Jiewen,
Thanks for the comments.
1) I agree.
2) I forgot to remove them since we added new SMM protocol to do the same thing
instead.
> -----Original Message-----
> From: Yao, Jiewen
> Sent: Thursday, November 09, 2017 10:53 AM
> To: Wang, Jian J <jian.j.w...@intel.com>; Dong, Eric <eric.d...@intel.com>;
> Zeng, Star <star.z...@intel.com>; Ni, Ruiyu <ruiyu...@intel.com>; Laszlo Ersek
> <ler...@redhat.com>; Kinney, Michael D <michael.d.kin...@intel.com>
> Cc: edk2-devel@lists.01.org
> Subject: RE: [edk2] [PATCH v4 0/7] Implement heap guard feature
>
> That is great.
>
> I have minor suggestion below:
> 1) Since StaticPaging and HeapGuard are conflicted feature, I suggest we use
> ASSERT to tell the end user, instead of disable StaticPaging silently.
>
> + //
> + // Don't mark page table as read-only if heap guard is enabled.
> + //
> + // BIT2: SMM page guard enabled
> + // BIT3: SMM pool guard enabled
> + //
> + if ((PcdGet8 (PcdHeapGuardPropertyMask) & (BIT3 | BIT2)) != 0) {
> + return ;
> + }
> +
>
> 2) I do not think we need add below in
> MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf. Would you please double
> confirm?
>
> + CpuLib
>
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask
> ## CONSUMES
>
>
> With ASSERT added and cleanup in PiSmmCore.inf, reviewed-by:
> jiewen....@intel.com
>
>
> Thank you
> Yao Jiewen
>
>
>
> > -----Original Message-----
> > From: Wang, Jian J
> > Sent: Thursday, November 9, 2017 10:00 AM
> > To: Yao, Jiewen <jiewen....@intel.com>; Dong, Eric <eric.d...@intel.com>;
> > Zeng, Star <star.z...@intel.com>; Ni, Ruiyu <ruiyu...@intel.com>; Laszlo
> Ersek
> > <ler...@redhat.com>; Kinney, Michael D <michael.d.kin...@intel.com>
> > Cc: Wang, Jian J <jian.j.w...@intel.com>; edk2-devel@lists.01.org
> > Subject: RE: [edk2] [PATCH v4 0/7] Implement heap guard feature
> >
> > Just a friendly reminder.
> >
> > The recent commits have fixed two blocking issues for checking in heap guard
> > feature.
> >
> > 6fe575d052e36b243657a5885b5457decac41f03 (BaseCryptLib memory
> > overflow)
> > cf8197a39d07179027455421a182598bd6989999
> > 5df73e2cc8e39da97d56da058667607f1c43acac (AllocateCopyPool
> memory
> > overflow)
> > 2a6ede28fd8efd3051794e1f2727a692d2725fe9
> > 469293f8ee406f2b0bad2cf3bbbc510b2a1364eb
> >
> > Please give your r-b if no more comments. I'd be happy to check in this
> > patch
> > soon.
> >
> > Thanks,
> > Jian
> >
> > > -----Original Message-----
> > > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of
> Jian J
> > > Wang
> > > Sent: Friday, October 27, 2017 2:12 PM
> > > To: edk2-devel@lists.01.org
> > > Subject: [edk2] [PATCH v4 0/7] Implement heap guard feature
> > >
> > > > Path V4 changes:
> > > > a. Change names of gEdkiiSmmMemoryAttributeProtocolGuid related
> > > > definitions from EFI_ to EDKII_
> > > > b. Coding style cleanup
> > > > c. Split patches in a more reasonable order and groups
> > >
> > > > Patch V3 changes:
> > > > a. Add new protocol gEdkiiSmmMemoryAttributeProtocolGuid to do
> > > > memory attributes update instead of doing it directly in SmmCore
> > > > b. Fix GCC build error
> > >
> > > > Patch V2 changes:
> > > > a. Remove local variable initializer with memory copy from globals
> > > > b. Change map table dump code to use DEBUG_PAGE|DEBUG_POOL level
> > > > message
> > > > c. Fix malfunction in 32-bit boot mode
> > > > d. Add comment for the use of mOnGuarding
> > > > e. Change name of function InitializePageTableLib to
> > > > InitializePageTableGlobals
> > > > f. Add code in 32-bit code to bypass setting page table to read-only
> > > > g. Coding style clean-up
> > > >
> > >
> > > This feature makes use of paging mechanism to add a hidden (not present)
> > > page just before and after the allocated memory block. If the code tries
> > > to access memory outside of the allocated part, page fault exception will
> > > be triggered.
> > >
> > > This feature is disabled by default and is not recommended to enable it
> > > in production build of BIOS.
> > >
> > > This patch has passed following validations:
> > >
> > > a. Boot to shell (OVMF, Intel real platform)(32/64)
> > > b. Boot to Fedora 25 (64)
> > >
> > > NT32 emulation platform was not validated with this feature enabled
> > > due to the fact that it doesn't support paging which is needed for
> > > this feature to work. But all are validated with feature is disabled.
> > >
> > > Suggested-by: Ayellet Wolman <ayellet.wol...@intel.com>
> > > Contributed-under: TianoCore Contribution Agreement 1.1
> > > Signed-off-by: Jian J Wang <jian.j.w...@intel.com>
> > >
> > > Jian J Wang (7):
> > > MdeModulePkg/MdeModulePkg.dec,.uni: Add Protocol, PCDs and string
> > > tokens
> > > MdeModulePkg/SmmMemoryAttribute.h: Add new protocol definitions
> > > UefiCpuPkg/CpuDxe: Reduce debug message
> > > MdeModulePkg/DxeIpl: Enable paging for heap guard
> > > MdeModulePkg/DxeCore: Implement heap guard feature for UEFI
> > > UefiCpuPkg/PiSmmCpuDxeSmm: Add SmmMemoryAttribute protocol
> > > MdeModulePkg/PiSmmCore: Implement heap guard feature for SMM
> > mode
> > >
> > > MdeModulePkg/Core/Dxe/DxeMain.inf | 4 +
> > > MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 1182
> > > ++++++++++++++++
> > > MdeModulePkg/Core/Dxe/Mem/HeapGuard.h | 394
> > ++++++
> > > MdeModulePkg/Core/Dxe/Mem/Imem.h | 38 +-
> > > MdeModulePkg/Core/Dxe/Mem/Page.c | 130 +-
> > > MdeModulePkg/Core/Dxe/Mem/Pool.c | 154 +-
> > > MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 +
> > > MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c | 36 +-
> > > MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 1467
> > > ++++++++++++++++++++
> > > MdeModulePkg/Core/PiSmmCore/HeapGuard.h | 398
> > ++++++
> > > MdeModulePkg/Core/PiSmmCore/Page.c | 52 +-
> > > MdeModulePkg/Core/PiSmmCore/PiSmmCore.c | 7 +-
> > > MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 81 +-
> > > MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 8 +
> > > MdeModulePkg/Core/PiSmmCore/Pool.c | 81 +-
> > > MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h | 136 ++
> > > MdeModulePkg/MdeModulePkg.dec | 60 +
> > > MdeModulePkg/MdeModulePkg.uni | 58 +
> > > UefiCpuPkg/CpuDxe/CpuPageTable.c | 5 +-
> > > UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 10 +
> > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 20 +
> > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 98 ++
> > > UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 2 +
> > > UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 163
> > +++
> > > UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 10 +-
> > > 25 files changed, 4496 insertions(+), 99 deletions(-)
> > > create mode 100644 MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
> > > create mode 100644 MdeModulePkg/Core/Dxe/Mem/HeapGuard.h
> > > create mode 100644 MdeModulePkg/Core/PiSmmCore/HeapGuard.c
> > > create mode 100644 MdeModulePkg/Core/PiSmmCore/HeapGuard.h
> > > create mode 100644
> > MdeModulePkg/Include/Protocol/SmmMemoryAttribute.h
> > >
> > > --
> > > 2.14.1.windows.1
> > >
> > > _______________________________________________
> > > edk2-devel mailing list
> > > edk2-devel@lists.01.org
> > > https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
