MdeModulePkg/Core: Create Migrated FV Info Hob for calculating hash (CVE-2019-11098)

[mirror_edk2.git] / MdeModulePkg / Core / Pei / Dispatcher / Dispatcher.c

diff --git a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c
index 5bc0f8674d601cc79126000db70431c5f6be5e9c..b9a279ec73a2b1338dbdf0cfb35c45c4b3d3f255 100644 (file)
--- a/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c
+++ b/MdeModulePkg/Core/Pei/Dispatcher/Dispatcher.c
@@ -1234,10 +1234,12 @@ EvacuateTempRam (
   EFI_FIRMWARE_VOLUME_HEADER    *FvHeader;\r
   EFI_FIRMWARE_VOLUME_HEADER    *ChildFvHeader;\r
   EFI_FIRMWARE_VOLUME_HEADER    *MigratedFvHeader;\r
+  EFI_FIRMWARE_VOLUME_HEADER    *RawDataFvHeader;\r
   EFI_FIRMWARE_VOLUME_HEADER    *MigratedChildFvHeader;\r
 \r
   PEI_CORE_FV_HANDLE            PeiCoreFvHandle;\r
   EFI_PEI_CORE_FV_LOCATION_PPI  *PeiCoreFvLocationPpi;\r
+  EDKII_MIGRATED_FV_INFO        MigratedFvInfo;\r
 \r
   ASSERT (Private->PeiMemoryInstalled);\r
 \r
@@ -1274,6 +1276,9 @@ EvacuateTempRam (
         (((EFI_PHYSICAL_ADDRESS)(UINTN) FvHeader + (FvHeader->FvLength - 1)) < Private->FreePhysicalMemoryTop)\r
         )\r
       ) {\r
+      //\r
+      // Allocate page to save the rebased PEIMs, the PEIMs will get dispatched later.\r
+      //\r
       Status =  PeiServicesAllocatePages (\r
                   EfiBootServicesCode,\r
                   EFI_SIZE_TO_PAGES ((UINTN) FvHeader->FvLength),\r
@@ -1281,6 +1286,17 @@ EvacuateTempRam (
                   );\r
       ASSERT_EFI_ERROR (Status);\r
 \r
+      //\r
+      // Allocate pool to save the raw PEIMs, which is used to keep consistent context across\r
+      // multiple boot and PCR0 will keep the same no matter if the address of allocated page is changed.\r
+      //\r
+      Status =  PeiServicesAllocatePages (\r
+                  EfiBootServicesCode,\r
+                  EFI_SIZE_TO_PAGES ((UINTN) FvHeader->FvLength),\r
+                  (EFI_PHYSICAL_ADDRESS *) &RawDataFvHeader\r
+                  );\r
+      ASSERT_EFI_ERROR (Status);\r
+\r
       DEBUG ((\r
         DEBUG_VERBOSE,\r
         "  Migrating FV[%d] from 0x%08X to 0x%08X\n",\r
@@ -1289,7 +1305,19 @@ EvacuateTempRam (
         (UINTN) MigratedFvHeader\r
         ));\r
 \r
+      //\r
+      // Copy the context to the rebased pages and raw pages, and create hob to save the\r
+      // information. The MigratedFvInfo HOB will never be produced when\r
+      // PcdMigrateTemporaryRamFirmwareVolumes is FALSE, because the PCD control the\r
+      // feature.\r
+      //\r
       CopyMem (MigratedFvHeader, FvHeader, (UINTN) FvHeader->FvLength);\r
+      CopyMem (RawDataFvHeader, MigratedFvHeader, (UINTN) FvHeader->FvLength);\r
+      MigratedFvInfo.FvOrgBase  = (UINT32) (UINTN) FvHeader;\r
+      MigratedFvInfo.FvNewBase  = (UINT32) (UINTN) MigratedFvHeader;\r
+      MigratedFvInfo.FvDataBase = (UINT32) (UINTN) RawDataFvHeader;\r
+      MigratedFvInfo.FvLength   = (UINT32) (UINTN) FvHeader->FvLength;\r
+      BuildGuidDataHob (&gEdkiiMigratedFvInfoGuid, &MigratedFvInfo, sizeof (MigratedFvInfo));\r
 \r
       //\r
       // Migrate any children for this FV now\r