Add a new IsShadowStack flag to identify whether current memory is
shadow stack. The dirty bit in page table entry for this memory will
be set if IsShadowStack is TRUE, instead of depending on mInternalCr3.
Signed-off-by: Dun Tan <dun....@intel.com>
Cc: Eric Dong <eric.d...@intel.com>
Cc: Ray Ni <ray...@intel.com>
Cc: Rahul Kumar <rahul1.ku...@intel.com>
---
UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
index 1f7cc15727..b369c0c435 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
@@ -33,6 +33,7 @@ PAGE_ATTRIBUTE_TABLE mPageAttributeTable[] = {
};
UINTN mInternalCr3;
+UINTN IsShadowStack = FALSE;
/**
Set the internal page table base address.
@@ -249,7 +250,7 @@ ConvertPageEntryAttribute (
if ((Attributes & EFI_MEMORY_RO) != 0) {
if (IsSet) {
NewPageEntry &= ~(UINT64)IA32_PG_RW;
- if (mInternalCr3 != 0) {
+ if (IsShadowStack) {
// Environment setup
// ReadOnly page need set Dirty bit for shadow stack
NewPageEntry |= IA32_PG_D;
@@ -734,10 +735,11 @@ SetShadowStack (
EFI_STATUS Status;
SetPageTableBase (Cr3);
-
- Status = SmmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);
+ IsShadowStack = TRUE;
+ Status = SmmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);
SetPageTableBase (0);
+ IsShadowStack = FALSE;
return Status;
}
--
2.31.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#92268): https://edk2.groups.io/g/devel/message/92268
Mute This Topic: https://groups.io/mt/92928945/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
