]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
MdeModulePkg: Fix unix style of EOL
[mirror_edk2.git] / MdeModulePkg / Core / Dxe / Mem / HeapGuard.c
1 /** @file
2 UEFI Heap Guard functions.
3
4 Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "DxeMain.h"
16 #include "Imem.h"
17 #include "HeapGuard.h"
18
19 //
20 // Global to avoid infinite reentrance of memory allocation when updating
21 // page table attributes, which may need allocate pages for new PDE/PTE.
22 //
23 GLOBAL_REMOVE_IF_UNREFERENCED BOOLEAN mOnGuarding = FALSE;
24
25 //
26 // Pointer to table tracking the Guarded memory with bitmap, in which '1'
27 // is used to indicate memory guarded. '0' might be free memory or Guard
28 // page itself, depending on status of memory adjacent to it.
29 //
30 GLOBAL_REMOVE_IF_UNREFERENCED UINT64 mGuardedMemoryMap = 0;
31
32 //
33 // Current depth level of map table pointed by mGuardedMemoryMap.
34 // mMapLevel must be initialized at least by 1. It will be automatically
35 // updated according to the address of memory just tracked.
36 //
37 GLOBAL_REMOVE_IF_UNREFERENCED UINTN mMapLevel = 1;
38
39 //
40 // Shift and mask for each level of map table
41 //
42 GLOBAL_REMOVE_IF_UNREFERENCED UINTN mLevelShift[GUARDED_HEAP_MAP_TABLE_DEPTH]
43 = GUARDED_HEAP_MAP_TABLE_DEPTH_SHIFTS;
44 GLOBAL_REMOVE_IF_UNREFERENCED UINTN mLevelMask[GUARDED_HEAP_MAP_TABLE_DEPTH]
45 = GUARDED_HEAP_MAP_TABLE_DEPTH_MASKS;
46
47 /**
48 Set corresponding bits in bitmap table to 1 according to the address.
49
50 @param[in] Address Start address to set for.
51 @param[in] BitNumber Number of bits to set.
52 @param[in] BitMap Pointer to bitmap which covers the Address.
53
54 @return VOID.
55 **/
56 STATIC
57 VOID
58 SetBits (
59 IN EFI_PHYSICAL_ADDRESS Address,
60 IN UINTN BitNumber,
61 IN UINT64 *BitMap
62 )
63 {
64 UINTN Lsbs;
65 UINTN Qwords;
66 UINTN Msbs;
67 UINTN StartBit;
68 UINTN EndBit;
69
70 StartBit = (UINTN)GUARDED_HEAP_MAP_ENTRY_BIT_INDEX (Address);
71 EndBit = (StartBit + BitNumber - 1) % GUARDED_HEAP_MAP_ENTRY_BITS;
72
73 if ((StartBit + BitNumber) > GUARDED_HEAP_MAP_ENTRY_BITS) {
74 Msbs = (GUARDED_HEAP_MAP_ENTRY_BITS - StartBit) %
75 GUARDED_HEAP_MAP_ENTRY_BITS;
76 Lsbs = (EndBit + 1) % GUARDED_HEAP_MAP_ENTRY_BITS;
77 Qwords = (BitNumber - Msbs) / GUARDED_HEAP_MAP_ENTRY_BITS;
78 } else {
79 Msbs = BitNumber;
80 Lsbs = 0;
81 Qwords = 0;
82 }
83
84 if (Msbs > 0) {
85 *BitMap |= LShiftU64 (LShiftU64 (1, Msbs) - 1, StartBit);
86 BitMap += 1;
87 }
88
89 if (Qwords > 0) {
90 SetMem64 ((VOID *)BitMap, Qwords * GUARDED_HEAP_MAP_ENTRY_BYTES,
91 (UINT64)-1);
92 BitMap += Qwords;
93 }
94
95 if (Lsbs > 0) {
96 *BitMap |= (LShiftU64 (1, Lsbs) - 1);
97 }
98 }
99
100 /**
101 Set corresponding bits in bitmap table to 0 according to the address.
102
103 @param[in] Address Start address to set for.
104 @param[in] BitNumber Number of bits to set.
105 @param[in] BitMap Pointer to bitmap which covers the Address.
106
107 @return VOID.
108 **/
109 STATIC
110 VOID
111 ClearBits (
112 IN EFI_PHYSICAL_ADDRESS Address,
113 IN UINTN BitNumber,
114 IN UINT64 *BitMap
115 )
116 {
117 UINTN Lsbs;
118 UINTN Qwords;
119 UINTN Msbs;
120 UINTN StartBit;
121 UINTN EndBit;
122
123 StartBit = (UINTN)GUARDED_HEAP_MAP_ENTRY_BIT_INDEX (Address);
124 EndBit = (StartBit + BitNumber - 1) % GUARDED_HEAP_MAP_ENTRY_BITS;
125
126 if ((StartBit + BitNumber) > GUARDED_HEAP_MAP_ENTRY_BITS) {
127 Msbs = (GUARDED_HEAP_MAP_ENTRY_BITS - StartBit) %
128 GUARDED_HEAP_MAP_ENTRY_BITS;
129 Lsbs = (EndBit + 1) % GUARDED_HEAP_MAP_ENTRY_BITS;
130 Qwords = (BitNumber - Msbs) / GUARDED_HEAP_MAP_ENTRY_BITS;
131 } else {
132 Msbs = BitNumber;
133 Lsbs = 0;
134 Qwords = 0;
135 }
136
137 if (Msbs > 0) {
138 *BitMap &= ~LShiftU64 (LShiftU64 (1, Msbs) - 1, StartBit);
139 BitMap += 1;
140 }
141
142 if (Qwords > 0) {
143 SetMem64 ((VOID *)BitMap, Qwords * GUARDED_HEAP_MAP_ENTRY_BYTES, 0);
144 BitMap += Qwords;
145 }
146
147 if (Lsbs > 0) {
148 *BitMap &= ~(LShiftU64 (1, Lsbs) - 1);
149 }
150 }
151
152 /**
153 Get corresponding bits in bitmap table according to the address.
154
155 The value of bit 0 corresponds to the status of memory at given Address.
156 No more than 64 bits can be retrieved in one call.
157
158 @param[in] Address Start address to retrieve bits for.
159 @param[in] BitNumber Number of bits to get.
160 @param[in] BitMap Pointer to bitmap which covers the Address.
161
162 @return An integer containing the bits information.
163 **/
164 STATIC
165 UINT64
166 GetBits (
167 IN EFI_PHYSICAL_ADDRESS Address,
168 IN UINTN BitNumber,
169 IN UINT64 *BitMap
170 )
171 {
172 UINTN StartBit;
173 UINTN EndBit;
174 UINTN Lsbs;
175 UINTN Msbs;
176 UINT64 Result;
177
178 ASSERT (BitNumber <= GUARDED_HEAP_MAP_ENTRY_BITS);
179
180 StartBit = (UINTN)GUARDED_HEAP_MAP_ENTRY_BIT_INDEX (Address);
181 EndBit = (StartBit + BitNumber - 1) % GUARDED_HEAP_MAP_ENTRY_BITS;
182
183 if ((StartBit + BitNumber) > GUARDED_HEAP_MAP_ENTRY_BITS) {
184 Msbs = GUARDED_HEAP_MAP_ENTRY_BITS - StartBit;
185 Lsbs = (EndBit + 1) % GUARDED_HEAP_MAP_ENTRY_BITS;
186 } else {
187 Msbs = BitNumber;
188 Lsbs = 0;
189 }
190
191 Result = RShiftU64 ((*BitMap), StartBit) & (LShiftU64 (1, Msbs) - 1);
192 if (Lsbs > 0) {
193 BitMap += 1;
194 Result |= LShiftU64 ((*BitMap) & (LShiftU64 (1, Lsbs) - 1), Msbs);
195 }
196
197 return Result;
198 }
199
200 /**
201 Locate the pointer of bitmap from the guarded memory bitmap tables, which
202 covers the given Address.
203
204 @param[in] Address Start address to search the bitmap for.
205 @param[in] AllocMapUnit Flag to indicate memory allocation for the table.
206 @param[out] BitMap Pointer to bitmap which covers the Address.
207
208 @return The bit number from given Address to the end of current map table.
209 **/
210 UINTN
211 FindGuardedMemoryMap (
212 IN EFI_PHYSICAL_ADDRESS Address,
213 IN BOOLEAN AllocMapUnit,
214 OUT UINT64 **BitMap
215 )
216 {
217 UINTN Level;
218 UINT64 *GuardMap;
219 UINT64 MapMemory;
220 UINTN Index;
221 UINTN Size;
222 UINTN BitsToUnitEnd;
223 EFI_STATUS Status;
224
225 //
226 // Adjust current map table depth according to the address to access
227 //
228 while (mMapLevel < GUARDED_HEAP_MAP_TABLE_DEPTH
229 &&
230 RShiftU64 (
231 Address,
232 mLevelShift[GUARDED_HEAP_MAP_TABLE_DEPTH - mMapLevel - 1]
233 ) != 0) {
234
235 if (mGuardedMemoryMap != 0) {
236 Size = (mLevelMask[GUARDED_HEAP_MAP_TABLE_DEPTH - mMapLevel - 1] + 1)
237 * GUARDED_HEAP_MAP_ENTRY_BYTES;
238 Status = CoreInternalAllocatePages (
239 AllocateAnyPages,
240 EfiBootServicesData,
241 EFI_SIZE_TO_PAGES (Size),
242 &MapMemory,
243 FALSE
244 );
245 ASSERT_EFI_ERROR (Status);
246 ASSERT (MapMemory != 0);
247
248 SetMem ((VOID *)(UINTN)MapMemory, Size, 0);
249
250 *(UINT64 *)(UINTN)MapMemory = mGuardedMemoryMap;
251 mGuardedMemoryMap = MapMemory;
252 }
253
254 mMapLevel++;
255
256 }
257
258 GuardMap = &mGuardedMemoryMap;
259 for (Level = GUARDED_HEAP_MAP_TABLE_DEPTH - mMapLevel;
260 Level < GUARDED_HEAP_MAP_TABLE_DEPTH;
261 ++Level) {
262
263 if (*GuardMap == 0) {
264 if (!AllocMapUnit) {
265 GuardMap = NULL;
266 break;
267 }
268
269 Size = (mLevelMask[Level] + 1) * GUARDED_HEAP_MAP_ENTRY_BYTES;
270 Status = CoreInternalAllocatePages (
271 AllocateAnyPages,
272 EfiBootServicesData,
273 EFI_SIZE_TO_PAGES (Size),
274 &MapMemory,
275 FALSE
276 );
277 ASSERT_EFI_ERROR (Status);
278 ASSERT (MapMemory != 0);
279
280 SetMem ((VOID *)(UINTN)MapMemory, Size, 0);
281 *GuardMap = MapMemory;
282 }
283
284 Index = (UINTN)RShiftU64 (Address, mLevelShift[Level]);
285 Index &= mLevelMask[Level];
286 GuardMap = (UINT64 *)(UINTN)((*GuardMap) + Index * sizeof (UINT64));
287
288 }
289
290 BitsToUnitEnd = GUARDED_HEAP_MAP_BITS - GUARDED_HEAP_MAP_BIT_INDEX (Address);
291 *BitMap = GuardMap;
292
293 return BitsToUnitEnd;
294 }
295
296 /**
297 Set corresponding bits in bitmap table to 1 according to given memory range.
298
299 @param[in] Address Memory address to guard from.
300 @param[in] NumberOfPages Number of pages to guard.
301
302 @return VOID.
303 **/
304 VOID
305 EFIAPI
306 SetGuardedMemoryBits (
307 IN EFI_PHYSICAL_ADDRESS Address,
308 IN UINTN NumberOfPages
309 )
310 {
311 UINT64 *BitMap;
312 UINTN Bits;
313 UINTN BitsToUnitEnd;
314
315 while (NumberOfPages > 0) {
316 BitsToUnitEnd = FindGuardedMemoryMap (Address, TRUE, &BitMap);
317 ASSERT (BitMap != NULL);
318
319 if (NumberOfPages > BitsToUnitEnd) {
320 // Cross map unit
321 Bits = BitsToUnitEnd;
322 } else {
323 Bits = NumberOfPages;
324 }
325
326 SetBits (Address, Bits, BitMap);
327
328 NumberOfPages -= Bits;
329 Address += EFI_PAGES_TO_SIZE (Bits);
330 }
331 }
332
333 /**
334 Clear corresponding bits in bitmap table according to given memory range.
335
336 @param[in] Address Memory address to unset from.
337 @param[in] NumberOfPages Number of pages to unset guard.
338
339 @return VOID.
340 **/
341 VOID
342 EFIAPI
343 ClearGuardedMemoryBits (
344 IN EFI_PHYSICAL_ADDRESS Address,
345 IN UINTN NumberOfPages
346 )
347 {
348 UINT64 *BitMap;
349 UINTN Bits;
350 UINTN BitsToUnitEnd;
351
352 while (NumberOfPages > 0) {
353 BitsToUnitEnd = FindGuardedMemoryMap (Address, TRUE, &BitMap);
354 ASSERT (BitMap != NULL);
355
356 if (NumberOfPages > BitsToUnitEnd) {
357 // Cross map unit
358 Bits = BitsToUnitEnd;
359 } else {
360 Bits = NumberOfPages;
361 }
362
363 ClearBits (Address, Bits, BitMap);
364
365 NumberOfPages -= Bits;
366 Address += EFI_PAGES_TO_SIZE (Bits);
367 }
368 }
369
370 /**
371 Retrieve corresponding bits in bitmap table according to given memory range.
372
373 @param[in] Address Memory address to retrieve from.
374 @param[in] NumberOfPages Number of pages to retrieve.
375
376 @return An integer containing the guarded memory bitmap.
377 **/
378 UINTN
379 GetGuardedMemoryBits (
380 IN EFI_PHYSICAL_ADDRESS Address,
381 IN UINTN NumberOfPages
382 )
383 {
384 UINT64 *BitMap;
385 UINTN Bits;
386 UINTN Result;
387 UINTN Shift;
388 UINTN BitsToUnitEnd;
389
390 ASSERT (NumberOfPages <= GUARDED_HEAP_MAP_ENTRY_BITS);
391
392 Result = 0;
393 Shift = 0;
394 while (NumberOfPages > 0) {
395 BitsToUnitEnd = FindGuardedMemoryMap (Address, FALSE, &BitMap);
396
397 if (NumberOfPages > BitsToUnitEnd) {
398 // Cross map unit
399 Bits = BitsToUnitEnd;
400 } else {
401 Bits = NumberOfPages;
402 }
403
404 if (BitMap != NULL) {
405 Result |= LShiftU64 (GetBits (Address, Bits, BitMap), Shift);
406 }
407
408 Shift += Bits;
409 NumberOfPages -= Bits;
410 Address += EFI_PAGES_TO_SIZE (Bits);
411 }
412
413 return Result;
414 }
415
416 /**
417 Get bit value in bitmap table for the given address.
418
419 @param[in] Address The address to retrieve for.
420
421 @return 1 or 0.
422 **/
423 UINTN
424 EFIAPI
425 GetGuardMapBit (
426 IN EFI_PHYSICAL_ADDRESS Address
427 )
428 {
429 UINT64 *GuardMap;
430
431 FindGuardedMemoryMap (Address, FALSE, &GuardMap);
432 if (GuardMap != NULL) {
433 if (RShiftU64 (*GuardMap,
434 GUARDED_HEAP_MAP_ENTRY_BIT_INDEX (Address)) & 1) {
435 return 1;
436 }
437 }
438
439 return 0;
440 }
441
442 /**
443 Set the bit in bitmap table for the given address.
444
445 @param[in] Address The address to set for.
446
447 @return VOID.
448 **/
449 VOID
450 EFIAPI
451 SetGuardMapBit (
452 IN EFI_PHYSICAL_ADDRESS Address
453 )
454 {
455 UINT64 *GuardMap;
456 UINT64 BitMask;
457
458 FindGuardedMemoryMap (Address, TRUE, &GuardMap);
459 if (GuardMap != NULL) {
460 BitMask = LShiftU64 (1, GUARDED_HEAP_MAP_ENTRY_BIT_INDEX (Address));
461 *GuardMap |= BitMask;
462 }
463 }
464
465 /**
466 Clear the bit in bitmap table for the given address.
467
468 @param[in] Address The address to clear for.
469
470 @return VOID.
471 **/
472 VOID
473 EFIAPI
474 ClearGuardMapBit (
475 IN EFI_PHYSICAL_ADDRESS Address
476 )
477 {
478 UINT64 *GuardMap;
479 UINT64 BitMask;
480
481 FindGuardedMemoryMap (Address, TRUE, &GuardMap);
482 if (GuardMap != NULL) {
483 BitMask = LShiftU64 (1, GUARDED_HEAP_MAP_ENTRY_BIT_INDEX (Address));
484 *GuardMap &= ~BitMask;
485 }
486 }
487
488 /**
489 Check to see if the page at the given address is a Guard page or not.
490
491 @param[in] Address The address to check for.
492
493 @return TRUE The page at Address is a Guard page.
494 @return FALSE The page at Address is not a Guard page.
495 **/
496 BOOLEAN
497 EFIAPI
498 IsGuardPage (
499 IN EFI_PHYSICAL_ADDRESS Address
500 )
501 {
502 UINTN BitMap;
503
504 //
505 // There must be at least one guarded page before and/or after given
506 // address if it's a Guard page. The bitmap pattern should be one of
507 // 001, 100 and 101
508 //
509 BitMap = GetGuardedMemoryBits (Address - EFI_PAGE_SIZE, 3);
510 return ((BitMap == BIT0) || (BitMap == BIT2) || (BitMap == (BIT2 | BIT0)));
511 }
512
513 /**
514 Check to see if the page at the given address is a head Guard page or not.
515
516 @param[in] Address The address to check for
517
518 @return TRUE The page at Address is a head Guard page
519 @return FALSE The page at Address is not a head Guard page
520 **/
521 BOOLEAN
522 EFIAPI
523 IsHeadGuard (
524 IN EFI_PHYSICAL_ADDRESS Address
525 )
526 {
527 return (GetGuardedMemoryBits (Address, 2) == BIT1);
528 }
529
530 /**
531 Check to see if the page at the given address is a tail Guard page or not.
532
533 @param[in] Address The address to check for.
534
535 @return TRUE The page at Address is a tail Guard page.
536 @return FALSE The page at Address is not a tail Guard page.
537 **/
538 BOOLEAN
539 EFIAPI
540 IsTailGuard (
541 IN EFI_PHYSICAL_ADDRESS Address
542 )
543 {
544 return (GetGuardedMemoryBits (Address - EFI_PAGE_SIZE, 2) == BIT0);
545 }
546
547 /**
548 Check to see if the page at the given address is guarded or not.
549
550 @param[in] Address The address to check for.
551
552 @return TRUE The page at Address is guarded.
553 @return FALSE The page at Address is not guarded.
554 **/
555 BOOLEAN
556 EFIAPI
557 IsMemoryGuarded (
558 IN EFI_PHYSICAL_ADDRESS Address
559 )
560 {
561 return (GetGuardMapBit (Address) == 1);
562 }
563
564 /**
565 Set the page at the given address to be a Guard page.
566
567 This is done by changing the page table attribute to be NOT PRSENT.
568
569 @param[in] BaseAddress Page address to Guard at
570
571 @return VOID
572 **/
573 VOID
574 EFIAPI
575 SetGuardPage (
576 IN EFI_PHYSICAL_ADDRESS BaseAddress
577 )
578 {
579 //
580 // Set flag to make sure allocating memory without GUARD for page table
581 // operation; otherwise infinite loops could be caused.
582 //
583 mOnGuarding = TRUE;
584 //
585 // Note: This might overwrite other attributes needed by other features,
586 // such as memory protection (NX). Please make sure they are not enabled
587 // at the same time.
588 //
589 gCpu->SetMemoryAttributes (gCpu, BaseAddress, EFI_PAGE_SIZE, EFI_MEMORY_RP);
590 mOnGuarding = FALSE;
591 }
592
593 /**
594 Unset the Guard page at the given address to the normal memory.
595
596 This is done by changing the page table attribute to be PRSENT.
597
598 @param[in] BaseAddress Page address to Guard at.
599
600 @return VOID.
601 **/
602 VOID
603 EFIAPI
604 UnsetGuardPage (
605 IN EFI_PHYSICAL_ADDRESS BaseAddress
606 )
607 {
608 //
609 // Set flag to make sure allocating memory without GUARD for page table
610 // operation; otherwise infinite loops could be caused.
611 //
612 mOnGuarding = TRUE;
613 //
614 // Note: This might overwrite other attributes needed by other features,
615 // such as memory protection (NX). Please make sure they are not enabled
616 // at the same time.
617 //
618 gCpu->SetMemoryAttributes (gCpu, BaseAddress, EFI_PAGE_SIZE, 0);
619 mOnGuarding = FALSE;
620 }
621
622 /**
623 Check to see if the memory at the given address should be guarded or not.
624
625 @param[in] MemoryType Memory type to check.
626 @param[in] AllocateType Allocation type to check.
627 @param[in] PageOrPool Indicate a page allocation or pool allocation.
628
629
630 @return TRUE The given type of memory should be guarded.
631 @return FALSE The given type of memory should not be guarded.
632 **/
633 BOOLEAN
634 IsMemoryTypeToGuard (
635 IN EFI_MEMORY_TYPE MemoryType,
636 IN EFI_ALLOCATE_TYPE AllocateType,
637 IN UINT8 PageOrPool
638 )
639 {
640 UINT64 TestBit;
641 UINT64 ConfigBit;
642 BOOLEAN InSmm;
643
644 if (gCpu == NULL || AllocateType == AllocateAddress) {
645 return FALSE;
646 }
647
648 InSmm = FALSE;
649 if (gSmmBase2 != NULL) {
650 gSmmBase2->InSmm (gSmmBase2, &InSmm);
651 }
652
653 if (InSmm) {
654 return FALSE;
655 }
656
657 if ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) == 0) {
658 return FALSE;
659 }
660
661 if (PageOrPool == GUARD_HEAP_TYPE_POOL) {
662 ConfigBit = PcdGet64 (PcdHeapGuardPoolType);
663 } else if (PageOrPool == GUARD_HEAP_TYPE_PAGE) {
664 ConfigBit = PcdGet64 (PcdHeapGuardPageType);
665 } else {
666 ConfigBit = (UINT64)-1;
667 }
668
669 if ((UINT32)MemoryType >= MEMORY_TYPE_OS_RESERVED_MIN) {
670 TestBit = BIT63;
671 } else if ((UINT32) MemoryType >= MEMORY_TYPE_OEM_RESERVED_MIN) {
672 TestBit = BIT62;
673 } else if (MemoryType < EfiMaxMemoryType) {
674 TestBit = LShiftU64 (1, MemoryType);
675 } else if (MemoryType == EfiMaxMemoryType) {
676 TestBit = (UINT64)-1;
677 } else {
678 TestBit = 0;
679 }
680
681 return ((ConfigBit & TestBit) != 0);
682 }
683
684 /**
685 Check to see if the pool at the given address should be guarded or not.
686
687 @param[in] MemoryType Pool type to check.
688
689
690 @return TRUE The given type of pool should be guarded.
691 @return FALSE The given type of pool should not be guarded.
692 **/
693 BOOLEAN
694 IsPoolTypeToGuard (
695 IN EFI_MEMORY_TYPE MemoryType
696 )
697 {
698 return IsMemoryTypeToGuard (MemoryType, AllocateAnyPages,
699 GUARD_HEAP_TYPE_POOL);
700 }
701
702 /**
703 Check to see if the page at the given address should be guarded or not.
704
705 @param[in] MemoryType Page type to check.
706 @param[in] AllocateType Allocation type to check.
707
708 @return TRUE The given type of page should be guarded.
709 @return FALSE The given type of page should not be guarded.
710 **/
711 BOOLEAN
712 IsPageTypeToGuard (
713 IN EFI_MEMORY_TYPE MemoryType,
714 IN EFI_ALLOCATE_TYPE AllocateType
715 )
716 {
717 return IsMemoryTypeToGuard (MemoryType, AllocateType, GUARD_HEAP_TYPE_PAGE);
718 }
719
720 /**
721 Set head Guard and tail Guard for the given memory range.
722
723 @param[in] Memory Base address of memory to set guard for.
724 @param[in] NumberOfPages Memory size in pages.
725
726 @return VOID
727 **/
728 VOID
729 SetGuardForMemory (
730 IN EFI_PHYSICAL_ADDRESS Memory,
731 IN UINTN NumberOfPages
732 )
733 {
734 EFI_PHYSICAL_ADDRESS GuardPage;
735
736 //
737 // Set tail Guard
738 //
739 GuardPage = Memory + EFI_PAGES_TO_SIZE (NumberOfPages);
740 if (!IsGuardPage (GuardPage)) {
741 SetGuardPage (GuardPage);
742 }
743
744 // Set head Guard
745 GuardPage = Memory - EFI_PAGES_TO_SIZE (1);
746 if (!IsGuardPage (GuardPage)) {
747 SetGuardPage (GuardPage);
748 }
749
750 //
751 // Mark the memory range as Guarded
752 //
753 SetGuardedMemoryBits (Memory, NumberOfPages);
754 }
755
756 /**
757 Unset head Guard and tail Guard for the given memory range.
758
759 @param[in] Memory Base address of memory to unset guard for.
760 @param[in] NumberOfPages Memory size in pages.
761
762 @return VOID
763 **/
764 VOID
765 UnsetGuardForMemory (
766 IN EFI_PHYSICAL_ADDRESS Memory,
767 IN UINTN NumberOfPages
768 )
769 {
770 EFI_PHYSICAL_ADDRESS GuardPage;
771
772 if (NumberOfPages == 0) {
773 return;
774 }
775
776 //
777 // Head Guard must be one page before, if any.
778 //
779 GuardPage = Memory - EFI_PAGES_TO_SIZE (1);
780 if (IsHeadGuard (GuardPage)) {
781 if (!IsMemoryGuarded (GuardPage - EFI_PAGES_TO_SIZE (1))) {
782 //
783 // If the head Guard is not a tail Guard of adjacent memory block,
784 // unset it.
785 //
786 UnsetGuardPage (GuardPage);
787 }
788 } else if (IsMemoryGuarded (GuardPage)) {
789 //
790 // Pages before memory to free are still in Guard. It's a partial free
791 // case. Turn first page of memory block to free into a new Guard.
792 //
793 SetGuardPage (Memory);
794 }
795
796 //
797 // Tail Guard must be the page after this memory block to free, if any.
798 //
799 GuardPage = Memory + EFI_PAGES_TO_SIZE (NumberOfPages);
800 if (IsTailGuard (GuardPage)) {
801 if (!IsMemoryGuarded (GuardPage + EFI_PAGES_TO_SIZE (1))) {
802 //
803 // If the tail Guard is not a head Guard of adjacent memory block,
804 // free it; otherwise, keep it.
805 //
806 UnsetGuardPage (GuardPage);
807 }
808 } else if (IsMemoryGuarded (GuardPage)) {
809 //
810 // Pages after memory to free are still in Guard. It's a partial free
811 // case. We need to keep one page to be a head Guard.
812 //
813 SetGuardPage (GuardPage - EFI_PAGES_TO_SIZE (1));
814 }
815
816 //
817 // No matter what, we just clear the mark of the Guarded memory.
818 //
819 ClearGuardedMemoryBits(Memory, NumberOfPages);
820 }
821
822 /**
823 Adjust address of free memory according to existing and/or required Guard.
824
825 This function will check if there're existing Guard pages of adjacent
826 memory blocks, and try to use it as the Guard page of the memory to be
827 allocated.
828
829 @param[in] Start Start address of free memory block.
830 @param[in] Size Size of free memory block.
831 @param[in] SizeRequested Size of memory to allocate.
832
833 @return The end address of memory block found.
834 @return 0 if no enough space for the required size of memory and its Guard.
835 **/
836 UINT64
837 AdjustMemoryS (
838 IN UINT64 Start,
839 IN UINT64 Size,
840 IN UINT64 SizeRequested
841 )
842 {
843 UINT64 Target;
844
845 Target = Start + Size - SizeRequested;
846
847 //
848 // At least one more page needed for Guard page.
849 //
850 if (Size < (SizeRequested + EFI_PAGES_TO_SIZE (1))) {
851 return 0;
852 }
853
854 if (!IsGuardPage (Start + Size)) {
855 // No Guard at tail to share. One more page is needed.
856 Target -= EFI_PAGES_TO_SIZE (1);
857 }
858
859 // Out of range?
860 if (Target < Start) {
861 return 0;
862 }
863
864 // At the edge?
865 if (Target == Start) {
866 if (!IsGuardPage (Target - EFI_PAGES_TO_SIZE (1))) {
867 // No enough space for a new head Guard if no Guard at head to share.
868 return 0;
869 }
870 }
871
872 // OK, we have enough pages for memory and its Guards. Return the End of the
873 // free space.
874 return Target + SizeRequested - 1;
875 }
876
877 /**
878 Adjust the start address and number of pages to free according to Guard.
879
880 The purpose of this function is to keep the shared Guard page with adjacent
881 memory block if it's still in guard, or free it if no more sharing. Another
882 is to reserve pages as Guard pages in partial page free situation.
883
884 @param[in,out] Memory Base address of memory to free.
885 @param[in,out] NumberOfPages Size of memory to free.
886
887 @return VOID.
888 **/
889 VOID
890 AdjustMemoryF (
891 IN OUT EFI_PHYSICAL_ADDRESS *Memory,
892 IN OUT UINTN *NumberOfPages
893 )
894 {
895 EFI_PHYSICAL_ADDRESS Start;
896 EFI_PHYSICAL_ADDRESS MemoryToTest;
897 UINTN PagesToFree;
898
899 if (Memory == NULL || NumberOfPages == NULL || *NumberOfPages == 0) {
900 return;
901 }
902
903 Start = *Memory;
904 PagesToFree = *NumberOfPages;
905
906 //
907 // Head Guard must be one page before, if any.
908 //
909 MemoryToTest = Start - EFI_PAGES_TO_SIZE (1);
910 if (IsHeadGuard (MemoryToTest)) {
911 if (!IsMemoryGuarded (MemoryToTest - EFI_PAGES_TO_SIZE (1))) {
912 //
913 // If the head Guard is not a tail Guard of adjacent memory block,
914 // free it; otherwise, keep it.
915 //
916 Start -= EFI_PAGES_TO_SIZE (1);
917 PagesToFree += 1;
918 }
919 } else if (IsMemoryGuarded (MemoryToTest)) {
920 //
921 // Pages before memory to free are still in Guard. It's a partial free
922 // case. We need to keep one page to be a tail Guard.
923 //
924 Start += EFI_PAGES_TO_SIZE (1);
925 PagesToFree -= 1;
926 }
927
928 //
929 // Tail Guard must be the page after this memory block to free, if any.
930 //
931 MemoryToTest = Start + EFI_PAGES_TO_SIZE (PagesToFree);
932 if (IsTailGuard (MemoryToTest)) {
933 if (!IsMemoryGuarded (MemoryToTest + EFI_PAGES_TO_SIZE (1))) {
934 //
935 // If the tail Guard is not a head Guard of adjacent memory block,
936 // free it; otherwise, keep it.
937 //
938 PagesToFree += 1;
939 }
940 } else if (IsMemoryGuarded (MemoryToTest)) {
941 //
942 // Pages after memory to free are still in Guard. It's a partial free
943 // case. We need to keep one page to be a head Guard.
944 //
945 PagesToFree -= 1;
946 }
947
948 *Memory = Start;
949 *NumberOfPages = PagesToFree;
950 }
951
952 /**
953 Adjust the base and number of pages to really allocate according to Guard.
954
955 @param[in,out] Memory Base address of free memory.
956 @param[in,out] NumberOfPages Size of memory to allocate.
957
958 @return VOID.
959 **/
960 VOID
961 AdjustMemoryA (
962 IN OUT EFI_PHYSICAL_ADDRESS *Memory,
963 IN OUT UINTN *NumberOfPages
964 )
965 {
966 //
967 // FindFreePages() has already taken the Guard into account. It's safe to
968 // adjust the start address and/or number of pages here, to make sure that
969 // the Guards are also "allocated".
970 //
971 if (!IsGuardPage (*Memory + EFI_PAGES_TO_SIZE (*NumberOfPages))) {
972 // No tail Guard, add one.
973 *NumberOfPages += 1;
974 }
975
976 if (!IsGuardPage (*Memory - EFI_PAGE_SIZE)) {
977 // No head Guard, add one.
978 *Memory -= EFI_PAGE_SIZE;
979 *NumberOfPages += 1;
980 }
981 }
982
983 /**
984 Adjust the pool head position to make sure the Guard page is adjavent to
985 pool tail or pool head.
986
987 @param[in] Memory Base address of memory allocated.
988 @param[in] NoPages Number of pages actually allocated.
989 @param[in] Size Size of memory requested.
990 (plus pool head/tail overhead)
991
992 @return Address of pool head.
993 **/
994 VOID *
995 AdjustPoolHeadA (
996 IN EFI_PHYSICAL_ADDRESS Memory,
997 IN UINTN NoPages,
998 IN UINTN Size
999 )
1000 {
1001 if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) {
1002 //
1003 // Pool head is put near the head Guard
1004 //
1005 return (VOID *)(UINTN)Memory;
1006 }
1007
1008 //
1009 // Pool head is put near the tail Guard
1010 //
1011 return (VOID *)(UINTN)(Memory + EFI_PAGES_TO_SIZE (NoPages) - Size);
1012 }
1013
1014 /**
1015 Get the page base address according to pool head address.
1016
1017 @param[in] Memory Head address of pool to free.
1018
1019 @return Address of pool head.
1020 **/
1021 VOID *
1022 AdjustPoolHeadF (
1023 IN EFI_PHYSICAL_ADDRESS Memory
1024 )
1025 {
1026 if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0) {
1027 //
1028 // Pool head is put near the head Guard
1029 //
1030 return (VOID *)(UINTN)Memory;
1031 }
1032
1033 //
1034 // Pool head is put near the tail Guard
1035 //
1036 return (VOID *)(UINTN)(Memory & ~EFI_PAGE_MASK);
1037 }
1038
1039 /**
1040 Allocate or free guarded memory.
1041
1042 @param[in] Start Start address of memory to allocate or free.
1043 @param[in] NumberOfPages Memory size in pages.
1044 @param[in] NewType Memory type to convert to.
1045
1046 @return VOID.
1047 **/
1048 EFI_STATUS
1049 CoreConvertPagesWithGuard (
1050 IN UINT64 Start,
1051 IN UINTN NumberOfPages,
1052 IN EFI_MEMORY_TYPE NewType
1053 )
1054 {
1055 if (NewType == EfiConventionalMemory) {
1056 AdjustMemoryF (&Start, &NumberOfPages);
1057 } else {
1058 AdjustMemoryA (&Start, &NumberOfPages);
1059 }
1060
1061 return CoreConvertPages(Start, NumberOfPages, NewType);
1062 }
1063
1064 /**
1065 Helper function to convert a UINT64 value in binary to a string.
1066
1067 @param[in] Value Value of a UINT64 integer.
1068 @param[out] BinString String buffer to contain the conversion result.
1069
1070 @return VOID.
1071 **/
1072 VOID
1073 Uint64ToBinString (
1074 IN UINT64 Value,
1075 OUT CHAR8 *BinString
1076 )
1077 {
1078 UINTN Index;
1079
1080 if (BinString == NULL) {
1081 return;
1082 }
1083
1084 for (Index = 64; Index > 0; --Index) {
1085 BinString[Index - 1] = '0' + (Value & 1);
1086 Value = RShiftU64 (Value, 1);
1087 }
1088 BinString[64] = '\0';
1089 }
1090
1091 /**
1092 Dump the guarded memory bit map.
1093 **/
1094 VOID
1095 EFIAPI
1096 DumpGuardedMemoryBitmap (
1097 VOID
1098 )
1099 {
1100 UINTN Entries[GUARDED_HEAP_MAP_TABLE_DEPTH];
1101 UINTN Shifts[GUARDED_HEAP_MAP_TABLE_DEPTH];
1102 UINTN Indices[GUARDED_HEAP_MAP_TABLE_DEPTH];
1103 UINT64 Tables[GUARDED_HEAP_MAP_TABLE_DEPTH];
1104 UINT64 Addresses[GUARDED_HEAP_MAP_TABLE_DEPTH];
1105 UINT64 TableEntry;
1106 UINT64 Address;
1107 INTN Level;
1108 UINTN RepeatZero;
1109 CHAR8 String[GUARDED_HEAP_MAP_ENTRY_BITS + 1];
1110 CHAR8 *Ruler1;
1111 CHAR8 *Ruler2;
1112
1113 if (mGuardedMemoryMap == 0) {
1114 return;
1115 }
1116
1117 Ruler1 = " 3 2 1 0";
1118 Ruler2 = "FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210";
1119
1120 DEBUG ((HEAP_GUARD_DEBUG_LEVEL, "============================="
1121 " Guarded Memory Bitmap "
1122 "==============================\r\n"));
1123 DEBUG ((HEAP_GUARD_DEBUG_LEVEL, " %a\r\n", Ruler1));
1124 DEBUG ((HEAP_GUARD_DEBUG_LEVEL, " %a\r\n", Ruler2));
1125
1126 CopyMem (Entries, mLevelMask, sizeof (Entries));
1127 CopyMem (Shifts, mLevelShift, sizeof (Shifts));
1128
1129 SetMem (Indices, sizeof(Indices), 0);
1130 SetMem (Tables, sizeof(Tables), 0);
1131 SetMem (Addresses, sizeof(Addresses), 0);
1132
1133 Level = GUARDED_HEAP_MAP_TABLE_DEPTH - mMapLevel;
1134 Tables[Level] = mGuardedMemoryMap;
1135 Address = 0;
1136 RepeatZero = 0;
1137
1138 while (TRUE) {
1139 if (Indices[Level] > Entries[Level]) {
1140
1141 Tables[Level] = 0;
1142 Level -= 1;
1143 RepeatZero = 0;
1144
1145 DEBUG ((
1146 HEAP_GUARD_DEBUG_LEVEL,
1147 "========================================="
1148 "=========================================\r\n"
1149 ));
1150
1151 } else {
1152
1153 TableEntry = ((UINT64 *)(UINTN)Tables[Level])[Indices[Level]];
1154 Address = Addresses[Level];
1155
1156 if (TableEntry == 0) {
1157
1158 if (Level == GUARDED_HEAP_MAP_TABLE_DEPTH - 1) {
1159 if (RepeatZero == 0) {
1160 Uint64ToBinString(TableEntry, String);
1161 DEBUG ((HEAP_GUARD_DEBUG_LEVEL, "%016lx: %a\r\n", Address, String));
1162 } else if (RepeatZero == 1) {
1163 DEBUG ((HEAP_GUARD_DEBUG_LEVEL, "... : ...\r\n"));
1164 }
1165 RepeatZero += 1;
1166 }
1167
1168 } else if (Level < GUARDED_HEAP_MAP_TABLE_DEPTH - 1) {
1169
1170 Level += 1;
1171 Tables[Level] = TableEntry;
1172 Addresses[Level] = Address;
1173 Indices[Level] = 0;
1174 RepeatZero = 0;
1175
1176 continue;
1177
1178 } else {
1179
1180 RepeatZero = 0;
1181 Uint64ToBinString(TableEntry, String);
1182 DEBUG ((HEAP_GUARD_DEBUG_LEVEL, "%016lx: %a\r\n", Address, String));
1183
1184 }
1185 }
1186
1187 if (Level < (GUARDED_HEAP_MAP_TABLE_DEPTH - (INTN)mMapLevel)) {
1188 break;
1189 }
1190
1191 Indices[Level] += 1;
1192 Address = (Level == 0) ? 0 : Addresses[Level - 1];
1193 Addresses[Level] = Address | LShiftU64(Indices[Level], Shifts[Level]);
1194
1195 }
1196 }
1197
EFI Development Kit II mirror for PVE