=3D 0) { + // + // Tail Guard exists. + // + if ((GuardBitmap & BIT1) =3D=3D 0) { // // If the tail Guard is not a head Guard of adjacent memory block, // free it; otherwise, keep it. // UnsetGuardPage (GuardPage); } - } else if (IsMemoryGuarded (GuardPage)) { + } else { // // Pages after memory to free are still in Guard. It's a partial free // case. We need to keep one page to be a head Guard. @@ -895,6 +922,7 @@ AdjustMemoryF ( EFI_PHYSICAL_ADDRESS Start; EFI_PHYSICAL_ADDRESS MemoryToTest; UINTN PagesToFree; + UINT64 GuardBitmap; =20 if (Memory =3D=3D NULL || NumberOfPages =3D=3D NULL || *NumberOfPages = =3D=3D 0) { return; @@ -906,9 +934,22 @@ AdjustMemoryF ( // // Head Guard must be one page before, if any. // - MemoryToTest =3D Start - EFI_PAGES_TO_SIZE (1); - if (IsHeadGuard (MemoryToTest)) { - if (!IsMemoryGuarded (MemoryToTest - EFI_PAGES_TO_SIZE (1))) { + // MSB-> 1 0 <-LSB + // ------------------- + // Head Guard -> 0 1 -> Don't free Head Guard (shared Guard) + // Head Guard -> 0 0 -> Free Head Guard either (not shared Guard) + // 1 X -> Don't free first page (need a new Guard) + // (it'll be turned into a Guard page later) + // ------------------- + // Start -> -1 -2 + // + MemoryToTest =3D Start - EFI_PAGES_TO_SIZE (2); + GuardBitmap =3D GetGuardedMemoryBits (MemoryToTest, 2); + if ((GuardBitmap & BIT1) =3D=3D 0) { + // + // Head Guard exists. + // + if ((GuardBitmap & BIT0) =3D=3D 0) { // // If the head Guard is not a tail Guard of adjacent memory block, // free it; otherwise, keep it. @@ -916,10 +957,10 @@ AdjustMemoryF ( Start -=3D EFI_PAGES_TO_SIZE (1); PagesToFree +=3D 1; } - } else if (IsMemoryGuarded (MemoryToTest)) { + } else { // - // Pages before memory to free are still in Guard. It's a partial free - // case. We need to keep one page to be a tail Guard. + // No Head Guard, and pages before memory to free are still in Guard. = It's a + // partial free case. We need to keep one page to be a tail Guard. // Start +=3D EFI_PAGES_TO_SIZE (1); PagesToFree -=3D 1; @@ -928,19 +969,32 @@ AdjustMemoryF ( // // Tail Guard must be the page after this memory block to free, if any. // + // MSB-> 1 0 <-LSB + // -------------------- + // 1 0 <- Tail Guard -> Don't free Tail Guard (shared Guard) + // 0 0 <- Tail Guard -> Free Tail Guard either (not shared G= uard) + // X 1 -> Don't free last page (need a new G= uard) + // (it'll be turned into a Guard page la= ter) + // -------------------- + // +1 +0 <- End + // MemoryToTest =3D Start + EFI_PAGES_TO_SIZE (PagesToFree); - if (IsTailGuard (MemoryToTest)) { - if (!IsMemoryGuarded (MemoryToTest + EFI_PAGES_TO_SIZE (1))) { + GuardBitmap =3D GetGuardedMemoryBits (MemoryToTest, 2); + if ((GuardBitmap & BIT0) =3D=3D 0) { + // + // Tail Guard exists. + // + if ((GuardBitmap & BIT1) =3D=3D 0) { // // If the tail Guard is not a head Guard of adjacent memory block, // free it; otherwise, keep it. // PagesToFree +=3D 1; } - } else if (IsMemoryGuarded (MemoryToTest)) { + } else if (PagesToFree > 0) { // - // Pages after memory to free are still in Guard. It's a partial free - // case. We need to keep one page to be a head Guard. + // No Tail Guard, and pages after memory to free are still in Guard. I= t's a + // partial free case. We need to keep one page to be a head Guard. // PagesToFree -=3D 1; } @@ -1054,11 +1108,14 @@ CoreConvertPagesWithGuard ( { if (NewType =3D=3D EfiConventionalMemory) { AdjustMemoryF (&Start, &NumberOfPages); + if (NumberOfPages =3D=3D 0) { + return EFI_SUCCESS; + } } else { AdjustMemoryA (&Start, &NumberOfPages); } =20 - return CoreConvertPages(Start, NumberOfPages, NewType); + return CoreConvertPages (Start, NumberOfPages, NewType); } =20 /** diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.h b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.h index bd7abd7c53..30ac0e678f 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.h +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.h @@ -158,8 +158,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITH= ER EXPRESS OR IMPLIED. // // Memory type to guard (matching the related PCD definition) // -#define GUARD_HEAP_TYPE_POOL BIT0 -#define GUARD_HEAP_TYPE_PAGE BIT1 +#define GUARD_HEAP_TYPE_PAGE BIT0 +#define GUARD_HEAP_TYPE_POOL BIT1 =20 // // Debug message level diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index 853606653c..db32d0f940 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -920,21 +920,22 @@ CoreConvertPagesEx ( UINT64 EndToClear; =20 StartToClear =3D Start; - EndToClear =3D RangeEnd; + EndToClear =3D RangeEnd + 1; if (PcdGet8 (PcdHeapGuardPropertyMask) & (BIT1|BIT0)) { if (IsGuardPage(StartToClear)) { StartToClear +=3D EFI_PAGE_SIZE; } - if (IsGuardPage (EndToClear)) { + if (IsGuardPage (EndToClear - 1)) { EndToClear -=3D EFI_PAGE_SIZE; } - ASSERT (EndToClear > StartToClear); } =20 - DEBUG_CLEAR_MEMORY( - (VOID *)(UINTN)StartToClear, - (UINTN)(EndToClear - StartToClear + 1) - ); + if (EndToClear > StartToClear) { + DEBUG_CLEAR_MEMORY( + (VOID *)(UINTN)StartToClear, + (UINTN)(EndToClear - StartToClear) + ); + } } } =20 diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/P= ool.c index b82b51595c..7464d8773a 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Pool.c +++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c @@ -642,7 +642,9 @@ CoreFreePoolPagesWithGuard ( NoPagesGuarded =3D NoPages; =20 AdjustMemoryF (&Memory, &NoPages); - CoreFreePoolPagesI (PoolType, Memory, NoPages); + if (NoPages > 0) { + CoreFreePoolPagesI (PoolType, Memory, NoPages); + } =20 UnsetGuardForMemory (MemoryGuarded, NoPagesGuarded); } --=20 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Tue Dec 24 00:27:02 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1512957327485377.99932324434485; Sun, 10 Dec 2017 17:55:27 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 35EF7221EA0A9; Sun, 10 Dec 2017 17:50:49 -0800 (PST) Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 287F2221EA0A3 for ; Sun, 10 Dec 2017 17:50:46 -0800 (PST) Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Dec 2017 17:55:23 -0800 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.56]) by FMSMGA003.fm.intel.com with ESMTP; 10 Dec 2017 17:55:22 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Permerror (SPF Permanent Error: More than 10 MX records returned) identity=mailfrom; client-ip=192.55.52.136; helo=mga12.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,391,1508828400"; d="scan'208";a="10778598" From: Jian J Wang To: edk2-devel@lists.01.org Date: Mon, 11 Dec 2017 09:55:18 +0800 Message-Id: <20171211015518.9404-3-jian.j.wang@intel.com> X-Mailer: git-send-email 2.15.1.windows.2 In-Reply-To: <20171211015518.9404-1-jian.j.wang@intel.com> References: <20171211015518.9404-1-jian.j.wang@intel.com> Subject: [edk2] [PATCH 2/2] MdeModulePkg/PiSmmCore: Fix issues in Heap Guard X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jie Lin , Eric Dong , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" One issue is that macros defined in HeapGuard.h GUARD_HEAP_TYPE_PAGE GUARD_HEAP_TYPE_POOL doesn't match the definition of PCD PcdHeapGuardPropertyMask in MdeModulePkg.dec. This patch fixed it by exchanging the BIT0 and BIT1 of them. Another is that method AdjustMemoryF() will return a bigger NumberOfPages t= han the value passed in. This is caused by counting twice of a shared Guard page which can be used for both head and tail Guard of the memory before it and after it. This happens only when partially freeing just one page in the mid= dle of a bunch of allocated pages. The freed page should be turned into a new Guard page. Cc: Jie Lin Cc: Star Zeng Cc: Eric Dong Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang Reviewed-by: Star Zeng --- MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 91 +++++++++++++++++++++++++++--= ---- MdeModulePkg/Core/PiSmmCore/HeapGuard.h | 4 +- 2 files changed, 76 insertions(+), 19 deletions(-) diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c b/MdeModulePkg/Core/Pi= SmmCore/HeapGuard.c index 1d5fb8cdb5..04fa1747a1 100644 --- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c +++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c @@ -776,6 +776,7 @@ UnsetGuardForMemory ( ) { EFI_PHYSICAL_ADDRESS GuardPage; + UINT64 GuardBitmap; =20 if (NumberOfPages =3D=3D 0) { return; @@ -784,16 +785,29 @@ UnsetGuardForMemory ( // // Head Guard must be one page before, if any. // + // MSB-> 1 0 <-LSB + // ------------------- + // Head Guard -> 0 1 -> Don't free Head Guard (shared Guard) + // Head Guard -> 0 0 -> Free Head Guard either (not shared Guard) + // 1 X -> Don't free first page (need a new Guard) + // (it'll be turned into a Guard page later) + // ------------------- + // Start -> -1 -2 + // GuardPage =3D Memory - EFI_PAGES_TO_SIZE (1); - if (IsHeadGuard (GuardPage)) { - if (!IsMemoryGuarded (GuardPage - EFI_PAGES_TO_SIZE (1))) { + GuardBitmap =3D GetGuardedMemoryBits (Memory - EFI_PAGES_TO_SIZE (2), 2); + if ((GuardBitmap & BIT1) =3D=3D 0) { + // + // Head Guard exists. + // + if ((GuardBitmap & BIT0) =3D=3D 0) { // // If the head Guard is not a tail Guard of adjacent memory block, // unset it. // UnsetGuardPage (GuardPage); } - } else if (IsMemoryGuarded (GuardPage)) { + } else { // // Pages before memory to free are still in Guard. It's a partial free // case. Turn first page of memory block to free into a new Guard. @@ -804,16 +818,29 @@ UnsetGuardForMemory ( // // Tail Guard must be the page after this memory block to free, if any. // + // MSB-> 1 0 <-LSB + // -------------------- + // 1 0 <- Tail Guard -> Don't free Tail Guard (shared Guard) + // 0 0 <- Tail Guard -> Free Tail Guard either (not shared G= uard) + // X 1 -> Don't free last page (need a new G= uard) + // (it'll be turned into a Guard page la= ter) + // -------------------- + // +1 +0 <- End + // GuardPage =3D Memory + EFI_PAGES_TO_SIZE (NumberOfPages); - if (IsTailGuard (GuardPage)) { - if (!IsMemoryGuarded (GuardPage + EFI_PAGES_TO_SIZE (1))) { + GuardBitmap =3D GetGuardedMemoryBits (GuardPage, 2); + if ((GuardBitmap & BIT0) =3D=3D 0) { + // + // Tail Guard exists. + // + if ((GuardBitmap & BIT1) =3D=3D 0) { // // If the tail Guard is not a head Guard of adjacent memory block, // free it; otherwise, keep it. // UnsetGuardPage (GuardPage); } - } else if (IsMemoryGuarded (GuardPage)) { + } else { // // Pages after memory to free are still in Guard. It's a partial free // case. We need to keep one page to be a head Guard. @@ -903,6 +930,7 @@ AdjustMemoryF ( EFI_PHYSICAL_ADDRESS Start; EFI_PHYSICAL_ADDRESS MemoryToTest; UINTN PagesToFree; + UINT64 GuardBitmap; =20 if (Memory =3D=3D NULL || NumberOfPages =3D=3D NULL || *NumberOfPages = =3D=3D 0) { return; @@ -914,9 +942,22 @@ AdjustMemoryF ( // // Head Guard must be one page before, if any. // - MemoryToTest =3D Start - EFI_PAGES_TO_SIZE (1); - if (IsHeadGuard (MemoryToTest)) { - if (!IsMemoryGuarded (MemoryToTest - EFI_PAGES_TO_SIZE (1))) { + // MSB-> 1 0 <-LSB + // ------------------- + // Head Guard -> 0 1 -> Don't free Head Guard (shared Guard) + // Head Guard -> 0 0 -> Free Head Guard either (not shared Guard) + // 1 X -> Don't free first page (need a new Guard) + // (it'll be turned into a Guard page later) + // ------------------- + // Start -> -1 -2 + // + MemoryToTest =3D Start - EFI_PAGES_TO_SIZE (2); + GuardBitmap =3D GetGuardedMemoryBits (MemoryToTest, 2); + if ((GuardBitmap & BIT1) =3D=3D 0) { + // + // Head Guard exists. + // + if ((GuardBitmap & BIT0) =3D=3D 0) { // // If the head Guard is not a tail Guard of adjacent memory block, // free it; otherwise, keep it. @@ -924,10 +965,10 @@ AdjustMemoryF ( Start -=3D EFI_PAGES_TO_SIZE (1); PagesToFree +=3D 1; } - } else if (IsMemoryGuarded (MemoryToTest)) { + } else { // - // Pages before memory to free are still in Guard. It's a partial free - // case. We need to keep one page to be a tail Guard. + // No Head Guard, and pages before memory to free are still in Guard. = It's a + // partial free case. We need to keep one page to be a tail Guard. // Start +=3D EFI_PAGES_TO_SIZE (1); PagesToFree -=3D 1; @@ -936,19 +977,32 @@ AdjustMemoryF ( // // Tail Guard must be the page after this memory block to free, if any. // + // MSB-> 1 0 <-LSB + // -------------------- + // 1 0 <- Tail Guard -> Don't free Tail Guard (shared Guard) + // 0 0 <- Tail Guard -> Free Tail Guard either (not shared G= uard) + // X 1 -> Don't free last page (need a new G= uard) + // (it'll be turned into a Guard page la= ter) + // -------------------- + // +1 +0 <- End + // MemoryToTest =3D Start + EFI_PAGES_TO_SIZE (PagesToFree); - if (IsTailGuard (MemoryToTest)) { - if (!IsMemoryGuarded (MemoryToTest + EFI_PAGES_TO_SIZE (1))) { + GuardBitmap =3D GetGuardedMemoryBits (MemoryToTest, 2); + if ((GuardBitmap & BIT0) =3D=3D 0) { + // + // Tail Guard exists. + // + if ((GuardBitmap & BIT1) =3D=3D 0) { // // If the tail Guard is not a head Guard of adjacent memory block, // free it; otherwise, keep it. // PagesToFree +=3D 1; } - } else if (IsMemoryGuarded (MemoryToTest)) { + } else if (PagesToFree > 0) { // - // Pages after memory to free are still in Guard. It's a partial free - // case. We need to keep one page to be a head Guard. + // No Tail Guard, and pages after memory to free are still in Guard. I= t's a + // partial free case. We need to keep one page to be a head Guard. // PagesToFree -=3D 1; } @@ -1146,6 +1200,9 @@ SmmInternalFreePagesExWithGuard ( =20 AdjustMemoryF (&MemoryToFree, &PagesToFree); UnsetGuardForMemory (Memory, NumberOfPages); + if (PagesToFree =3D=3D 0) { + return EFI_SUCCESS; + } =20 return SmmInternalFreePagesEx (MemoryToFree, PagesToFree, AddRegion); } diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.h b/MdeModulePkg/Core/Pi= SmmCore/HeapGuard.h index a6f92a2042..3e4b2a4aa0 100644 --- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.h +++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.h @@ -160,8 +160,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITH= ER EXPRESS OR IMPLIED. // // Memory type to guard (matching the related PCD definition) // -#define GUARD_HEAP_TYPE_POOL BIT2 -#define GUARD_HEAP_TYPE_PAGE BIT3 +#define GUARD_HEAP_TYPE_PAGE BIT2 +#define GUARD_HEAP_TYPE_POOL BIT3 =20 // // Debug message level --=20 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel