MdePkg/SmmMemLib: Check EFI_MEMORY_RO in UEFI mem attrib table.
authorJiewen Yao <jiewen.yao@intel.com>
Wed, 22 Nov 2017 15:11:22 +0000 (23:11 +0800)
committerJiewen Yao <jiewen.yao@intel.com>
Thu, 26 Jul 2018 14:51:24 +0000 (22:51 +0800)
It treats the UEFI runtime page with EFI_MEMORY_RO attribute as
invalid SMM communication buffer.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
MdePkg/Library/SmmMemLib/SmmMemLib.c
MdePkg/Library/SmmMemLib/SmmMemLib.inf

index 3f79e46..3409ddf 100644 (file)
 #include <Library/UefiBootServicesTableLib.h>\r
 #include <Library/DxeServicesTableLib.h>\r
 #include <Library/SmmServicesTableLib.h>\r
+#include <Library/UefiLib.h>\r
 #include <Library/HobLib.h>\r
 #include <Protocol/SmmAccess2.h>\r
 #include <Protocol/SmmReadyToLock.h>\r
 #include <Protocol/SmmEndOfDxe.h>\r
+#include <Guid/MemoryAttributesTable.h>\r
 \r
 //\r
 // attributes for reserved memory before it is promoted to system memory\r
@@ -39,9 +41,6 @@
 #define EFI_MEMORY_INITIALIZED  0x0200000000000000ULL\r
 #define EFI_MEMORY_TESTED       0x0400000000000000ULL\r
 \r
-#define NEXT_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \\r
-  ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) + (Size)))\r
-\r
 EFI_SMRAM_DESCRIPTOR *mSmmMemLibInternalSmramRanges;\r
 UINTN                mSmmMemLibInternalSmramCount;\r
 \r
@@ -57,6 +56,8 @@ UINTN                 mDescriptorSize;
 EFI_GCD_MEMORY_SPACE_DESCRIPTOR   *mSmmMemLibGcdMemSpace       = NULL;\r
 UINTN                             mSmmMemLibGcdMemNumberOfDesc = 0;\r
 \r
+EFI_MEMORY_ATTRIBUTES_TABLE  *mSmmMemLibMemoryAttributesTable = NULL;\r
+\r
 VOID                  *mRegistrationEndOfDxe;\r
 VOID                  *mRegistrationReadyToLock;\r
 \r
@@ -204,6 +205,32 @@ SmmIsBufferOutsideSmmValid (
         return FALSE;\r
       }\r
     }\r
+\r
+    //\r
+    // Check UEFI runtime memory with EFI_MEMORY_RO as invalid communication buffer.\r
+    //\r
+    if (mSmmMemLibMemoryAttributesTable != NULL) {\r
+      EFI_MEMORY_DESCRIPTOR *Entry;\r
+\r
+      Entry = (EFI_MEMORY_DESCRIPTOR *)(mSmmMemLibMemoryAttributesTable + 1);\r
+      for (Index = 0; Index < mSmmMemLibMemoryAttributesTable->NumberOfEntries; Index++) {\r
+        if (Entry->Type == EfiRuntimeServicesCode || Entry->Type == EfiRuntimeServicesData) {\r
+          if ((Entry->Attribute & EFI_MEMORY_RO) != 0) {\r
+            if (((Buffer >= Entry->PhysicalStart) && (Buffer < Entry->PhysicalStart + LShiftU64 (Entry->NumberOfPages, EFI_PAGE_SHIFT))) ||\r
+                ((Entry->PhysicalStart >= Buffer) && (Entry->PhysicalStart < Buffer + Length))) {\r
+              DEBUG ((\r
+                EFI_D_ERROR,\r
+                "SmmIsBufferOutsideSmmValid: In RuntimeCode Region: Buffer (0x%lx) - Length (0x%lx)\n",\r
+                Buffer,\r
+                Length\r
+                ));\r
+              return FALSE;\r
+            }\r
+          }\r
+        }\r
+        Entry = NEXT_MEMORY_DESCRIPTOR (Entry, mSmmMemLibMemoryAttributesTable->DescriptorSize);\r
+      }\r
+    }\r
   }\r
   return TRUE;\r
 }\r
@@ -399,6 +426,26 @@ SmmMemLibInternalGetGcdMemoryMap (
   gBS->FreePool (MemSpaceMap);\r
 }\r
 \r
+/**\r
+  Get UEFI MemoryAttributesTable.\r
+**/\r
+VOID\r
+SmmMemLibInternalGetUefiMemoryAttributesTable (\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS                   Status;\r
+  EFI_MEMORY_ATTRIBUTES_TABLE  *MemoryAttributesTable;\r
+  UINTN                        MemoryAttributesTableSize;\r
+\r
+  Status = EfiGetSystemConfigurationTable (&gEfiMemoryAttributesTableGuid, (VOID **)&MemoryAttributesTable);\r
+  if (!EFI_ERROR (Status)) {\r
+    MemoryAttributesTableSize = sizeof(EFI_MEMORY_ATTRIBUTES_TABLE) + MemoryAttributesTable->DescriptorSize * MemoryAttributesTable->NumberOfEntries;\r
+    mSmmMemLibMemoryAttributesTable = AllocateCopyPool (MemoryAttributesTableSize, MemoryAttributesTable);\r
+    ASSERT (mSmmMemLibMemoryAttributesTable != NULL);\r
+  }\r
+}\r
+\r
 /**\r
   Notification for SMM EndOfDxe protocol.\r
 \r
@@ -502,6 +549,11 @@ SmmLibInternalEndOfDxeNotify (
   //\r
   SmmMemLibInternalGetGcdMemoryMap ();\r
 \r
+  //\r
+  // Get UEFI memory attributes table.\r
+  //\r
+  SmmMemLibInternalGetUefiMemoryAttributesTable ();\r
+\r
   return EFI_SUCCESS;\r
 }\r
 \r
index 36576a4..525449c 100644 (file)
   BaseMemoryLib\r
   HobLib\r
   MemoryAllocationLib\r
+  UefiLib\r
 \r
 [Protocols]\r
   gEfiSmmAccess2ProtocolGuid     ## CONSUMES\r
   gEfiSmmReadyToLockProtocolGuid ## CONSUMES\r
   gEfiSmmEndOfDxeProtocolGuid    ## CONSUMES\r
 \r
+[Guids]\r
+  gEfiMemoryAttributesTableGuid  ## CONSUMES ## SystemTable\r
+\r
 [Depex]\r
   gEfiSmmAccess2ProtocolGuid\r