Commit Graph

31 Commits

Author SHA1 Message Date
Miki Demeter cab1f02565 MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578)
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3387

Added use of SafeIntLib to validate values are not causing overflows or
underflows in user controlled values when calculating buffer sizes.

Signed-off-by: Miki Demeter <miki.demeter@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
2022-11-04 01:58:20 +00:00
Michael D Kinney 9d510e61fc MdeModulePkg: Replace BSD License with BSD+Patent License
https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Replace BSD 2-Clause License with BSD+Patent License.  This change is
based on the following emails:

  https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html
  https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html

RFCs with detailed process for the license change:

  V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html
  V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html
  V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2019-04-09 10:58:08 -07:00
Eric Dong bb2c9ccb33 MdeModulePkg/PiSmmCore: Control S3 related functionality through flag.
https://bugzilla.tianocore.org/show_bug.cgi?id=1590

Use PcdAcpiS3Enable to control whether need to enable S3 related
functionality in Pi SMM Core.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
2019-03-21 15:19:17 +08:00
shenglei 131818ba5a MdeModulePkg: Remove redundant library classes and GUIDs
Some redundant library classes and GUIDs
have been removed in inf, .c and .h files.
https://bugzilla.tianocore.org/show_bug.cgi?id=1044
https://bugzilla.tianocore.org/show_bug.cgi?id=1045
https://bugzilla.tianocore.org/show_bug.cgi?id=1047
https://bugzilla.tianocore.org/show_bug.cgi?id=1049
https://bugzilla.tianocore.org/show_bug.cgi?id=1051
https://bugzilla.tianocore.org/show_bug.cgi?id=1052
https://bugzilla.tianocore.org/show_bug.cgi?id=1053
https://bugzilla.tianocore.org/show_bug.cgi?id=1054
https://bugzilla.tianocore.org/show_bug.cgi?id=1055
https://bugzilla.tianocore.org/show_bug.cgi?id=1056
https://bugzilla.tianocore.org/show_bug.cgi?id=1017
https://bugzilla.tianocore.org/show_bug.cgi?id=1035
https://bugzilla.tianocore.org/show_bug.cgi?id=1033
https://bugzilla.tianocore.org/show_bug.cgi?id=1012
https://bugzilla.tianocore.org/show_bug.cgi?id=1011
https://bugzilla.tianocore.org/show_bug.cgi?id=1062

v2:
1. Correct copyright year.
2. Fix alignment issue in AcpiPlatformDxe.inf.
3. Add DevicePathLib which is removed before in I2cHostDxe.inf.
4. Update NvmExpressPei.inf, NvmExpressPei.h, IScsiDxe.inf,
   IScsiDxe.inf, IScsiDxe.h, DxeMain.inf, DxeMain.h, PiSmmCore.inf
   and PiSmmCore.h for https://bugzilla.tianocore.org/show_bug.cgi?id=1062.

v3:
1. Add https://bugzilla.tianocore.org/show_bug.cgi?id=1062 to the
   link list.
2. Remove DevicePathLib from I2cHostDxe.inf.
3. Update NvmExpressPei.inf, NvmExpressPei.h, UfsPciHcDxe.inf,
   UfsPciHcDxe.h, I2cHostDxe.inf, AtaBusDxe.inf, IScsiDxe.inf,
   IScsiDxe.h, DxeMain.inf, DxeMain.h, PiSmmCore.inf and PiSmmCore.h
   for https://bugzilla.tianocore.org/show_bug.cgi?id=1062.
   (Forget to add UfsPciHcDxe.inf, UfsPciHcDxe.h, AtaBusDxe.inf,
   and I2cHostDxe.inf previously.)

Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: shenglei <shenglei.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2018-08-20 14:53:45 +08:00
Liming Gao d1102dba72 MdeModulePkg: Clean up source files
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2018-06-28 11:19:45 +08:00
Star Zeng 1bae3e0ed1 MdeModulePkg PiSmmCore: Register SMI handler to install S3SmmInitDone
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-03-03 14:20:38 +08:00
Star Zeng 7b9b55b2ef MdeModulePkg PiSmmCore: Only install EndOfS3Resume during S3 resume
Otherwise, it may be triggered wrongly by other code in OS.

This patch is to use S3 entry callback to determine if it will be
during S3 resume, and check it in SmmReadyToBootHandler().

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-12-12 18:30:06 +08:00
Star Zeng a85e7127bf MdeModulePkg: Rename SmmEndOfS3ResumeProtocolGuid to EndOfS3ResumeGuid
Rename SmmEndOfS3ResumeProtocolGuid to EndOfS3ResumeGuid as the GUID
may be used to install PPI in future to notify PEI phase code.

The references in UefiCpuPkg are also being updated.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2017-12-12 18:30:05 +08:00
Jian J Wang 938d2456fc MdeModulePkg/Core: Add missing header files into inf
The coding style requires that header files must be also added in module's inf
file, as long as they're included by c files. This patch will fix this issue.

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
2017-11-24 08:35:29 +08:00
Jian J Wang e63da9f033 MdeModulePkg: Fix unix style of EOL
Cc: Wu Hao <hao.a.wu@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
2017-11-21 20:24:37 +08:00
Jian J Wang 2930ef9809 MdeModulePkg/PiSmmCore: Implement heap guard feature for SMM mode
This feature makes use of paging mechanism to add a hidden (not present)
page just before and after the allocated memory block. If the code tries
to access memory outside of the allocated part, page fault exception will
be triggered.

This feature is controlled by three PCDs:

    gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask
    gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType
    gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType

BIT2 and BIT3 of PcdHeapGuardPropertyMask can be used to enable or disable
memory guard for SMM page and pool respectively. PcdHeapGuardPoolType and/or
PcdHeapGuardPageType are used to enable or disable guard for specific type
of memory. For example, we can turn on guard only for EfiRuntimeServicesCode
and EfiRuntimeServicesData by setting the PCD with value 0x60.

Pool memory is not ususally integer multiple of one page, and is more likely
less than a page. There's no way to monitor the overflow at both top and
bottom of pool memory. BIT7 of PcdHeapGuardPropertyMask is used to control
how to position the head of pool memory so that it's easier to catch memory
overflow in memory growing direction or in decreasing direction.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2017-11-17 11:03:19 +08:00
Eric Dong d76c2da8d5 MdeModulePkg/PiSmmCore: Install Protocol when S3 resume finished.
Install EdkiiSmmEndOfS3ResumeProtocol when S3 resume finished.
S3ResumePei will send S3 resume finished event to SmmCore through
communication buffer.

V2 change:
 None.

V3 change:
1. Uninstall the protocol right after install it to avoid run out of memory.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2017-10-12 10:17:56 +08:00
Liming Gao 3673214c6e MdeModulePkg: Update Ppi/Protocol/Guid usage in INF files
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2017-10-10 18:10:25 +08:00
Jiewen Yao ca41f3f43f MdeModulePkg/PiSmmCore: Add SmiHandlerProfile support.
1) SmmCore maintains the root SMI handler and NULL SMI handler
database.
2) SmmCore consumes PcdSmiHandlerProfilePropertyMask to decide
if SmmCore need support SMI handler profile.
If SMI handler profile is supported, the SmmCore installs
SMI handler profile protocol and SMI handler profile
communication handler.
3) SMI handler profile protocol will record the hardware SMI
handler profile registered by SmmChildDispatcher.
4) SMI handler profile communication handler will return all
SMI handler profile info (NULL SMI handler, GUID SMI handler,
and hardware SMI handler)

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2017-02-22 15:28:18 +08:00
Liming Gao 94a1bc1212 MdeModulePkg PiSmmCore: Retrieve Smram base address from system table
PiSmmIpl records LoadModuleAtFixAddressSmramBase in LMFAConfigurationTable.
Update PiSmmCore to directly get the address from this system table.

Cc: Star Zeng <star.zeng@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2016-12-12 10:52:33 +08:00
Jiewen Yao 285a682c78 MdeModulePkg/PiSmmCore: Add MemoryAttributes support.
The SMM memory attribute table concept is similar to UEFI
memory attribute table.

The new file MdeModulePkg/Core/PiSmmCore/MemoryAttributesTable.c
and the new code in MdeModulePkg/Core/PiSmmCore/Page.c
are based on the algorithms and implementation from
MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c
and MdeModulePkg/Core/Dxe/Mem/Page.c.

These new components are based on the Memory Attributes Table
feature from the UEFI Specification and the existing DXE Core
implementation that supports that feature.

This SMM MemoryAttributes table is produced at SmmEndOfDxe event.
So that the consumer (PiSmmCpu) may consult this table
to set memory attribute in page table.

This patch also installs LoadedImage protocol to SMM
protocol database, so that the SMM image info can be
got easily to construct the PiSmmMemoryAttributes table.

Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
2016-11-17 16:30:04 +08:00
Hao Wu 39cde03cc5 MdeModulePkg: Use IsZeroGuid API for zero GUID checking
Instead of comparing a GUID with gZeroGuid via the CompareGuid API, the
commit uses the IsZeroGuid API to check if the given GUID is a zero GUID.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Feng Tian <feng.tian@Intel.com>
2016-08-31 11:14:01 +08:00
Star Zeng e524f68064 MdeModulePkg PiSmmCore: Enhance memory profile for memory leak detection
1. Produce SMM memory profile protocol.
2. Consume PcdMemoryProfilePropertyMask to support disable recording
at the start.
3. Consume PcdMemoryProfileDriverPath to control which drivers need
memory profile data.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2016-07-01 09:39:56 +08:00
Star Zeng 53ec4d7f98 MdeModulePkg PiSmmCore: Introduce SMM Exit Boot Services and Legacy Boot.
And also SMM Ready To Boot.

The SMM Exit Boot Service protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_GROUP_EXIT_BOOT_SERVICES
to notify SMM driver that system enter exit boot services.

The SMM Legacy Boot protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_LEGACY_BOOT_GUID
to notify SMM driver that system enter legacy boot.

The SMM Ready To Boot protocol is to be published by the SMM
Foundation code to associate with EFI_EVENT_GROUP_READY_TO_BOOT
to notify SMM driver that system enter ready to boot.

After them, any SMM drivers can get protocol notify on what happened
in DXE phase, then there is no need to let each individual SMM driver
to register SMM Communication Handler for that.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17657 6f19259b-4bc3-4df7-8a09-765794883524
2015-06-18 09:26:41 +00:00
Yao, Jiewen 842b1242d1 Use SmmMemLib to check communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Gao, Liming" <liming.gao@intel.com>
Reviewed-by: "Fan, Jeff" <jeff.fan@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16694 6f19259b-4bc3-4df7-8a09-765794883524
2015-02-02 14:42:22 +00:00
Jeff Fan 3720ee6d32 Checking if gSmmCorePrivate->CommunicationBuffer is in supported physical address scope.
If CommunicationBuffer is not in valid address scope, return EFI_INVALID_PARAMETER.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <Jeff.fan@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>










git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16486 6f19259b-4bc3-4df7-8a09-765794883524
2014-12-09 02:20:16 +00:00
Star Zeng 84edd20bd0 MdeModulePkg DxeCore/PiSmmCore: Add UEFI memory and SMRAM profile support.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16335 6f19259b-4bc3-4df7-8a09-765794883524
2014-11-12 03:27:48 +00:00
Zeng, Star 6036e94dc9 MdeModulePkg: INF/DEC file updates to EDK II packages
1. Usage information in INF file comment blocks are either incomplete or incorrect.  
This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes.  
The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zeng, Star <star.zeng@intel.com>
Reviewed-by: Gao, Liming <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15962 6f19259b-4bc3-4df7-8a09-765794883524
2014-08-28 06:34:06 +00:00
jyao1 46ece1ff4f Add PI1.2.1 EndOfDxe support.
Signed-off-by: jiewen.yao@intel.com
Reviewed-by: michael.d.kinney@intel.com

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14009 6f19259b-4bc3-4df7-8a09-765794883524
2012-12-18 05:07:35 +00:00
lgao4 bc2dfdbcfc Add PI1.2.1 SAP2 support and UEFI231B mantis 896
1. Update SecurityManagementLib to support SAP2 and SAP services. 
2. Update SecurityStub driver to produce SAP2 and SAP protocol both.
3. Update DxeCore and SmmCore to use SAP2 and SAP service to verify Image.
4. Update DxeCore ConnectController() to use SAP2 service to check user permission. 

Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Guo Dong <dong.guo@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13660 6f19259b-4bc3-4df7-8a09-765794883524
2012-08-22 02:32:12 +00:00
lgao4 c2cb08df47 Add Perf log for SMM driver Load and Start Image.
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Siddharth Shah <Siddharth.Shah@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13314 6f19259b-4bc3-4df7-8a09-765794883524
2012-05-16 00:55:04 +00:00
erictian db0f0d3c79 Remove CONST modifier to be spec compliance
Signed-off-by: erictian
Reviewed-by: lgao4

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12194 6f19259b-4bc3-4df7-8a09-765794883524
2011-08-24 09:38:10 +00:00
rsun3 495797c557 1. Add two performance measurement points for SMM performance measurement;
2. Introduce SmmCorePlatformHookLib library class defining two platform hook points. Update PI Smm Core to call the hook points before and after invoking registered SMI handlers. A NULL instance of this library class is implemented.

Note that after this check in, DSC files consuming the PiSmmCore.inf need to be updated to add a library instance for SmmCorePlatformHookLib library class.


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12140 6f19259b-4bc3-4df7-8a09-765794883524
2011-08-16 02:58:20 +00:00
hhtian cd5ebaa06d Update the copyright notice format
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10420 6f19259b-4bc3-4df7-8a09-765794883524
2010-04-24 09:49:11 +00:00
jchen20 3c447c2760 Enable "Load Module At fixed Address" feature in SMM Core
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10166 6f19259b-4bc3-4df7-8a09-765794883524
2010-03-03 05:45:50 +00:00
mdkinney e42e94041f Add PI SMM IPL and PI SMM Core
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10094 6f19259b-4bc3-4df7-8a09-765794883524
2010-02-25 23:41:19 +00:00