Here's a summmary of the v2 changes :)
v2:
- The previous version required the platform manage the HOB creation
during PEI phase. v2 adds a new library, SetMemoryProtectionsLib, which
offers an interface for setting, locking, and checking the memory protections
for the boot. The settings are still backed by a HOB entry.
SetMemoryProtectionsLib
is a PEI/SEC only library as protections must be locked in by DxeHandoff().
- The previous version had a separate MM and DXE library for getting the platform
memory protection settings and populating the global for access. v2
consolidates
these two libraries into a single GetMemoryProtectionsLib which has DXE and MM
instances. The global populated is a union of the MM and DXE settings. The
first
4 bytes of the union is the signature used to identify whether the global
contains
the DXE or MM settings.
- Add a patch to page-align the DXE allocated HOB list and apply RO and NX
to it during memory protection initialization.
- Add a patch which checks the debug print level before executing the memory
map dump routine. This saves several seconds of boot time on debug builds with
memory protections active.
- Remove unnecessary code consolidation from the patch series to make it
easier
to review. The code consolidation will be in a future patch series.
- Add the ability to set the memory protection profile via the fw_cfg QEMU
interface on OvmfPkg platforms. The cfg parsing library needs to be ported to
ArmVirtPkg to enable the same functionality on ARM virtual platforms.
ArmVirtPkg
will use the Release protection profile by default.
- Restructure the patch series to ensure bisectability as the memory logic
is transitioned to use the Get and Set libraries one package at a time.
The memory protection PCDs are still removed in this patch series to avoid
confusing the interface and remove the ties to the legacy implementation.
On 8/18/23 3:31 PM, Taylor Beebe wrote:
In the past, memory protection settings were configured via FixedAtBuild PCDs,
which resulted in a build-time configuration of memory mitigations. This
approach limited the flexibility of applying mitigations to the
system and made it difficult to update or adjust the settings post-build.
In a design, the configuration interface has been revised to allow for dynamic
configuration. This is achieved by setting memory protections via a library
interface which stores/updates the memory protection settings in
a GUIDed HOB, which is then consumed during and after DXE handoff.
This patch series adds two libraries:
SetMemoryProtectionsLib: A PEIM that allows for setting/fetching memory
protections and "locking" to prevent further updates via the library interface.
The backing for the settings are a GUIDed HOB that is created by the library
whenever its API is invoked.
GetMemoryProtectionsLib: A DXE library that allows for getting the memory
protection settings for the current boot. This library populates a global
with the settings from the HOB entry (if present) for access in the module.
Previous references to the PCDs are replaced with references to the global.
OvmfPkg has been updated to allow the setting of the memory protection profile
via QemuCfg instead of just the NxForStack setting. If no profile is passed,
the platform will default to the Debug profile for DXE and Off profile for MM.
ArmVirtPkg will use the Release profile.
Reference: https://github.com/tianocore/edk2/pull/4566
Cc: Abner Chang <abner.ch...@amd.com>
Cc: Andrei Warkentin <andrei.warken...@intel.com>
Cc: Anatol Belski <anbel...@linux.microsoft.com>
Cc: Andrew Fish <af...@apple.com>
Cc: Anthony Perard <anthony.per...@citrix.com>
Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org>
Cc: Corvin Köhne <corv...@freebsd.org>
Cc: Dandan Bi <dandan...@intel.com>
Cc: Eric Dong <eric.d...@intel.com>
Cc: Erdem Aktas <erdemak...@google.com>
Cc: Gerd Hoffmann <kra...@redhat.com>
Cc: Guo Dong <guo.d...@intel.com>
Cc: Gua Guo <gua....@intel.com>
Cc: James Bottomley <j...@linux.ibm.com>
Cc: James Lu <james...@intel.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Jianyong Wu <jianyong...@arm.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Jordan Justen <jordan.l.jus...@intel.com>
Cc: Julien Grall <jul...@xen.org>
Cc: Leif Lindholm <quic_llind...@quicinc.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Cc: Michael Roth <michael.r...@amd.com>
Cc: Min Xu <min.m...@intel.com>
Cc: Peter Grehan <gre...@freebsd.org>
Cc: Rahul Kumar <rahul1.ku...@intel.com>
Cc: Ray Ni <ray...@intel.com>
Cc: Rebecca Cran <rebe...@bsdio.com>
Cc: Sami Mujawar <sami.muja...@arm.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: Sunil V L <suni...@ventanamicro.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Taylor Beebe (25):
MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions
MdeModulePkg: Define SetMemoryProtectionsLib and
GetMemoryProtectionsLib
MdeModulePkg: Add NULL Instances for Get/SetMemoryProtectionsLib
MdeModulePkg: Implement SetMemoryProtectionsLib and
GetMemoryProtectionsLib
MdeModulePkg: Apply Protections to the HOB List
MdeModulePkg: Check Print Level Before Dumping GCD Memory Map
UefiCpuPkg: Always Set Stack Guard in MpPei Init
ArmVirtPkg: Add Memory Protection Library Definitions to Platforms
OvmfPkg: Add Memory Protection Library Definitions to Platforms
OvmfPkg: Apply Memory Protections via SetMemoryProtectionsLib
OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib
UefiPayloadPkg: Update DXE Handoff to use SetMemoryProtectionsLib
MdeModulePkg: Update DXE Handoff to use SetMemoryProtectionsLib
ArmPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs
EmulatorPkg: Use GetMemoryProtectionsLib instead of Memory Protection
PCDs
OvmfPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs
UefiCpuPkg: Use GetMemoryProtectionsLib instead of Memory Protection
PCDs
MdeModulePkg: Use GetMemoryProtectionsLib instead of Memory Protection
PCDs
MdeModulePkg: Add Additional Profiles to SetMemoryProtectionsLib
OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg
ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib
MdeModulePkg: Delete PCD Profile from SetMemoryProtectionsLib
OvmfPkg: Delete Memory Protection PCDs
ArmVirtPkg: Delete Memory Protection PCDs
MdeModulePkg: Delete Memory Protection PCDs
ArmPkg/Drivers/CpuDxe/CpuDxe.c
| 5 +-
ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c
| 11 +-
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
| 4 +-
MdeModulePkg/Core/Dxe/Gcd/Gcd.c
| 22 +-
MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
| 46 +-
MdeModulePkg/Core/Dxe/Mem/Page.c
| 2 +-
MdeModulePkg/Core/Dxe/Mem/Pool.c
| 4 +-
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
| 96 ++-
MdeModulePkg/Core/DxeIplPeim/DxeHandoff.c
| 4 +-
MdeModulePkg/Core/DxeIplPeim/DxeLoad.c
| 2 +
MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
| 9 +-
MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
| 6 +-
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
| 16 +-
MdeModulePkg/Core/PiSmmCore/HeapGuard.c
| 29 +-
MdeModulePkg/Core/PiSmmCore/Pool.c
| 4 +-
MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.c
| 158 ++++
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
| 29 +
MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.c
| 124 ++++
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c
| 781 ++++++++++++++++++++
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
| 144 ++++
OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c
| 5 +-
OvmfPkg/Library/PeilessStartupLib/DxeLoad.c
| 6 +-
OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
| 59 +-
OvmfPkg/Library/PeilessStartupLib/X64/VirtualMemory.c
| 26 +-
OvmfPkg/Library/PlatformInitLib/Platform.c
| 15 -
OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParser.c
| 11 +
OvmfPkg/PlatformPei/IntelTdx.c
| 2 -
OvmfPkg/PlatformPei/Platform.c
| 73 +-
OvmfPkg/QemuVideoDxe/VbeShim.c
| 3 +-
OvmfPkg/TdxDxe/TdxDxe.c
| 7 +-
UefiCpuPkg/CpuDxe/CpuDxe.c
| 2 +-
UefiCpuPkg/CpuDxe/CpuMp.c
| 2 +-
UefiCpuPkg/CpuMpPei/CpuMpPei.c
| 8 +-
UefiCpuPkg/CpuMpPei/CpuPaging.c
| 16 +-
UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTestCommon.c
| 6 +-
UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerUnitTest.c
| 15 +
UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerUnitTest.c
| 21 +
UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
| 3 +-
UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c
| 2 +-
UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
| 13 +-
UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c
| 2 +-
UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c
| 2 +-
UefiPayloadPkg/UefiPayloadEntry/Ia32/DxeLoadFunc.c
| 11 +-
UefiPayloadPkg/UefiPayloadEntry/LoadDxeCore.c
| 2 +
UefiPayloadPkg/UefiPayloadEntry/X64/DxeLoadFunc.c
| 8 +-
UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c
| 15 +-
ArmPkg/ArmPkg.dsc
| 1 +
ArmPkg/Drivers/CpuDxe/CpuDxe.inf
| 2 +-
ArmVirtPkg/ArmVirt.dsc.inc
| 21 +-
ArmVirtPkg/ArmVirtCloudHv.dsc
| 5 -
ArmVirtPkg/ArmVirtQemu.dsc
| 5 -
ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf
| 1 +
EmulatorPkg/EmulatorPkg.dsc
| 3 +-
MdeModulePkg/Core/Dxe/DxeMain.h
| 1 +
MdeModulePkg/Core/Dxe/DxeMain.inf
| 9 +-
MdeModulePkg/Core/DxeIplPeim/DxeIpl.h
| 3 +
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
| 11 +-
MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
| 1 +
MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
| 4 +-
MdeModulePkg/Include/Guid/MemoryProtectionSettings.h
| 216 ++++++
MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h
| 83 +++
MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h
| 157 ++++
MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.inf
| 34 +
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
| 25 +
MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf
| 34 +
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf
| 37 +
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
| 25 +
MdeModulePkg/MdeModulePkg.dec
| 182 +----
MdeModulePkg/MdeModulePkg.dsc
| 7 +
MdeModulePkg/MdeModulePkg.uni
| 153 ----
OvmfPkg/AmdSev/AmdSevX64.dsc
| 4 +-
OvmfPkg/Bhyve/BhyveX64.dsc
| 4 +-
OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf
| 1 -
OvmfPkg/CloudHv/CloudHvX64.dsc
| 4 +-
OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf
| 4 +-
OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc
| 15 +
OvmfPkg/Include/Library/PlatformInitLib.h
| 13 -
OvmfPkg/Include/Library/QemuFwCfgSimpleParserLib.h
| 8 +
OvmfPkg/IntelTdx/IntelTdxX64.dsc
| 5 +-
OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
| 6 +-
OvmfPkg/Microvm/MicrovmX64.dsc
| 5 +-
OvmfPkg/OvmfPkgIa32.dsc
| 4 +-
OvmfPkg/OvmfPkgIa32X64.dsc
| 4 +-
OvmfPkg/OvmfPkgX64.dsc
| 4 +-
OvmfPkg/OvmfXen.dsc
| 5 +-
OvmfPkg/PlatformCI/PlatformBuildLib.py
| 31 +-
OvmfPkg/PlatformPei/PlatformPei.inf
| 2 +-
OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
| 2 +-
OvmfPkg/RiscVVirt/RiscVVirt.dsc.inc
| 13 -
OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc
| 2 +
OvmfPkg/TdxDxe/TdxDxe.inf
| 1 -
UefiCpuPkg/CpuDxe/CpuDxe.h
| 11 +-
UefiCpuPkg/CpuDxe/CpuDxe.inf
| 4 +-
UefiCpuPkg/CpuDxeRiscV64/CpuDxeRiscV64.inf
| 3 -
UefiCpuPkg/CpuMpPei/CpuMpPei.h
| 3 +-
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
| 1 -
UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
| 1 -
UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
| 1 -
UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
| 1 -
UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
| 1 -
UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/CpuExceptionHandlerTest.h
| 13 +-
UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/DxeCpuExceptionHandlerLibUnitTest.inf
| 2 +-
UefiCpuPkg/Library/CpuExceptionHandlerLib/UnitTest/PeiCpuExceptionHandlerLibUnitTest.inf
| 2 +-
UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
| 3 +-
UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
| 3 +-
UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfileInternal.h
| 9 +-
UefiCpuPkg/UefiCpuPkg.dec
| 7 +-
UefiCpuPkg/UefiCpuPkg.dsc
| 2 +
UefiCpuPkg/UefiCpuPkg.uni
| 10 +-
UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.h
| 1 +
UefiPayloadPkg/UefiPayloadEntry/UefiPayloadEntry.inf
| 9 +-
UefiPayloadPkg/UefiPayloadEntry/UniversalPayloadEntry.inf
| 9 +-
UefiPayloadPkg/UefiPayloadPkg.dsc
| 12 +
113 files changed, 2404 insertions(+), 692 deletions(-)
create mode 100644
MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.c
create mode 100644
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.c
create mode 100644
MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.c
create mode 100644
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.c
create mode 100644
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.c
create mode 100644 MdeModulePkg/Include/Guid/MemoryProtectionSettings.h
create mode 100644 MdeModulePkg/Include/Library/GetMemoryProtectionsLib.h
create mode 100644 MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h
create mode 100644
MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.inf
create mode 100644
MdeModulePkg/Library/GetMemoryProtectionsLib/GetMemoryProtectionsLibNull.inf
create mode 100644
MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf
create mode 100644
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf
create mode 100644
MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLibNull.inf
create mode 100644 OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107928): https://edk2.groups.io/g/devel/message/107928
Mute This Topic: https://groups.io/mt/100830898/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
