From nobody Mon Dec 23 09:28:38 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 151722778006864.84241570982658; Mon, 29 Jan 2018 04:09:40 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 019502215BDA4; Mon, 29 Jan 2018 04:04:04 -0800 (PST) Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 530762215BD94 for ; Mon, 29 Jan 2018 04:04:03 -0800 (PST) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 29 Jan 2018 04:09:36 -0800 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.193.4]) by fmsmga005.fm.intel.com with ESMTP; 29 Jan 2018 04:09:35 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.126; helo=mga18.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,429,1511856000"; d="scan'208";a="199477411" From: Jian J Wang To: edk2-devel@lists.01.org Date: Mon, 29 Jan 2018 20:09:32 +0800 Message-Id: <20180129120932.26272-1-jian.j.wang@intel.com> X-Mailer: git-send-email 2.15.1.windows.2 Subject: [edk2] [PATCH] MdeModulePkg/Core: fix feature conflict between NX and heap guard X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ruiyu Ni , Jiewen Yao , Eric Dong , Star Zeng MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Considering following scenario (both NX memory protection and heap guard are enabled): 1. Allocate 3 pages. The attributes of adjacent memory pages will be |NOT-PRESENT| present | present | present |NOT-PRESENT| 2. Free the middle page. The attributes of adjacent memory pages should be |NOT-PRESENT| present |NOT-PRESENT| present |NOT-PRESENT| But the NX feature will overwrite the attributes of middle page. So it looks still like below, which is wrong. |NOT-PRESENT| present | PRESENT | present |NOT-PRESENT| The solution is checking the first and/or last page of a memory block to be marked as NX, and skipping them if they are Guard pages. Cc: Star Zeng Cc: Eric Dong Cc: Jiewen Yao Cc: Ruiyu Ni Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang Reviewed-by: Ruiyu Ni --- MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 14 ++++++++++++++ MdeModulePkg/Core/Dxe/Mem/HeapGuard.h | 10 ++++++++++ MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 22 ++++++++++++++++++++++ 3 files changed, 46 insertions(+) diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.c index 392aeb8a02..d7906e08c5 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c @@ -728,6 +728,20 @@ IsPageTypeToGuard ( return IsMemoryTypeToGuard (MemoryType, AllocateType, GUARD_HEAP_TYPE_PA= GE); } =20 +/** + Check to see if the heap guard is enabled for page and/or pool allocatio= n. + + @return TRUE/FALSE. +**/ +BOOLEAN +IsHeapGuardEnabled ( + VOID + ) +{ + return IsMemoryTypeToGuard (EfiMaxMemoryType, AllocateAnyPages, + GUARD_HEAP_TYPE_POOL|GUARD_HEAP_TYPE_PAGE); +} + /** Set head Guard and tail Guard for the given memory range. =20 diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.h b/MdeModulePkg/Core/Dxe/= Mem/HeapGuard.h index 30ac0e678f..7208ab1437 100644 --- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.h +++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.h @@ -389,6 +389,16 @@ AdjustPoolHeadF ( IN EFI_PHYSICAL_ADDRESS Memory ); =20 +/** + Check to see if the heap guard is enabled for page and/or pool allocatio= n. + + @return TRUE/FALSE. +**/ +BOOLEAN +IsHeapGuardEnabled ( + VOID + ); + extern BOOLEAN mOnGuarding; =20 #endif diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index 150167bf66..877e6e5025 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -48,6 +48,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #include =20 #include "DxeMain.h" +#include "Mem/HeapGuard.h" =20 #define CACHE_ATTRIBUTE_MASK (EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMORY= _WT | EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_WP) #define MEMORY_ATTRIBUTE_MASK (EFI_MEMORY_RP | EFI_MEMORY_XP | EFI_MEMORY= _RO) @@ -1200,6 +1201,27 @@ ApplyMemoryProtectionPolicy ( return EFI_SUCCESS; } =20 + // + // Don't overwrite Guard pages, which should be the first and/or last pa= ge, + // if any. + // + if (IsHeapGuardEnabled ()) { + if (IsGuardPage (Memory)) { + Memory +=3D EFI_PAGE_SIZE; + Length -=3D EFI_PAGE_SIZE; + if (Length =3D=3D 0) { + return EFI_SUCCESS; + } + } + + if (IsGuardPage (Memory + Length - EFI_PAGE_SIZE)) { + Length -=3D EFI_PAGE_SIZE; + if (Length =3D=3D 0) { + return EFI_SUCCESS; + } + } + } + // // Update the executable permissions according to the DXE memory // protection policy, but only if --=20 2.14.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel