tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/MdeModulePkg
History
Michael Kubacki 9bedaec05b MdeModulePkg/PeiCore: Enable T-RAM evacuation in PeiCore (CVE-2019-11098) 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

Introduces new changes to PeiCore to move the contents of temporary
RAM visible to the PeiCore to permanent memory. This expands on
pre-existing shadowing support in the PeiCore to perform the following
additional actions:

 1. Migrate pointers in PPIs installed in PeiCore to the permanent
    memory copy of PeiCore.

 2. Copy all installed firmware volumes to permanent memory.

 3. Relocate and fix up the PEIMs within the firmware volumes.

 4. Convert all PPIs into the migrated firmware volume to the corresponding
    PPI address in the permanent memory location.

    This applies to PPIs and PEI notifications.

 5. Convert all status code callbacks in the migrated firmware volume to
    the corresponding address in the permanent memory location.

 6. Update the FV HOB to the corresponding firmware volume in permanent
    memory.

 7. Use PcdMigrateTemporaryRamFirmwareVolumes to control if enable the
    feature or not. when disable the PCD, the EvacuateTempRam() will
    never be called.

The function control flow as below:
  PeiCore()
    DumpPpiList()
    EvacuateTempRam()
      ConvertPeiCorePpiPointers()
        ConvertPpiPointersFv()
      MigratePeimsInFv()
        MigratePeim()
          PeiGetPe32Data()
          LoadAndRelocatePeCoffImageInPlace()
      MigrateSecModulesInFv()
      ConvertPpiPointersFv()
      ConvertStatusCodeCallbacks()
      ConvertFvHob()
      RemoveFvHobsInTemporaryMemory()
    DumpPpiList()

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Debkumar De <debkumar.de@intel.com>
Cc: Harry Han <harry.han@intel.com>
Cc: Catharine West <catharine.west@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
 		2020-07-28 01:43:16 +00:00
..
Application MdeModulePkg: Sets the Cursor to selected BootOption. 2020-06-10 03:26:43 +00:00
Bus MdeModulePkg/UfsPassThruDxe: Use BaseLib linked list iteration macros 2020-04-21 02:20:51 +00:00
Core MdeModulePkg/PeiCore: Enable T-RAM evacuation in PeiCore (CVE-2019-11098) 2020-07-28 01:43:16 +00:00
Include MdeModulePkg/VariableSmmRuntimeDxe: switch to MM communicate 2 2020-05-12 19:23:44 +00:00
Library MdeModulePkg/DxeCorePerformanceLib: Switch to UnicodeStrnToAsciiStrS 2020-07-21 14:47:24 +00:00
Logo MdeModulePkg/Logo:Add RISCV64 architecture 2020-05-07 03:17:15 +00:00
Test MdeModulePkg: Add DxeResetSystemLib unit test 2020-02-07 19:18:53 +00:00
Universal MdeModulePkg/DisplayEngine: Add Debug message to show mismatch menu info 2020-07-16 04:26:51 +00:00
MdeModulePkg.ci.yaml MdeModulePkg/RegularExpressionDxe: Make oniguruma a submodule in edk2. 2020-04-13 01:26:12 +00:00
MdeModulePkg.dec MdeModulePkg: Add new PCD to control the evacuate temporary memory feature (CVE-2019-11098) 2020-07-28 01:43:16 +00:00
MdeModulePkg.dsc MdeModulePkg: Use LockBoxNullLib for RISC-V 2020-04-03 17:09:12 +00:00
MdeModulePkg.uni MdeModulePkg: Add new PCD to control the evacuate temporary memory feature (CVE-2019-11098) 2020-07-28 01:43:16 +00:00
MdeModulePkgExtra.uni MdeModulePkg: Replace BSD License with BSD+Patent License 2019-04-09 10:58:08 -07:00