If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory
of EfiReservedMemoryType, the BIOS will hang at a page fault exception
triggered by BootScriptExecutorDxe.
The root cause is that this driver will allocate memory of
EfiReservedMemoryType and relocate itself into this new memory. Since
EfiReservedMemoryType of memory is marked non-executable, re-start this
driver after relocation will cause exception. The fix is removing the NX
attribute after memory allocation.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
.../Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf | 1 +
.../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c | 14 ++++++++++++++
.../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h | 1 +
3 files changed, 16 insertions(+)
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
index 29af7f55ec..aac132122c 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
@@ -68,6 +68,7 @@
LockBoxLib
CpuExceptionHandlerLib
DevicePathLib
+ DxeServicesTableLib
[Guids]
gEfiBootScriptExecutorVariableGuid ## PRODUCES ## UNDEFINED # SaveLockBox
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
index 4545d6e581..263a282188 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
@@ -273,6 +273,7 @@ ReadyToLockEventNotify (
UINTN Pages;
EFI_PHYSICAL_ADDRESS FfsBuffer;
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR MemDesc;
Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface);
if (EFI_ERROR (Status)) {
@@ -322,6 +323,19 @@ ReadyToLockEventNotify (
&FfsBuffer
);
ASSERT_EFI_ERROR (Status);
+
+ //
+ // Make sure that the buffer can be used to store code.
+ //
+ Status = gDS->GetMemorySpaceDescriptor (FfsBuffer, &MemDesc);
+ if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) {
+ gDS->SetMemorySpaceAttributes (
+ FfsBuffer,
+ EFI_PAGES_TO_SIZE (Pages),
+ MemDesc.Attributes & (~EFI_MEMORY_XP)
+ );
+ }
+
ImageContext.ImageAddress = (PHYSICAL_ADDRESS)(UINTN)FfsBuffer;
//
// Align buffer on section boundary
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
index 75327569d7..94deae87e6 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
@@ -38,6 +38,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/LockBoxLib.h>
#include <Library/CpuExceptionHandlerLib.h>
#include <Library/DevicePathLib.h>
+#include <Library/DxeServicesTableLib.h>
#include <Guid/AcpiS3Context.h>
#include <Guid/BootScriptExecutorVariable.h>
--
2.15.1.windows.2
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
Reviewed-by: Star Zeng <star.zeng@intel.com> -----Original Message----- From: Wang, Jian J Sent: Monday, January 15, 2018 4:55 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen <jiewen.yao@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.com>; Dong, Eric <eric.dong@intel.com>; Zeng, Star <star.zeng@intel.com> Subject: [PATCH 6/6] MdeModulePkg/BootScriptExecutorDxe: remove NX attr for FfsBuffer If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory of EfiReservedMemoryType, the BIOS will hang at a page fault exception triggered by BootScriptExecutorDxe. The root cause is that this driver will allocate memory of EfiReservedMemoryType and relocate itself into this new memory. Since EfiReservedMemoryType of memory is marked non-executable, re-start this driver after relocation will cause exception. The fix is removing the NX attribute after memory allocation. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> --- .../Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf | 1 + .../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c | 14 ++++++++++++++ .../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h | 1 + 3 files changed, 16 insertions(+) diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf index 29af7f55ec..aac132122c 100644 --- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf +++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecut +++ orDxe.inf @@ -68,6 +68,7 @@ LockBoxLib CpuExceptionHandlerLib DevicePathLib + DxeServicesTableLib [Guids] gEfiBootScriptExecutorVariableGuid ## PRODUCES ## UNDEFINED # SaveLockBox diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c index 4545d6e581..263a282188 100644 --- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c +++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c @@ -273,6 +273,7 @@ ReadyToLockEventNotify ( UINTN Pages; EFI_PHYSICAL_ADDRESS FfsBuffer; PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR MemDesc; Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface); if (EFI_ERROR (Status)) { @@ -322,6 +323,19 @@ ReadyToLockEventNotify ( &FfsBuffer ); ASSERT_EFI_ERROR (Status); + + // + // Make sure that the buffer can be used to store code. + // + Status = gDS->GetMemorySpaceDescriptor (FfsBuffer, &MemDesc); if + (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) { + gDS->SetMemorySpaceAttributes ( + FfsBuffer, + EFI_PAGES_TO_SIZE (Pages), + MemDesc.Attributes & (~EFI_MEMORY_XP) + ); + } + ImageContext.ImageAddress = (PHYSICAL_ADDRESS)(UINTN)FfsBuffer; // // Align buffer on section boundary diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h index 75327569d7..94deae87e6 100644 --- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h +++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h @@ -38,6 +38,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Library/LockBoxLib.h> #include <Library/CpuExceptionHandlerLib.h> #include <Library/DevicePathLib.h> +#include <Library/DxeServicesTableLib.h> #include <Guid/AcpiS3Context.h> #include <Guid/BootScriptExecutorVariable.h> -- 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
© 2016 - 2024 Red Hat, Inc.