Move the memory allocation and variable set to BdsEntry, use VariableLock protocol to lock the L”PerfDataMemAddr” variable and prevent malware to update it.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14386 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
lzeng14 2013-05-23 02:56:41 +00:00
parent d0cec2da21
commit f6c07313d1
6 changed files with 76 additions and 58 deletions

View File

@ -1,7 +1,7 @@
/** @file /** @file
BDS Lib functions which relate with create or process the boot option. BDS Lib functions which relate with create or process the boot option.
Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2004 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -2229,10 +2229,6 @@ BdsLibBootViaBootOption (
LIST_ENTRY TempBootLists; LIST_ENTRY TempBootLists;
EFI_BOOT_LOGO_PROTOCOL *BootLogo; EFI_BOOT_LOGO_PROTOCOL *BootLogo;
PERF_CODE (
AllocateMemoryForPerformanceData ();
);
*ExitDataSize = 0; *ExitDataSize = 0;
*ExitData = NULL; *ExitData = NULL;

View File

@ -85,16 +85,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#endif #endif
#endif #endif
/**
Allocates a block of memory to store performance data.
**/
VOID
AllocateMemoryForPerformanceData (
VOID
);
/** /**
Writes performance data of booting into the allocated memory. Writes performance data of booting into the allocated memory.

View File

@ -3,7 +3,7 @@
performance, all the function will only include if the performance performance, all the function will only include if the performance
switch is set. switch is set.
Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2004 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -19,7 +19,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
PERF_HEADER mPerfHeader; PERF_HEADER mPerfHeader;
PERF_DATA mPerfData; PERF_DATA mPerfData;
EFI_PHYSICAL_ADDRESS mAcpiLowMemoryBase = 0x0FFFFFFFFULL; EFI_PHYSICAL_ADDRESS mAcpiLowMemoryBase = 0x0FFFFFFFFULL;
UINT32 mAcpiLowMemoryLength = 0x4000;
/** /**
Get the short verion of PDB file name to be Get the short verion of PDB file name to be
@ -134,40 +133,6 @@ GetNameFromHandle (
return ; return ;
} }
/**
Allocates a block of memory to store performance data.
**/
VOID
AllocateMemoryForPerformanceData (
VOID
)
{
EFI_STATUS Status;
if (mAcpiLowMemoryBase == 0x0FFFFFFFF) {
//
// Allocate a block of memory that contain performance data to OS
//
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiReservedMemoryType,
EFI_SIZE_TO_PAGES (mAcpiLowMemoryLength),
&mAcpiLowMemoryBase
);
if (!EFI_ERROR (Status)) {
gRT->SetVariable (
L"PerfDataMemAddr",
&gPerformanceProtocolGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (EFI_PHYSICAL_ADDRESS),
&mAcpiLowMemoryBase
);
}
}
}
/** /**
Writes performance data of booting into the allocated memory. Writes performance data of booting into the allocated memory.
@ -209,16 +174,13 @@ WriteBootToOsPerformanceData (
// List of flags indicating PerfEntry contains DXE handle // List of flags indicating PerfEntry contains DXE handle
// //
BOOLEAN *PerfEntriesAsDxeHandle; BOOLEAN *PerfEntriesAsDxeHandle;
UINTN VarSize;
// //
// Record the performance data for End of BDS // Record the performance data for End of BDS
// //
PERF_END(NULL, "BDS", NULL, 0); PERF_END(NULL, "BDS", NULL, 0);
if (mAcpiLowMemoryBase == 0x0FFFFFFFF) {
return;
}
// //
// Retrieve time stamp count as early as possible // Retrieve time stamp count as early as possible
// //
@ -241,6 +203,23 @@ WriteBootToOsPerformanceData (
CountUp = FALSE; CountUp = FALSE;
} }
if (mAcpiLowMemoryBase == 0x0FFFFFFFF) {
VarSize = sizeof (EFI_PHYSICAL_ADDRESS);
Status = gRT->GetVariable (
L"PerfDataMemAddr",
&gPerformanceProtocolGuid,
NULL,
&VarSize,
&mAcpiLowMemoryBase
);
if (EFI_ERROR (Status)) {
//
// Fail to get the variable, return.
//
return;
}
}
// //
// Put Detailed performance data into memory // Put Detailed performance data into memory
// //
@ -257,7 +236,7 @@ WriteBootToOsPerformanceData (
} }
Ptr = (UINT8 *) ((UINT32) mAcpiLowMemoryBase + sizeof (PERF_HEADER)); Ptr = (UINT8 *) ((UINT32) mAcpiLowMemoryBase + sizeof (PERF_HEADER));
LimitCount = (mAcpiLowMemoryLength - sizeof (PERF_HEADER)) / sizeof (PERF_DATA); LimitCount = (UINT32) (PERF_DATA_MAX_LENGTH - sizeof (PERF_HEADER)) / sizeof (PERF_DATA);
NumPerfEntries = 0; NumPerfEntries = 0;
LogEntryKey = 0; LogEntryKey = 0;

View File

@ -35,6 +35,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Guid/LegacyDevOrder.h> #include <Guid/LegacyDevOrder.h>
#include <Guid/BdsHii.h> #include <Guid/BdsHii.h>
#include <Guid/ConnectConInEvent.h> #include <Guid/ConnectConInEvent.h>
#include <Guid/Performance.h>
#include <Protocol/GenericMemoryTest.h> #include <Protocol/GenericMemoryTest.h>
#include <Protocol/FormBrowser2.h> #include <Protocol/FormBrowser2.h>
#include <Protocol/HiiConfigAccess.h> #include <Protocol/HiiConfigAccess.h>
@ -66,7 +67,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/CapsuleLib.h> #include <Library/CapsuleLib.h>
#include <Library/HiiLib.h> #include <Library/HiiLib.h>
#include <Library/DevicePathLib.h> #include <Library/DevicePathLib.h>
#include <Library/PcdLib.h>
#include <Library/UefiHiiServicesLib.h> #include <Library/UefiHiiServicesLib.h>
#include <Library/GenericBdsLib.h> #include <Library/GenericBdsLib.h>

View File

@ -450,6 +450,54 @@ BdsFormalizeEfiGlobalVariable (
} }
/**
Allocate a block of memory that will contain performance data to OS.
**/
VOID
BdsAllocateMemoryForPerformanceData (
VOID
)
{
EFI_STATUS Status;
EFI_PHYSICAL_ADDRESS AcpiLowMemoryBase;
EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;
AcpiLowMemoryBase = 0x0FFFFFFFFULL;
//
// Allocate a block of memory that will contain performance data to OS.
//
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiReservedMemoryType,
EFI_SIZE_TO_PAGES (PERF_DATA_MAX_LENGTH),
&AcpiLowMemoryBase
);
if (!EFI_ERROR (Status)) {
//
// Save the pointer to variable for use in S3 resume.
//
Status = gRT->SetVariable (
L"PerfDataMemAddr",
&gPerformanceProtocolGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (EFI_PHYSICAL_ADDRESS),
&AcpiLowMemoryBase
);
ASSERT_EFI_ERROR (Status);
//
// Mark L"PerfDataMemAddr" variable to read-only if the Variable Lock protocol exists
//
Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **) &VariableLock);
if (!EFI_ERROR (Status)) {
Status = VariableLock->RequestToLock (VariableLock, L"PerfDataMemAddr", &gPerformanceProtocolGuid);
ASSERT_EFI_ERROR (Status);
}
}
}
/** /**
Service routine for BdsInstance->Entry(). Devices are connected, the Service routine for BdsInstance->Entry(). Devices are connected, the
@ -479,6 +527,10 @@ BdsEntry (
PERF_END (NULL, "DXE", NULL, 0); PERF_END (NULL, "DXE", NULL, 0);
PERF_START (NULL, "BDS", NULL, 0); PERF_START (NULL, "BDS", NULL, 0);
PERF_CODE (
BdsAllocateMemoryForPerformanceData ();
);
// //
// Initialize the global system boot option and driver option // Initialize the global system boot option and driver option
// //

View File

@ -4,7 +4,7 @@
* performance protocol interfaces. * performance protocol interfaces.
* performance variables. * performance variables.
Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution. the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at The full text of the license may be found at
@ -48,6 +48,7 @@ typedef struct {
#define PERF_TOKEN_SIZE 28 #define PERF_TOKEN_SIZE 28
#define PERF_TOKEN_LENGTH (PERF_TOKEN_SIZE - 1) #define PERF_TOKEN_LENGTH (PERF_TOKEN_SIZE - 1)
#define PERF_PEI_ENTRY_MAX_NUM 50 #define PERF_PEI_ENTRY_MAX_NUM 50
#define PERF_DATA_MAX_LENGTH 0x4000
typedef struct { typedef struct {
CHAR8 Token[PERF_TOKEN_SIZE]; CHAR8 Token[PERF_TOKEN_SIZE];