MdeModulePkg/EbcDxe: use EfiBootServicesCode memory for thunks

The EBC driver emits thunks for native to EBC calls, which are short
instructions sequences that bridge the gap between the native execution
environment and the EBC virtual machine.

Since these thunks are allocated using MemoryAllocationLib::AllocatePool(),
they are emitted into EfiBootServicesData regions, which does not reflect
the nature of these thunks accurately, and interferes with strict memory
protection policies that map data regions non-executable.

So instead, create a new helper EbcAllocatePoolForThunk() that invokes the
AllocatePool() boot service directly to allocate EfiBootServicesCode pool
memory explicitly, and wire up this helper for the various architecture
specific thunk generation routines.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

diff --git a/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c
index ade47c4d0622148d77df63a3de9b89583faa41ae..7c13ce12a38bc64885136bc24014190d9a9da655 100644 (file)
--- a/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c
+++ b/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c
@@ -383,7 +383,7 @@ EbcCreateThunks (
     return EFI_INVALID_PARAMETER;\r
   }\r
 \r
-  InstructionBuffer = AllocatePool (sizeof (EBC_INSTRUCTION_BUFFER));\r
+  InstructionBuffer = EbcAllocatePoolForThunk (sizeof (EBC_INSTRUCTION_BUFFER));\r
   if (InstructionBuffer == NULL) {\r
     return EFI_OUT_OF_RESOURCES;\r
   }\r

diff --git a/MdeModulePkg/Universal/EbcDxe/EbcInt.c b/MdeModulePkg/Universal/EbcDxe/EbcInt.c
index 6fd2aaf5af276fdc469caf8a775fd3dc0c190663..727ba8bcae44d65da091493ed05fcf0d37041a96 100644 (file)
--- a/MdeModulePkg/Universal/EbcDxe/EbcInt.c
+++ b/MdeModulePkg/Universal/EbcDxe/EbcInt.c
@@ -1410,3 +1410,26 @@ EbcVmTestUnsupported (
   return EFI_UNSUPPORTED;\r
 }\r
 \r
+/**\r
+  Allocates a buffer of type EfiBootServicesCode.\r
+\r
+  @param  AllocationSize        The number of bytes to allocate.\r
+\r
+  @return A pointer to the allocated buffer or NULL if allocation fails.\r
+\r
+**/\r
+VOID *\r
+EFIAPI\r
+EbcAllocatePoolForThunk (\r
+  IN UINTN  AllocationSize\r
+  )\r
+{\r
+  VOID        *Buffer;\r
+  EFI_STATUS  Status;\r
+\r
+  Status = gBS->AllocatePool (EfiBootServicesCode, AllocationSize, &Buffer);\r
+  if (EFI_ERROR (Status)) {\r
+    return NULL;\r
+  }\r
+  return Buffer;\r
+}\r

diff --git a/MdeModulePkg/Universal/EbcDxe/EbcInt.h b/MdeModulePkg/Universal/EbcDxe/EbcInt.h
index 75017a23e75e2aa9c828095c4f121bdb5a95245d..8aa7a4abbd63ac57c985bcab2df625e11a507138 100644 (file)
--- a/MdeModulePkg/Universal/EbcDxe/EbcInt.h
+++ b/MdeModulePkg/Universal/EbcDxe/EbcInt.h
@@ -246,4 +246,18 @@ typedef struct {
       CR(a, EBC_PROTOCOL_PRIVATE_DATA, EbcProtocol, EBC_PROTOCOL_PRIVATE_DATA_SIGNATURE)\r
 \r
 \r
+/**\r
+  Allocates a buffer of type EfiBootServicesCode.\r
+\r
+  @param  AllocationSize        The number of bytes to allocate.\r
+\r
+  @return A pointer to the allocated buffer or NULL if allocation fails.\r
+\r
+**/\r
+VOID *\r
+EFIAPI\r
+EbcAllocatePoolForThunk (\r
+  IN UINTN  AllocationSize\r
+  );\r
+\r
 #endif // #ifndef _EBC_INT_H_\r

diff --git a/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c
index 8e660b93ad640e42af23ec4dec0b3c01590c0be3..a825846f89c333ce34a5793bf14092d5f58cc168 100644 (file)
--- a/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c
+++ b/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c
@@ -484,7 +484,7 @@ EbcCreateThunks (
 \r
   ThunkSize = sizeof(mInstructionBufferTemplate);\r
 \r
-  Ptr = AllocatePool (sizeof(mInstructionBufferTemplate));\r
+  Ptr = EbcAllocatePoolForThunk (sizeof(mInstructionBufferTemplate));\r
 \r
   if (Ptr == NULL) {\r
     return EFI_OUT_OF_RESOURCES;\r

diff --git a/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c
index 95837cb678658811ae913a1098e286dd19f7ffcf..f99348f181a97687402cdd6f470c96e6c2ba8d80 100644 (file)
--- a/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c
+++ b/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c
@@ -403,7 +403,7 @@ EbcCreateThunks (
   //\r
   Size      = EBC_THUNK_SIZE + EBC_THUNK_ALIGNMENT - 1;\r
   ThunkSize = Size;\r
-  Ptr = AllocatePool (Size);\r
+  Ptr = EbcAllocatePoolForThunk (Size);\r
 \r
   if (Ptr == NULL) {\r
     return EFI_OUT_OF_RESOURCES;\r

diff --git a/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c
index 4325e2e52710ea3aeeb9f9c95bcea8dcb3cff056..33a174917b6936e414b6684842785d68feb13dbe 100644 (file)
--- a/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c
+++ b/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c
@@ -441,7 +441,7 @@ EbcCreateThunks (
 \r
   ThunkSize = sizeof(mInstructionBufferTemplate);\r
 \r
-  Ptr = AllocatePool (sizeof(mInstructionBufferTemplate));\r
+  Ptr = EbcAllocatePoolForThunk (sizeof(mInstructionBufferTemplate));\r
 \r
   if (Ptr == NULL) {\r
     return EFI_OUT_OF_RESOURCES;\r