Re: [edk2-devel] [Patch V6 02/14] MdeModulePkg: Remove other attribute protection in UnsetGuardPage

Wed, 14 Jun 2023 02:41:06 -0700 

Hi all,

Could you please help to review this patch?

Thanks,
Dun

-----Original Message-----
From: [email protected] <[email protected]> On Behalf Of duntan
Sent: Friday, June 9, 2023 5:16 PM
To: [email protected]
Cc: Gao, Liming <[email protected]>; Ni, Ray <[email protected]>; Wang, 
Jian J <[email protected]>; Ard Biesheuvel <[email protected]>
Subject: [edk2-devel] [Patch V6 02/14] MdeModulePkg: Remove other attribute 
protection in UnsetGuardPage

In UnsetGuardPage(), before SmmReadyToLock, remove NX and RO memory attribute 
protection for guarded page since EfiConventionalMemory in SMRAM is RW and 
executable before SmmReadyToLock. If UnsetGuardPage() happens after 
SmmReadyToLock, then apply EFI_MEMORY_XP to the guarded page to make sure 
EfiConventionalMemory in SMRAM is NX since EfiConventionalMemory in SMRAM is 
marked as NX in PiSmmCpuDxe driver when SmmReadyToLock.

Signed-off-by: Dun Tan <[email protected]>
Cc: Liming Gao <[email protected]>
Cc: Ray Ni <[email protected]>
Cc: Jian J Wang <[email protected]>
Cc: Ard Biesheuvel <[email protected]>
---
 MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c 
b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
index 8f3bab6fee..25310122ca 100644
--- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
+++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
@@ -553,9 +553,23 @@ UnsetGuardPage (
                                          mSmmMemoryAttribute,
                                          BaseAddress,
                                          EFI_PAGE_SIZE,
-                                         EFI_MEMORY_RP
+                                         
+ EFI_MEMORY_RP|EFI_MEMORY_RO|EFI_MEMORY_XP
                                          );
     ASSERT_EFI_ERROR (Status);
+
+    if (gST == NULL) {
+      //
+      // Make sure EfiConventionalMemory is NX after SmmReadyToLock
+      //
+      Status = mSmmMemoryAttribute->SetMemoryAttributes (
+                                      mSmmMemoryAttribute,
+                                      BaseAddress,
+                                      EFI_PAGE_SIZE,
+                                      EFI_MEMORY_XP
+                                      );
+      ASSERT_EFI_ERROR (Status);
+    }
+
     mOnGuarding = FALSE;
   }
 }
--
2.31.1.windows.1








-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106082): https://edk2.groups.io/g/devel/message/106082
Mute This Topic: https://groups.io/mt/99524271/21656
Group Owner: [email protected]
Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to