The NULL instances for GetMemoryProtectionsLib and
SetMemoryProtectionsLib just zero out the memory protections
structure effectively disabling memory protections.
Signed-off-by: Taylor Beebe <taylor.d.be...@gmail.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
---
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c |
29 ++++
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c |
144 ++++++++++++++++++++
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf |
25 ++++
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf |
25 ++++
MdeModulePkg/MdeModulePkg.dsc |
4 +
5 files changed, 227 insertions(+)
diff --git
a/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
new file mode 100644
index 000000000000..af341c2c893d
--- /dev/null
+++ b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
@@ -0,0 +1,29 @@
+/** @file
+NULL implementation for GetMemoryProtectionsLib
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Uefi.h>
+#include <Library/GetMemoryProtectionsLib.h>
+
+MEMORY_PROTECTION_SETTINGS_UNION gMps = { 0 };
+
+/**
+ Populates gMps global. This function is invoked by the library constructor
and only needs to be
+ called if library contructors have not yet been invoked.
+
+ @retval EFI_SUCCESS gMps global was populated.
+ @retval EFI_NOT_FOUND The gMemoryProtectionSettingsGuid HOB was not
found.
+ @retval EFI_ABORTED The version number of the DXE or MM memory
protection settings was invalid.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+PopulateMpsGlobal (
+ VOID
+ )
+{
+ return EFI_UNSUPPORTED;
+}
diff --git
a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
new file mode 100644
index 000000000000..0d3a32d70209
--- /dev/null
+++ b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
@@ -0,0 +1,144 @@
+/** @file
+Library for setting the memory protection settings for DXE.
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Uefi.h>
+#include <Library/SetMemoryProtectionsLib.h>
+
+DXE_MEMORY_PROTECTION_PROFILES
DxeMemoryProtectionProfiles[DxeMemoryProtectionSettingsMax] = { 0 };
+MM_MEMORY_PROTECTION_PROFILES
MmMemoryProtectionProfiles[MmMemoryProtectionSettingsMax] = { 0 };
+
+/**
+ Prevent further changes to the memory protection settings via this
+ library API.
+
+ @retval EFI_SUCCESS The memory protection settings are locked.
+ @retval EFI_ABORTED Unable to get/create the memory protection
settings.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+LockMemoryProtectionSettings (
+ VOID
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Sets the DXE memory protection settings. If DxeMps is NULL, the settings
will be set based
+ on ProfileIndex.
+
+ @param[in] DxeMps Pointer to the memory protection settings to
publish. If NULL, the
+ settings will be created based on ProfileIndex.
+ @param[in] ProfileIndex The index of the memory protection profile to use
if DxeMps is NULL.
+
+ @retval EFI_SUCCESS The memory protection HOB was successfully
created.
+ @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the version
number of the
+ input DxeMps was not equal to the version
currently present
+ in the settings.
+ @retval EFI_ABORTED Unable to get/create the memory protection
settings.
+ @retval EFI_ACCESS_DENIED The memory protection settings are locked.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+SetDxeMemoryProtectionSettings (
+ IN DXE_MEMORY_PROTECTION_SETTINGS *DxeMps OPTIONAL,
+ IN DXE_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Sets the MM memory protection HOB entry. If MmMps is NULL, the settings will
be set based
+ on ProfileIndex.
+
+ @param[in] MmMps Pointer to the memory protection settings to
publish. If NULL, the
+ settings will be created based on ProfileIndex.
+ @param[in] ProfileIndex The index of the memory protection profile to use
if MmMps is NULL.
+
+ @retval EFI_SUCCESS The memory protection HOB was successfully
created.
+ @retval EFI_OUT_OF_RESOURCES There was insufficient memory to create the
HOB.
+ @retval EFI_INVALID_PARAMETER The ProfileIndex was invalid or the version
number of the
+ input MmMps was not equal to the version
currently present
+ in the settings.
+ @retval EFI_ABORTED Unable to get/create the memory protection
settings.
+ @retval EFI_ACCESS_DENIED The memory protection settings are locked.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+SetMmMemoryProtectionSettings (
+ IN MM_MEMORY_PROTECTION_SETTINGS *MmMps OPTIONAL,
+ IN MM_MEMORY_PROTECTION_PROFILE_INDEX ProfileIndex
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Copies the current memory protection settings into the input buffer.
+
+ NOTE: The returned settings may not be the final settings used by the
+ platform on this boot. Unless LockMemoryProtectionSettings() has
+ been called, settings may be modified by drivers until DXE handoff.
+
+ @param[out] Mps The memory protection settings pointer to populate.
+
+ @retval EFI_SUCCESS The memory protection settings were copied
+ into the input buffer.
+ @retval EFI_INVALID_PARAMETER Mps was NULL.
+ @retval EFI_ABORTED Unable to get/create the memory protection
settings.
+ @retval EFI_UNSUPPORTED NULL implementation called.
+**/
+EFI_STATUS
+EFIAPI
+GetCurrentMemoryProtectionSettings (
+ OUT MEMORY_PROTECTION_SETTINGS *Mps
+ )
+{
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Returns TRUE any form of DXE memory protection is currently active.
+
+ NOTE: The returned value may reflect the final settings used by the
+ platform on this boot. Unless LockMemoryProtectionSettings() has
+ been called, settings may be modified by drivers until DXE handoff.
+
+ @retval TRUE DXE Memory protection is active.
+ @retval FALSE DXE Memory protection is not active.
+**/
+BOOLEAN
+EFIAPI
+IsDxeMemoryProtectionActive (
+ VOID
+ )
+{
+ return FALSE;
+}
+
+/**
+ Returns TRUE any form of MM memory protection is currently active.
+
+ NOTE: The returned value may reflect the final settings used by the
+ platform on this boot. Unless LockMemoryProtectionSettings() has
+ been called, settings may be modified by drivers until DXE handoff.
+
+ @retval TRUE MM Memory protection is active.
+ @retval FALSE MM Memory protection is not active.
+**/
+BOOLEAN
+EFIAPI
+IsMmMemoryProtectionActive (
+ VOID
+ )
+{
+ return FALSE;
+}
diff --git
a/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
new file mode 100644
index 000000000000..e7161412d9dc
--- /dev/null
+++
b/MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
@@ -0,0 +1,25 @@
+## @file
+# NULL implementation for GetMemoryProtectionsLib
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = GetMemoryProtectionsLibNull
+ FILE_GUID = C21A27EE-37DD-4024-8EDA-8BF5088C8CB1
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = GetMemoryProtectionsLib
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ GetMemoryProtectionsLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
diff --git
a/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
new file mode 100644
index 000000000000..fa660abe3b64
--- /dev/null
+++
b/MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
@@ -0,0 +1,25 @@
+## @file
+# Library for setting the memory protection settings for DXE.
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SetMemoryProtectionsLibNull
+ FILE_GUID = CBD02C10-1F4B-4374-A7B2-BB2547C08433
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = SetMemoryProtectionsLib|SEC PEI_CORE PEIM
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ SetMemoryProtectionsLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index db3b5af53795..4932a05079ae 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -106,6 +106,8 @@ [LibraryClasses]
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
IpmiCommandLib|MdeModulePkg/Library/BaseIpmiCommandLibNull/BaseIpmiCommandLibNull.inf
+
GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
+
SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
[LibraryClasses.EBC.PEIM]
IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
@@ -231,6 +233,8 @@ [Components]
MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf
+ MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
+ MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf
MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
--
2.41.0.windows.3
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107858): https://edk2.groups.io/g/devel/message/107858
Mute This Topic: https://groups.io/mt/100830901/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
