[edk2-devel] [PATCH 1/2] UefiCpuPkg/PiSmmCpuDxeSmm: Add a new IsShadowStack flag
duntan
dun.tan at intel.com
Wed Aug 10 01:45:31 UTC 2022
Add a new IsShadowStack flag to identify whether current memory is
shadow stack. The dirty bit in page table entry for this memory will
be set if IsShadowStack is TRUE, instead of depending on mInternalCr3.
Signed-off-by: Dun Tan <dun.tan at intel.com>
Cc: Eric Dong <eric.dong at intel.com>
Cc: Ray Ni <ray.ni at intel.com>
Cc: Rahul Kumar <rahul1.kumar at intel.com>
---
UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
index 1f7cc15727..b369c0c435 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c
@@ -33,6 +33,7 @@ PAGE_ATTRIBUTE_TABLE mPageAttributeTable[] = {
};
UINTN mInternalCr3;
+UINTN IsShadowStack = FALSE;
/**
Set the internal page table base address.
@@ -249,7 +250,7 @@ ConvertPageEntryAttribute (
if ((Attributes & EFI_MEMORY_RO) != 0) {
if (IsSet) {
NewPageEntry &= ~(UINT64)IA32_PG_RW;
- if (mInternalCr3 != 0) {
+ if (IsShadowStack) {
// Environment setup
// ReadOnly page need set Dirty bit for shadow stack
NewPageEntry |= IA32_PG_D;
@@ -734,10 +735,11 @@ SetShadowStack (
EFI_STATUS Status;
SetPageTableBase (Cr3);
-
- Status = SmmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);
+ IsShadowStack = TRUE;
+ Status = SmmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);
SetPageTableBase (0);
+ IsShadowStack = FALSE;
return Status;
}
--
2.31.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#92268): https://edk2.groups.io/g/devel/message/92268
Mute This Topic: https://groups.io/mt/92928945/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list