X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=MdePkg%2FLibrary%2FSmmMemLib%2FSmmMemLib.c;h=3f79e46d46dfca9f96235e03f68340cd801bf0e8;hp=b4e3156cb42a747feccc656a1119c116a8066b80;hb=233ffa90ccd852a8c6a478eb0426731d64598316;hpb=91f51fcc84d9ce3b801fdd895e514cd5525975c7

diff --git a/MdePkg/Library/SmmMemLib/SmmMemLib.c b/MdePkg/Library/SmmMemLib/SmmMemLib.c
index b4e3156cb4..3f79e46d46 100644
--- a/MdePkg/Library/SmmMemLib/SmmMemLib.c
+++ b/MdePkg/Library/SmmMemLib/SmmMemLib.c
@@ -6,7 +6,7 @@
   all SMRAM range via SMM_ACCESS2_PROTOCOL, including the range for firmware (like SMM Core
   and SMM driver) and/or specific dedicated hardware.
 
-  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD License
   which accompanies this distribution.  The full text of the license may be found at
@@ -25,12 +25,20 @@
 #include <Library/DebugLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/UefiBootServicesTableLib.h>
+#include <Library/DxeServicesTableLib.h>
 #include <Library/SmmServicesTableLib.h>
 #include <Library/HobLib.h>
 #include <Protocol/SmmAccess2.h>
 #include <Protocol/SmmReadyToLock.h>
 #include <Protocol/SmmEndOfDxe.h>
 
+//
+// attributes for reserved memory before it is promoted to system memory
+//
+#define EFI_MEMORY_PRESENT      0x0100000000000000ULL
+#define EFI_MEMORY_INITIALIZED  0x0200000000000000ULL
+#define EFI_MEMORY_TESTED       0x0400000000000000ULL
+
 #define NEXT_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \
   ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) + (Size)))
 
@@ -46,10 +54,13 @@ UINTN                 mMemoryMapEntryCount;
 EFI_MEMORY_DESCRIPTOR *mMemoryMap;
 UINTN                 mDescriptorSize;
 
+EFI_GCD_MEMORY_SPACE_DESCRIPTOR   *mSmmMemLibGcdMemSpace       = NULL;
+UINTN                             mSmmMemLibGcdMemNumberOfDesc = 0;
+
 VOID                  *mRegistrationEndOfDxe;
 VOID                  *mRegistrationReadyToLock;
 
-BOOLEAN               mSmmReadyToLock = FALSE;
+BOOLEAN               mSmmMemLibSmmReadyToLock = FALSE;
 
 /**
   Calculate and save the maximum support address.
@@ -86,9 +97,9 @@ SmmMemLibInternalCalculateMaximumSupportAddress (
   if (PhysicalAddressBits > 48) {
     PhysicalAddressBits = 48;
   }
-  
+
   //
-  // Save the maximum support address in one global variable  
+  // Save the maximum support address in one global variable
   //
   mSmmMemLibInternalMaximumSupportAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - 1);
   DEBUG ((EFI_D_INFO, "mSmmMemLibInternalMaximumSupportAddress = 0x%lx\n", mSmmMemLibInternalMaximumSupportAddress));
@@ -111,7 +122,7 @@ SmmIsBufferOutsideSmmValid (
   )
 {
   UINTN  Index;
-  
+
   //
   // Check override.
   // NOTE: (B:0->L:4G) is invalid for IA32, but (B:1->L:4G-1)/(B:4G-1->L:1) is valid.
@@ -131,7 +142,7 @@ SmmIsBufferOutsideSmmValid (
       ));
     return FALSE;
   }
-  
+
   for (Index = 0; Index < mSmmMemLibInternalSmramCount; Index ++) {
     if (((Buffer >= mSmmMemLibInternalSmramRanges[Index].CpuStart) && (Buffer < mSmmMemLibInternalSmramRanges[Index].CpuStart + mSmmMemLibInternalSmramRanges[Index].PhysicalSize)) ||
         ((mSmmMemLibInternalSmramRanges[Index].CpuStart >= Buffer) && (mSmmMemLibInternalSmramRanges[Index].CpuStart < Buffer + Length))) {
@@ -154,10 +165,10 @@ SmmIsBufferOutsideSmmValid (
   //
   // Check override for Valid Communication Region
   //
-  if (mSmmReadyToLock) {
+  if (mSmmMemLibSmmReadyToLock) {
     EFI_MEMORY_DESCRIPTOR          *MemoryMap;
     BOOLEAN                        InValidCommunicationRegion;
-    
+
     InValidCommunicationRegion = FALSE;
     MemoryMap = mMemoryMap;
     for (Index = 0; Index < mMemoryMapEntryCount; Index++) {
@@ -171,13 +182,28 @@ SmmIsBufferOutsideSmmValid (
     if (!InValidCommunicationRegion) {
       DEBUG ((
         EFI_D_ERROR,
-        "SmmIsBufferOutsideSmmValid: Not in ValidCommunicationRegion: Buffer (0x%lx) - Length (0x%lx), ",
+        "SmmIsBufferOutsideSmmValid: Not in ValidCommunicationRegion: Buffer (0x%lx) - Length (0x%lx)\n",
         Buffer,
         Length
         ));
-      ASSERT (FALSE);
       return FALSE;
     }
+
+    //
+    // Check untested memory as invalid communication buffer.
+    //
+    for (Index = 0; Index < mSmmMemLibGcdMemNumberOfDesc; Index++) {
+      if (((Buffer >= mSmmMemLibGcdMemSpace[Index].BaseAddress) && (Buffer < mSmmMemLibGcdMemSpace[Index].BaseAddress + mSmmMemLibGcdMemSpace[Index].Length)) ||
+          ((mSmmMemLibGcdMemSpace[Index].BaseAddress >= Buffer) && (mSmmMemLibGcdMemSpace[Index].BaseAddress < Buffer + Length))) {
+        DEBUG ((
+          EFI_D_ERROR,
+          "SmmIsBufferOutsideSmmValid: In Untested Memory Region: Buffer (0x%lx) - Length (0x%lx)\n",
+          Buffer,
+          Length
+          ));
+        return FALSE;
+      }
+    }
   }
   return TRUE;
 }
@@ -223,7 +249,7 @@ SmmCopyMemToSmram (
   If the check passes, it copies memory and returns EFI_SUCCESS.
   If the check fails, it returns EFI_SECURITY_VIOLATION.
   The implementation must be reentrant.
-  
+
   @param  DestinationBuffer   The pointer to the destination buffer of the memory copy.
   @param  SourceBuffer        The pointer to the source buffer of the memory copy.
   @param  Length              The number of bytes to copy from SourceBuffer to DestinationBuffer.
@@ -256,7 +282,7 @@ SmmCopyMemFromSmram (
   If the check passes, it copies memory and returns EFI_SUCCESS.
   If the check fails, it returns EFI_SECURITY_VIOLATION.
   The implementation must be reentrant, and it must handle the case where source buffer overlaps destination buffer.
-  
+
   @param  DestinationBuffer   The pointer to the destination buffer of the memory copy.
   @param  SourceBuffer        The pointer to the source buffer of the memory copy.
   @param  Length              The number of bytes to copy from SourceBuffer to DestinationBuffer.
@@ -293,11 +319,11 @@ SmmCopyMem (
   It checks if target buffer is valid per processor architecture and not overlap with SMRAM.
   If the check passes, it fills memory and returns EFI_SUCCESS.
   If the check fails, it returns EFI_SECURITY_VIOLATION.
-  
+
   @param  Buffer    The memory to set.
   @param  Length    The number of bytes to set.
   @param  Value     The value with which to fill Length bytes of Buffer.
-  
+
   @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor architecture or overlap with SMRAM.
   @retval EFI_SUCCESS            Memory is set.
 
@@ -318,6 +344,61 @@ SmmSetMem (
   return EFI_SUCCESS;
 }
 
+/**
+  Get GCD memory map.
+  Only record untested memory as invalid communication buffer.
+**/
+VOID
+SmmMemLibInternalGetGcdMemoryMap (
+  VOID
+  )
+{
+  UINTN                            NumberOfDescriptors;
+  EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *MemSpaceMap;
+  EFI_STATUS                       Status;
+  UINTN                            Index;
+
+  Status = gDS->GetMemorySpaceMap (&NumberOfDescriptors, &MemSpaceMap);
+  if (EFI_ERROR (Status)) {
+    return ;
+  }
+
+  mSmmMemLibGcdMemNumberOfDesc = 0;
+  for (Index = 0; Index < NumberOfDescriptors; Index++) {
+    if (MemSpaceMap[Index].GcdMemoryType == EfiGcdMemoryTypeReserved &&
+        (MemSpaceMap[Index].Capabilities & (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED | EFI_MEMORY_TESTED)) ==
+          (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED)
+          ) {
+      mSmmMemLibGcdMemNumberOfDesc++;
+    }
+  }
+
+  mSmmMemLibGcdMemSpace = AllocateZeroPool (mSmmMemLibGcdMemNumberOfDesc * sizeof (EFI_GCD_MEMORY_SPACE_DESCRIPTOR));
+  ASSERT (mSmmMemLibGcdMemSpace != NULL);
+  if (mSmmMemLibGcdMemSpace == NULL) {
+    mSmmMemLibGcdMemNumberOfDesc = 0;
+    gBS->FreePool (MemSpaceMap);
+    return ;
+  }
+
+  mSmmMemLibGcdMemNumberOfDesc = 0;
+  for (Index = 0; Index < NumberOfDescriptors; Index++) {
+    if (MemSpaceMap[Index].GcdMemoryType == EfiGcdMemoryTypeReserved &&
+        (MemSpaceMap[Index].Capabilities & (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED | EFI_MEMORY_TESTED)) ==
+          (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED)
+          ) {
+      CopyMem (
+        &mSmmMemLibGcdMemSpace[mSmmMemLibGcdMemNumberOfDesc],
+        &MemSpaceMap[Index],
+        sizeof(EFI_GCD_MEMORY_SPACE_DESCRIPTOR)
+        );
+      mSmmMemLibGcdMemNumberOfDesc++;
+    }
+  }
+
+  gBS->FreePool (MemSpaceMap);
+}
+
 /**
   Notification for SMM EndOfDxe protocol.
 
@@ -360,7 +441,7 @@ SmmLibInternalEndOfDxeNotify (
   do {
     Status = gBS->AllocatePool (EfiBootServicesData, MemoryMapSize, (VOID **)&MemoryMap);
     ASSERT (MemoryMap != NULL);
-  
+
     Status = gBS->GetMemoryMap (
                &MemoryMapSize,
                MemoryMap,
@@ -392,7 +473,7 @@ SmmLibInternalEndOfDxeNotify (
     MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, DescriptorSize);
   }
   MemoryMap = MemoryMapStart;
-  
+
   //
   // Get Data
   //
@@ -413,13 +494,17 @@ SmmLibInternalEndOfDxeNotify (
   }
   mMemoryMap = SmmMemoryMapStart;
   MemoryMap = MemoryMapStart;
-  
+
   gBS->FreePool (MemoryMap);
 
+  //
+  // Get additional information from GCD memory map.
+  //
+  SmmMemLibInternalGetGcdMemoryMap ();
+
   return EFI_SUCCESS;
 }
 
-
 /**
   Notification for SMM ReadyToLock protocol.
 
@@ -437,7 +522,7 @@ SmmLibInternalReadyToLockNotify (
   IN EFI_HANDLE      Handle
   )
 {
-  mSmmReadyToLock = TRUE;
+  mSmmMemLibSmmReadyToLock = TRUE;
   return EFI_SUCCESS;
 }
 /**
@@ -459,7 +544,7 @@ SmmMemLibConstructor (
   EFI_STATUS                    Status;
   EFI_SMM_ACCESS2_PROTOCOL      *SmmAccess;
   UINTN                         Size;
-  
+
   //
   // Get SMRAM information
   //