mirror of
				https://git.proxmox.com/git/mirror_edk2
				synced 2025-10-26 17:13:43 +00:00 
			
		
		
		
	MdeModulePkg/Core: Fix heap guard issues
Three issues addressed here: a. Make NX memory protection and heap guard to be compatible The solution is to check PcdDxeNxMemoryProtectionPolicy in Heap Guard to see if the free memory should be set to NX, and set the Guard page to NX before it's freed back to memory pool. This can solve the issue which NX setting would be overwritten by Heap Guard feature in certain configuration. b. Returned pool address was not 8-byte aligned sometimes This happened only when BIT7 is not set in PcdHeapGuardPropertyMask. Since 8-byte alignment is UEFI spec required, letting allocated pool adjacent to tail guard page cannot be guaranteed. c. NULL address handling due to allocation failure When allocation failure, normally a NULL will be returned. But Heap Guard code will still try to adjust the starting address of it, which will cause a non-NULL pointer returned. Cc: Star Zeng <star.zeng@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
		
							parent
							
								
									14b351e2ed
								
							
						
					
					
						commit
						c44218e5f4
					
				| @ -583,8 +583,7 @@ SetGuardPage ( | |||||||
|   mOnGuarding = TRUE; |   mOnGuarding = TRUE; | ||||||
|   //
 |   //
 | ||||||
|   // Note: This might overwrite other attributes needed by other features,
 |   // Note: This might overwrite other attributes needed by other features,
 | ||||||
|   // such as memory protection (NX). Please make sure they are not enabled
 |   // such as NX memory protection.
 | ||||||
|   // at the same time.
 |  | ||||||
|   //
 |   //
 | ||||||
|   gCpu->SetMemoryAttributes (gCpu, BaseAddress, EFI_PAGE_SIZE, EFI_MEMORY_RP); |   gCpu->SetMemoryAttributes (gCpu, BaseAddress, EFI_PAGE_SIZE, EFI_MEMORY_RP); | ||||||
|   mOnGuarding = FALSE; |   mOnGuarding = FALSE; | ||||||
| @ -605,6 +604,18 @@ UnsetGuardPage ( | |||||||
|   IN  EFI_PHYSICAL_ADDRESS      BaseAddress |   IN  EFI_PHYSICAL_ADDRESS      BaseAddress | ||||||
|   ) |   ) | ||||||
| { | { | ||||||
|  |   UINT64          Attributes; | ||||||
|  | 
 | ||||||
|  |   //
 | ||||||
|  |   // Once the Guard page is unset, it will be freed back to memory pool. NX
 | ||||||
|  |   // memory protection must be restored for this page if NX is enabled for free
 | ||||||
|  |   // memory.
 | ||||||
|  |   //
 | ||||||
|  |   Attributes = 0; | ||||||
|  |   if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & (1 << EfiConventionalMemory)) != 0) { | ||||||
|  |     Attributes |= EFI_MEMORY_XP; | ||||||
|  |   } | ||||||
|  | 
 | ||||||
|   //
 |   //
 | ||||||
|   // Set flag to make sure allocating memory without GUARD for page table
 |   // Set flag to make sure allocating memory without GUARD for page table
 | ||||||
|   // operation; otherwise infinite loops could be caused.
 |   // operation; otherwise infinite loops could be caused.
 | ||||||
| @ -615,7 +626,7 @@ UnsetGuardPage ( | |||||||
|   // such as memory protection (NX). Please make sure they are not enabled
 |   // such as memory protection (NX). Please make sure they are not enabled
 | ||||||
|   // at the same time.
 |   // at the same time.
 | ||||||
|   //
 |   //
 | ||||||
|   gCpu->SetMemoryAttributes (gCpu, BaseAddress, EFI_PAGE_SIZE, 0); |   gCpu->SetMemoryAttributes (gCpu, BaseAddress, EFI_PAGE_SIZE, Attributes); | ||||||
|   mOnGuarding = FALSE; |   mOnGuarding = FALSE; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| @ -869,6 +880,15 @@ AdjustMemoryS ( | |||||||
| { | { | ||||||
|   UINT64  Target; |   UINT64  Target; | ||||||
| 
 | 
 | ||||||
|  |   //
 | ||||||
|  |   // UEFI spec requires that allocated pool must be 8-byte aligned. If it's
 | ||||||
|  |   // indicated to put the pool near the Tail Guard, we need extra bytes to
 | ||||||
|  |   // make sure alignment of the returned pool address.
 | ||||||
|  |   //
 | ||||||
|  |   if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0) { | ||||||
|  |     SizeRequested = ALIGN_VALUE(SizeRequested, 8); | ||||||
|  |   } | ||||||
|  | 
 | ||||||
|   Target = Start + Size - SizeRequested; |   Target = Start + Size - SizeRequested; | ||||||
| 
 | 
 | ||||||
|   //
 |   //
 | ||||||
| @ -1052,7 +1072,7 @@ AdjustPoolHeadA ( | |||||||
|   IN UINTN                   Size |   IN UINTN                   Size | ||||||
|   ) |   ) | ||||||
| { | { | ||||||
|   if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { |   if (Memory == 0 || (PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { | ||||||
|     //
 |     //
 | ||||||
|     // Pool head is put near the head Guard
 |     // Pool head is put near the head Guard
 | ||||||
|     //
 |     //
 | ||||||
| @ -1062,6 +1082,7 @@ AdjustPoolHeadA ( | |||||||
|   //
 |   //
 | ||||||
|   // Pool head is put near the tail Guard
 |   // Pool head is put near the tail Guard
 | ||||||
|   //
 |   //
 | ||||||
|  |   Size = ALIGN_VALUE (Size, 8); | ||||||
|   return (VOID *)(UINTN)(Memory + EFI_PAGES_TO_SIZE (NoPages) - Size); |   return (VOID *)(UINTN)(Memory + EFI_PAGES_TO_SIZE (NoPages) - Size); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| @ -1077,7 +1098,7 @@ AdjustPoolHeadF ( | |||||||
|   IN EFI_PHYSICAL_ADDRESS    Memory |   IN EFI_PHYSICAL_ADDRESS    Memory | ||||||
|   ) |   ) | ||||||
| { | { | ||||||
|   if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { |   if (Memory == 0 || (PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { | ||||||
|     //
 |     //
 | ||||||
|     // Pool head is put near the head Guard
 |     // Pool head is put near the head Guard
 | ||||||
|     //
 |     //
 | ||||||
|  | |||||||
| @ -1070,15 +1070,12 @@ CoreInitializeMemoryProtection ( | |||||||
|   // - code regions should have no EFI_MEMORY_XP attribute
 |   // - code regions should have no EFI_MEMORY_XP attribute
 | ||||||
|   // - EfiConventionalMemory and EfiBootServicesData should use the
 |   // - EfiConventionalMemory and EfiBootServicesData should use the
 | ||||||
|   //   same attribute
 |   //   same attribute
 | ||||||
|   // - heap guard should not be enabled for the same type of memory
 |  | ||||||
|   //
 |   //
 | ||||||
|   ASSERT ((GetPermissionAttributeForMemoryType (EfiBootServicesCode) & EFI_MEMORY_XP) == 0); |   ASSERT ((GetPermissionAttributeForMemoryType (EfiBootServicesCode) & EFI_MEMORY_XP) == 0); | ||||||
|   ASSERT ((GetPermissionAttributeForMemoryType (EfiRuntimeServicesCode) & EFI_MEMORY_XP) == 0); |   ASSERT ((GetPermissionAttributeForMemoryType (EfiRuntimeServicesCode) & EFI_MEMORY_XP) == 0); | ||||||
|   ASSERT ((GetPermissionAttributeForMemoryType (EfiLoaderCode) & EFI_MEMORY_XP) == 0); |   ASSERT ((GetPermissionAttributeForMemoryType (EfiLoaderCode) & EFI_MEMORY_XP) == 0); | ||||||
|   ASSERT (GetPermissionAttributeForMemoryType (EfiBootServicesData) == |   ASSERT (GetPermissionAttributeForMemoryType (EfiBootServicesData) == | ||||||
|           GetPermissionAttributeForMemoryType (EfiConventionalMemory)); |           GetPermissionAttributeForMemoryType (EfiConventionalMemory)); | ||||||
|   ASSERT ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & PcdGet64 (PcdHeapGuardPoolType)) == 0); |  | ||||||
|   ASSERT ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & PcdGet64 (PcdHeapGuardPageType)) == 0); |  | ||||||
| 
 | 
 | ||||||
|   if (mImageProtectionPolicy != 0 || PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0) { |   if (mImageProtectionPolicy != 0 || PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0) { | ||||||
|     Status = CoreCreateEvent ( |     Status = CoreCreateEvent ( | ||||||
|  | |||||||
| @ -877,6 +877,15 @@ AdjustMemoryS ( | |||||||
| { | { | ||||||
|   UINT64  Target; |   UINT64  Target; | ||||||
| 
 | 
 | ||||||
|  |   //
 | ||||||
|  |   // UEFI spec requires that allocated pool must be 8-byte aligned. If it's
 | ||||||
|  |   // indicated to put the pool near the Tail Guard, we need extra bytes to
 | ||||||
|  |   // make sure alignment of the returned pool address.
 | ||||||
|  |   //
 | ||||||
|  |   if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0) { | ||||||
|  |     SizeRequested = ALIGN_VALUE(SizeRequested, 8); | ||||||
|  |   } | ||||||
|  | 
 | ||||||
|   Target = Start + Size - SizeRequested; |   Target = Start + Size - SizeRequested; | ||||||
| 
 | 
 | ||||||
|   //
 |   //
 | ||||||
| @ -1060,7 +1069,7 @@ AdjustPoolHeadA ( | |||||||
|   IN UINTN                   Size |   IN UINTN                   Size | ||||||
|   ) |   ) | ||||||
| { | { | ||||||
|   if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { |   if (Memory == 0 || (PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { | ||||||
|     //
 |     //
 | ||||||
|     // Pool head is put near the head Guard
 |     // Pool head is put near the head Guard
 | ||||||
|     //
 |     //
 | ||||||
| @ -1070,6 +1079,7 @@ AdjustPoolHeadA ( | |||||||
|   //
 |   //
 | ||||||
|   // Pool head is put near the tail Guard
 |   // Pool head is put near the tail Guard
 | ||||||
|   //
 |   //
 | ||||||
|  |   Size = ALIGN_VALUE (Size, 8); | ||||||
|   return (VOID *)(UINTN)(Memory + EFI_PAGES_TO_SIZE (NoPages) - Size); |   return (VOID *)(UINTN)(Memory + EFI_PAGES_TO_SIZE (NoPages) - Size); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| @ -1085,7 +1095,7 @@ AdjustPoolHeadF ( | |||||||
|   IN EFI_PHYSICAL_ADDRESS    Memory |   IN EFI_PHYSICAL_ADDRESS    Memory | ||||||
|   ) |   ) | ||||||
| { | { | ||||||
|   if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { |   if (Memory == 0 || (PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) { | ||||||
|     //
 |     //
 | ||||||
|     // Pool head is put near the head Guard
 |     // Pool head is put near the head Guard
 | ||||||
|     //
 |     //
 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Jian J Wang
						Jian J Wang