/** @file\r
Data type, macros and function prototypes of heap guard feature.\r
\r
-Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2017-2018, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
//\r
#define GUARD_HEAP_TYPE_PAGE BIT0\r
#define GUARD_HEAP_TYPE_POOL BIT1\r
+#define GUARD_HEAP_TYPE_FREED BIT4\r
+#define GUARD_HEAP_TYPE_ALL \\r
+ (GUARD_HEAP_TYPE_PAGE|GUARD_HEAP_TYPE_POOL|GUARD_HEAP_TYPE_FREED)\r
\r
//\r
// Debug message level\r
/**\r
Check to see if the heap guard is enabled for page and/or pool allocation.\r
\r
+ @param[in] GuardType Specify the sub-type(s) of Heap Guard.\r
+\r
@return TRUE/FALSE.\r
**/\r
BOOLEAN\r
IsHeapGuardEnabled (\r
- VOID\r
+ UINT8 GuardType\r
);\r
\r
/**\r
VOID\r
);\r
\r
+/**\r
+ This function checks to see if the given memory map descriptor in a memory map\r
+ can be merged with any guarded free pages.\r
+\r
+ @param MemoryMapEntry A pointer to a descriptor in MemoryMap.\r
+ @param MaxAddress Maximum address to stop the merge.\r
+\r
+ @return VOID\r
+\r
+**/\r
+VOID\r
+MergeGuardPages (\r
+ IN EFI_MEMORY_DESCRIPTOR *MemoryMapEntry,\r
+ IN EFI_PHYSICAL_ADDRESS MaxAddress\r
+ );\r
+\r
+/**\r
+ Record freed pages as well as mark them as not-present, if enabled.\r
+\r
+ @param[in] BaseAddress Base address of just freed pages.\r
+ @param[in] Pages Number of freed pages.\r
+\r
+ @return VOID.\r
+**/\r
+VOID\r
+EFIAPI\r
+GuardFreedPagesChecked (\r
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,\r
+ IN UINTN Pages\r
+ );\r
+\r
+/**\r
+ Put part (at most 64 pages a time) guarded free pages back to free page pool.\r
+\r
+ Freed memory guard is used to detect Use-After-Free (UAF) memory issue, which\r
+ makes use of 'Used then throw away' way to detect any illegal access to freed\r
+ memory. The thrown-away memory will be marked as not-present so that any access\r
+ to those memory (after free) will be caught by page-fault exception.\r
+\r
+ The problem is that this will consume lots of memory space. Once no memory\r
+ left in pool to allocate, we have to restore part of the freed pages to their\r
+ normal function. Otherwise the whole system will stop functioning.\r
+\r
+ @param StartAddress Start address of promoted memory.\r
+ @param EndAddress End address of promoted memory.\r
+\r
+ @return TRUE Succeeded to promote memory.\r
+ @return FALSE No free memory found.\r
+\r
+**/\r
+BOOLEAN\r
+PromoteGuardedFreePages (\r
+ OUT EFI_PHYSICAL_ADDRESS *StartAddress,\r
+ OUT EFI_PHYSICAL_ADDRESS *EndAddress\r
+ );\r
+\r
extern BOOLEAN mOnGuarding;\r
\r
#endif\r
projects / mirror_edk2.git / blobdiff