[edk2-devel] [PATCH v5 12/28] OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib

[Taylor Beebe]

This patch updates the DXE Handoff in PEI-less Startup to use
SetMemoryProtectionsLib to get the platform memory protection settings
and build the page tables based on the applied protections.

Signed-off-by: Taylor Beebe <taylor.d.be...@gmail.com>
Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Jordan Justen <jordan.l.jus...@intel.com>
Cc: Gerd Hoffmann <kra...@redhat.com>
---
 OvmfPkg/Library/PeilessStartupLib/DxeLoad.c             |  6 +++++-
 OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c   | 13 ++++++++-----
 OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf |  4 ----
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c 
b/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c
index d34690eb8a0b..f8ff53876369 100644
--- a/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c
+++ b/OvmfPkg/Library/PeilessStartupLib/DxeLoad.c
@@ -20,9 +20,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/PrePiLib.h>
 #include "X64/PageTables.h"
 #include <Library/ReportStatusCodeLib.h>
+#include <Library/SetMemoryProtectionsLib.h>
 
 #define STACK_SIZE  0x20000
-extern EFI_GUID  gEfiNonCcFvGuid;
+extern EFI_GUID             gEfiNonCcFvGuid;
+MEMORY_PROTECTION_SETTINGS  mMps = { 0 };
 
 /**
    Transfers control to DxeCore.
@@ -42,6 +44,8 @@ HandOffToDxeCore (
   VOID   *TopOfStack;
   UINTN  PageTables;
 
+  GetCurrentMemoryProtectionSettings (&mMps);
+
   //
   // Clear page 0 and mark it as allocated if NULL pointer detection is 
enabled.
   //
diff --git a/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c 
b/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c
index e2c1bac5e059..41521e3d3d71 100644
--- a/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c
+++ b/OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c
@@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/PcdLib.h>
 #include <Guid/MemoryTypeInformation.h>
 #include <Guid/MemoryAllocationHob.h>
+#include <Library/SetMemoryProtectionsLib.h>
 #include <Register/Intel/Cpuid.h>
 #include <Library/PlatformInitLib.h>
 #include "PageTables.h"
@@ -45,6 +46,8 @@ UINT64  mLevelSize[5] = {
   SIZE_512GB
 };
 
+extern MEMORY_PROTECTION_SETTINGS  mMps;
+
 BOOLEAN
 IsSetNxForStack (
   VOID
@@ -142,7 +145,7 @@ IsNullDetectionEnabled (
   VOID
   )
 {
-  return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) != 0);
+  return mMps.Dxe.NullPointerDetection.Enabled;
 }
 
 /**
@@ -197,8 +200,8 @@ IsEnableNonExecNeeded (
   // Features controlled by Following PCDs need this feature to be enabled.
   //
   return (IsSetNxForStack () ||
-          FixedPcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0 ||
-          PcdGet32 (PcdImageProtectionPolicy) != 0);
+          !IsZeroBuffer (&mMps.Dxe.ExecutionProtection.EnabledForType, 
MPS_MEMORY_TYPE_BUFFER_SIZE) ||
+          (mMps.Dxe.ImageProtection.ProtectImageFromFv || 
mMps.Dxe.ImageProtection.ProtectImageFromUnknown));
 }
 
 /**
@@ -241,7 +244,7 @@ ToSplitPageTable (
     return TRUE;
   }
 
-  if (FixedPcdGetBool (PcdCpuStackGuard)) {
+  if (mMps.Dxe.CpuStackGuardEnabled) {
     if ((StackBase >= Address) && (StackBase < (Address + Size))) {
       return TRUE;
     }
@@ -427,7 +430,7 @@ Split2MPageTo4K (
     PageTableEntry->Bits.ReadWrite = 1;
 
     if ((IsNullDetectionEnabled () && (PhysicalAddress4K == 0)) ||
-        (FixedPcdGetBool (PcdCpuStackGuard) && (PhysicalAddress4K == 
StackBase)))
+        (mMps.Dxe.CpuStackGuardEnabled && (PhysicalAddress4K == StackBase)))
     {
       PageTableEntry->Bits.Present = 0;
     } else {
diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf 
b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
index f0a8a5a56df4..47bd42d23d11 100644
--- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
+++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
@@ -77,12 +77,8 @@ [Pcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase
   gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplBuildPageTables       ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard               ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable              ## 
SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## 
SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy       ## 
SOMETIMES_CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask    ## 
CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask    ## 
CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack                       ## 
CONSUMES
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
-- 
2.42.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109417): https://edk2.groups.io/g/devel/message/109417
Mute This Topic: https://groups.io/mt/101843354/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-