[edk2-devel] [PATCH v1 2/3] MdeModulePkg: Add MemoryProtectionHobLib Definitions and NULL Libs
Taylor Beebe
t at taylorbeebe.com
Fri Jun 9 20:26:00 UTC 2023
DxeMemoryProtectionHobLib and MmMemoryProtectionHobLib will fetch
the memory protection settings HOB entry for their respective phase,
validate the settings, and populate a global for access.
Memory protection settings are currently dictated via
FixedAtBuild PCDs where the settings needed to be masked.
A future patch series will replace instances of checking the
PCDs with checks to the memory protection globals populated by
MemoryProtectionHobLib.
Signed-off-by: Taylor Beebe <t at taylorbeebe.com>
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: Liming Gao <gaoliming at byosoft.com.cn>
Cc: Dandan Bi <dandan.bi at intel.com>
---
MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c | 33 ++++++++++++++++++
MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c | 33 ++++++++++++++++++
MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h | 36 ++++++++++++++++++++
MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h | 36 ++++++++++++++++++++
MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf | 25 ++++++++++++++
MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf | 26 ++++++++++++++
MdeModulePkg/MdeModulePkg.dec | 8 +++++
MdeModulePkg/MdeModulePkg.dsc | 8 +++++
8 files changed, 205 insertions(+)
diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c
new file mode 100644
index 000000000000..4f0191d04974
--- /dev/null
+++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.c
@@ -0,0 +1,33 @@
+/** @file
+Library defines the gDxeMps global
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Uefi.h>
+#include <Library/DxeMemoryProtectionHobLib.h>
+
+// According to the C Specification, a global variable
+// which is uninitialized will be zero. The net effect
+// is memory protections will be OFF.
+DXE_MEMORY_PROTECTION_SETTINGS gDxeMps;
+
+/**
+ Gets the input EFI_MEMORY_TYPE from the input DXE_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @param[in] MemoryType Memory type to check.
+ @param[in] HeapGuardMemoryType DXE_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @return TRUE The given EFI_MEMORY_TYPE is TRUE in the given DXE_HEAP_GUARD_MEMORY_TYPES
+ @return FALSE The given EFI_MEMORY_TYPE is FALSE in the given DXE_HEAP_GUARD_MEMORY_TYPES
+**/
+BOOLEAN
+EFIAPI
+GetDxeMemoryTypeSettingFromBitfield (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN DXE_HEAP_GUARD_MEMORY_TYPES HeapGuardMemoryType
+ )
+{
+ return FALSE;
+}
diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c
new file mode 100644
index 000000000000..c62c9d772063
--- /dev/null
+++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.c
@@ -0,0 +1,33 @@
+/** @file
+Library defines the gMmMps global
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Uefi.h>
+#include <Library/MmMemoryProtectionHobLib.h>
+
+// According to the C Specification, a global variable
+// which is uninitialized will be zero. The net effect
+// is memory protections will be OFF.
+MM_MEMORY_PROTECTION_SETTINGS gMmMps;
+
+/**
+ Gets the input EFI_MEMORY_TYPE from the input MM_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @param[in] MemoryType Memory type to check.
+ @param[in] HeapGuardMemoryType MM_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @return TRUE The given EFI_MEMORY_TYPE is TRUE in the given MM_HEAP_GUARD_MEMORY_TYPES
+ @return FALSE The given EFI_MEMORY_TYPE is FALSE in the given MM_HEAP_GUARD_MEMORY_TYPES
+**/
+BOOLEAN
+EFIAPI
+GetMmMemoryTypeSettingFromBitfield (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN MM_HEAP_GUARD_MEMORY_TYPES HeapGuardMemoryType
+ )
+{
+ return FALSE;
+}
diff --git a/MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h b/MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h
new file mode 100644
index 000000000000..4f49a00a8683
--- /dev/null
+++ b/MdeModulePkg/Include/Library/DxeMemoryProtectionHobLib.h
@@ -0,0 +1,36 @@
+/** @file
+
+Library for controlling hob-backed memory protection settings
+
+Copyright (C) Microsoft Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef DXE_MEMORY_PROTECTION_HOB_HELPER_LIB_H_
+#define DXE_MEMORY_PROTECTION_HOB_HELPER_LIB_H_
+
+#include <Guid/DxeMemoryProtectionSettings.h>
+
+//
+// The global used to access current Memory Protection Settings
+//
+extern DXE_MEMORY_PROTECTION_SETTINGS gDxeMps;
+
+/**
+ Gets the input EFI_MEMORY_TYPE from the input DXE_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @param[in] MemoryType Memory type to check.
+ @param[in] HeapGuardMemoryType DXE_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @return TRUE The given EFI_MEMORY_TYPE is TRUE in the given DXE_HEAP_GUARD_MEMORY_TYPES
+ @return FALSE The given EFI_MEMORY_TYPE is FALSE in the given DXE_HEAP_GUARD_MEMORY_TYPES
+**/
+BOOLEAN
+EFIAPI
+GetDxeMemoryTypeSettingFromBitfield (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN DXE_HEAP_GUARD_MEMORY_TYPES HeapGuardMemoryType
+ );
+
+#endif
diff --git a/MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h b/MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h
new file mode 100644
index 000000000000..efeaa9fd55aa
--- /dev/null
+++ b/MdeModulePkg/Include/Library/MmMemoryProtectionHobLib.h
@@ -0,0 +1,36 @@
+/** @file
+
+Library for controlling hob-backed memory protection settings
+
+Copyright (C) Microsoft Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef MM_MEMORY_PROTECTION_HOB_HELPER_LIB_H_
+#define MM_MEMORY_PROTECTION_HOB_HELPER_LIB_H_
+
+#include <Guid/MmMemoryProtectionSettings.h>
+
+//
+// The global used to access current Memory Protection Settings
+//
+extern MM_MEMORY_PROTECTION_SETTINGS gMmMps;
+
+/**
+ Gets the input EFI_MEMORY_TYPE from the input MM_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @param[in] MemoryType Memory type to check.
+ @param[in] HeapGuardMemoryType MM_HEAP_GUARD_MEMORY_TYPES bitfield
+
+ @return TRUE The given EFI_MEMORY_TYPE is TRUE in the given MM_HEAP_GUARD_MEMORY_TYPES
+ @return FALSE The given EFI_MEMORY_TYPE is FALSE in the given MM_HEAP_GUARD_MEMORY_TYPES
+**/
+BOOLEAN
+EFIAPI
+GetMmMemoryTypeSettingFromBitfield (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN MM_HEAP_GUARD_MEMORY_TYPES HeapGuardMemoryType
+ );
+
+#endif
diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf
new file mode 100644
index 000000000000..6a3166a23b46
--- /dev/null
+++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf
@@ -0,0 +1,25 @@
+## @file
+# NULL library which defines gDxeMps
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = DxeMemoryProtectionHobLibNull
+ FILE_GUID = a35c1dc1-0769-421b-a8bc-9db69fae4334
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = DxeMemoryProtectionHobLib
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ DxeMemoryProtectionHobLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
diff --git a/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf
new file mode 100644
index 000000000000..61f50921ee04
--- /dev/null
+++ b/MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf
@@ -0,0 +1,26 @@
+## @file
+# NULL library which defines gMmMps
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = MmMemoryProtectionHobLibNull
+ FILE_GUID = 4e3f6fd9-4ab5-4911-b80b-009d3338b4b2
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = MmMemoryProtectionHobLib
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ MmMemoryProtectionHobLibNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 89001f217ed1..50dae9180d2b 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -164,6 +164,14 @@ [LibraryClasses]
#
VariableFlashInfoLib|Include/Library/VariableFlashInfoLib.h
+ ## @libraryclass Provides a way to toggle DXE memory protection settings
+ #
+ DxeMemoryProtectionHobLib|Include/Library/DxeMemoryProtectionHobLib.h
+
+ ## @libraryclass Provides a way to toggle SMM memory protection settings
+ #
+ MmMemoryProtectionHobLib|Include/Library/MmMemoryProtectionHobLib.h
+
[Guids]
## MdeModule package token space guid
# Include/Guid/MdeModulePkgTokenSpace.h
diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index 5b1f50e9c084..ab6848dc934b 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -107,6 +107,12 @@ [LibraryClasses]
VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
IpmiCommandLib|MdeModulePkg/Library/BaseIpmiCommandLibNull/BaseIpmiCommandLibNull.inf
+[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.DXE_CORE, LibraryClasses.common.UEFI_APPLICATION]
+ DxeMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf
+
+[LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER, LibraryClasses.common.MM_CORE_STANDALONE, LibraryClasses.common.MM_STANDALONE]
+ MmMemoryProtectionHobLib|MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf
+
[LibraryClasses.EBC.PEIM]
IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
@@ -231,6 +237,8 @@ [Components]
MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf
+ MdeModulePkg/Library/MemoryProtectionHobLibNull/DxeMemoryProtectionHobLibNull.inf
+ MdeModulePkg/Library/MemoryProtectionHobLibNull/MmMemoryProtectionHobLibNull.inf
MdeModulePkg/Library/PciHostBridgeLibNull/PciHostBridgeLibNull.inf
MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
--
2.36.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105988): https://edk2.groups.io/g/devel/message/105988
Mute This Topic: https://groups.io/mt/99437080/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list