tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/MdeModulePkg/Core/Dxe/Misc
History
Jian J Wang 0adc6eae94 MdeModulePkg/Core: fix ineffective guard page issue 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1295

This issue originates from following patch which allows to enable
paging if PcdImageProtectionPolicy and PcdDxeNxMemoryProtectionPolicy
(in addition to PcdSetNxForStack) are set to enable related features.

  5267926134

Due to above change, PcdImageProtectionPolicy will be set to 0 by
default in many platforms, which, in turn, cause following code in
MdeModulePkg\Core\Dxe\Misc\MemoryProtection.c fail the creation of
notify event of CpuArchProtocol.

1138:  if (mImageProtectionPolicy != 0 ||
           PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0) {
1139:  Status = CoreCreateEvent (
...
1142:             MemoryProtectionCpuArchProtocolNotify,
...
1145:             );

Then following call flow won't be done and Guard pages will not be
set as not-present in SetAllGuardPages() eventually.

   MemoryProtectionCpuArchProtocolNotify()
=> HeapGuardCpuArchProtocolNotify()
=> SetAllGuardPages()

The solution is removing the if(...) statement so that the notify
event will always be created and registered. This won't cause
unnecessary code execution because, in the notify event handler,
the related PCDs like

    PcdImageProtectionPolicy and
    PcdDxeNxMemoryProtectionPolicy

will be checked again before doing related jobs.

Cc: Star Zeng <star.zeng@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
 		2018-11-07 23:08:27 +08:00
..
DebugImageInfo.c MdeModulePkg: Clean up source files 2018-06-28 11:19:45 +08:00
InstallConfigurationTable.c MdeModulePkg: Fix use-after-free error in InstallConfigurationTable() 2017-06-20 16:55:10 +08:00
MemoryAttributesTable.c MdeModulePkg/DxeCore: Install UEFI mem attrib table at EndOfDxe. 2018-07-26 22:51:23 +08:00
MemoryProtection.c MdeModulePkg/Core: fix ineffective guard page issue 2018-11-07 23:08:27 +08:00
PropertiesTable.c MdeModulePkg/Core: add freed-memory guard feature 2018-10-26 10:30:35 +08:00
SetWatchdogTimer.c Update the copyright notice format 2010-04-24 09:49:11 +00:00
Stall.c MdeModulePkg: Clean up source files 2018-06-28 11:19:45 +08:00