} while (Status == EFI_BUFFER_TOO_SMALL);\r
ASSERT_EFI_ERROR (Status);\r
\r
- DEBUG((DEBUG_ERROR, "%a: applying strict permissions to active memory regions\n",\r
- __FUNCTION__));\r
+ DEBUG ((\r
+ DEBUG_INFO,\r
+ "%a: applying strict permissions to active memory regions\n",\r
+ __FUNCTION__\r
+ ));\r
\r
MergeMemoryMapForProtectionPolicy (MemoryMap, &MemoryMapSize, DescriptorSize);\r
\r
\r
Attributes = GetPermissionAttributeForMemoryType (MemoryMapEntry->Type);\r
if (Attributes != 0) {\r
- SetUefiImageMemoryAttributes (\r
- MemoryMapEntry->PhysicalStart,\r
- LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT),\r
- Attributes);\r
+ if (MemoryMapEntry->PhysicalStart == 0 &&\r
+ PcdGet8 (PcdNullPointerDetectionPropertyMask) != 0) {\r
+\r
+ ASSERT (MemoryMapEntry->NumberOfPages > 0);\r
+ //\r
+ // Skip page 0 if NULL pointer detection is enabled to avoid attributes\r
+ // overwritten.\r
+ //\r
+ SetUefiImageMemoryAttributes (\r
+ MemoryMapEntry->PhysicalStart + EFI_PAGE_SIZE,\r
+ LShiftU64 (MemoryMapEntry->NumberOfPages - 1, EFI_PAGE_SHIFT),\r
+ Attributes);\r
+ } else {\r
+ SetUefiImageMemoryAttributes (\r
+ MemoryMapEntry->PhysicalStart,\r
+ LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT),\r
+ Attributes);\r
+ }\r
}\r
MemoryMapEntry = NEXT_MEMORY_DESCRIPTOR (MemoryMapEntry, DescriptorSize);\r
}\r
// accessible, but have not been added to the UEFI memory map (yet).\r
//\r
if (GetPermissionAttributeForMemoryType (EfiConventionalMemory) != 0) {\r
- DEBUG((DEBUG_ERROR,\r
+ DEBUG ((\r
+ DEBUG_INFO,\r
"%a: applying strict permissions to inactive memory regions\n",\r
- __FUNCTION__));\r
+ __FUNCTION__\r
+ ));\r
\r
CoreAcquireGcdMemoryLock ();\r
\r
}\r
}\r
\r
+/**\r
+ Disable NULL pointer detection after EndOfDxe. This is a workaround resort in\r
+ order to skip unfixable NULL pointer access issues detected in OptionROM or\r
+ boot loaders.\r
+\r
+ @param[in] Event The Event this notify function registered to.\r
+ @param[in] Context Pointer to the context data registered to the Event.\r
+**/\r
+VOID\r
+EFIAPI\r
+DisableNullDetectionAtTheEndOfDxe (\r
+ EFI_EVENT Event,\r
+ VOID *Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR Desc;\r
+\r
+ DEBUG ((DEBUG_INFO, "DisableNullDetectionAtTheEndOfDxe(): start\r\n"));\r
+ //\r
+ // Disable NULL pointer detection by enabling first 4K page\r
+ //\r
+ Status = CoreGetMemorySpaceDescriptor (0, &Desc);\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ if ((Desc.Capabilities & EFI_MEMORY_RP) == 0) {\r
+ Status = CoreSetMemorySpaceCapabilities (\r
+ 0,\r
+ EFI_PAGE_SIZE,\r
+ Desc.Capabilities | EFI_MEMORY_RP\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+ }\r
+\r
+ Status = CoreSetMemorySpaceAttributes (\r
+ 0,\r
+ EFI_PAGE_SIZE,\r
+ Desc.Attributes & ~EFI_MEMORY_RP\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ CoreCloseEvent (Event);\r
+ DEBUG ((DEBUG_INFO, "DisableNullDetectionAtTheEndOfDxe(): end\r\n"));\r
+\r
+ return;\r
+}\r
+\r
/**\r
Initialize Memory Protection support.\r
**/\r
{\r
EFI_STATUS Status;\r
EFI_EVENT Event;\r
+ EFI_EVENT EndOfDxeEvent;\r
VOID *Registration;\r
\r
mImageProtectionPolicy = PcdGet32(PcdImageProtectionPolicy);\r
);\r
ASSERT_EFI_ERROR(Status);\r
}\r
+\r
+ //\r
+ // Register a callback to disable NULL pointer detection at EndOfDxe\r
+ //\r
+ if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7))\r
+ == (BIT0|BIT7)) {\r
+ Status = CoreCreateEventEx (\r
+ EVT_NOTIFY_SIGNAL,\r
+ TPL_NOTIFY,\r
+ DisableNullDetectionAtTheEndOfDxe,\r
+ NULL,\r
+ &gEfiEndOfDxeEventGroupGuid,\r
+ &EndOfDxeEvent\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+ }\r
+\r
return ;\r
}\r
\r