From patchwork Sun Feb 26 18:30:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 94532 Delivered-To: patch@linaro.org Received: by 10.140.20.113 with SMTP id 104csp566268qgi; Sun, 26 Feb 2017 10:30:43 -0800 (PST) X-Received: by 10.99.177.6 with SMTP id r6mr16291206pgf.61.1488133843292; Sun, 26 Feb 2017 10:30:43 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id z21si13096995pgh.174.2017.02.26.10.30.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 26 Feb 2017 10:30:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id D7AED82133; Sun, 26 Feb 2017 10:30:42 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 0CF5182132 for ; Sun, 26 Feb 2017 10:30:42 -0800 (PST) Received: by mail-wm0-x229.google.com with SMTP id v186so47151825wmd.0 for ; Sun, 26 Feb 2017 10:30:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=qcOZNdDBcj/rOLhRgmRqZqBwBXFU6G60YZ6vkge9ZP4=; b=HljKC1XgR1uGdf6KrJP68JBxrUjp94s22lE+7Bxd53TeCQWGB8Ouk2o8J+Go5wv4hm B9jpbOfshEceTZEslI9VOMEMPDhlE7JPhSpGIoZBgl0EfPmicq8mBTE0zwNB8a25SAgI QdJEbsItOic/6wAlfqAqiEvySz0Ql42Dp9UTk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=qcOZNdDBcj/rOLhRgmRqZqBwBXFU6G60YZ6vkge9ZP4=; b=LdQoSvwbcJpRWNdprPH/FFlBzwaff9WG0R2g1XHTJZD7qlkvcD6xzM9f5feQ9Nmhny rJRb+Y5XbyVn7koLNcBjf1p3YGn5AHXikqxOZQLrqqxmR8isemRvZenLrkkFUFrnXz1J 7MqkpQRoL7HSNixH7hyp+DIA7bUxOYr0lVH5PiMnQboddvplXKagOw9j+Gy6YLcmICg/ zVA1QWZPQuYlmphXIVaU/BQG0a2FBXNoLHgV13y2bcqAnKAdxYcYemz3LyiPRr0vq4bs Z0nzG9AqS/XkTauwO8c19s1zEu8CAkHIiMxG9UY4AkKMKCjV5L79Ycmw/17GL3o4RdBn JYXA== X-Gm-Message-State: AMke39mESlaQyejKMJMs3M4xswsKLYzXvGnPXNy2kSpx6kLauI3OT84dr4p7vSrjA0Fu777C X-Received: by 10.28.46.74 with SMTP id u71mr10104548wmu.136.1488133840528; Sun, 26 Feb 2017 10:30:40 -0800 (PST) Received: from localhost.localdomain ([105.149.201.216]) by smtp.gmail.com with ESMTPSA id s103sm4499474wrc.6.2017.02.26.10.30.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 26 Feb 2017 10:30:39 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, jiewen.yao@intel.com, leif.lindholm@linaro.org Date: Sun, 26 Feb 2017 18:30:02 +0000 Message-Id: <1488133805-4773-4-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1488133805-4773-1-git-send-email-ard.biesheuvel@linaro.org> References: <1488133805-4773-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH v3 3/6] MdeModulePkg/EbcDxe: use EfiBootServicesCode memory for thunks X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: feng.tian@intel.com, Ard Biesheuvel , afish@apple.com, liming.gao@Intel.com, michael.d.kinney@intel.com, lersek@redhat.com, star.zeng@intel.com MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" The EBC driver emits thunks for native to EBC calls, which are short instructions sequences that bridge the gap between the native execution environment and the EBC virtual machine. Since these thunks are allocated using MemoryAllocationLib::AllocatePool(), they are emitted into EfiBootServicesData regions, which does not reflect the nature of these thunks accurately, and interferes with strict memory protection policies that map data regions non-executable. So instead, create a new helper EbcAllocatePoolForThunk() that invokes the AllocatePool() boot services directly to allocate EfiBootServicesCode pool memory explicitly, and wire up this helper for the various architecture specific thunk generation routines. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c | 2 +- MdeModulePkg/Universal/EbcDxe/EbcInt.c | 23 ++++++++++++++++++++ MdeModulePkg/Universal/EbcDxe/EbcInt.h | 14 ++++++++++++ MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c | 2 +- MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c | 2 +- MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c | 2 +- 6 files changed, 41 insertions(+), 4 deletions(-) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c index ade47c4d0622..7c13ce12a38b 100644 --- a/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c +++ b/MdeModulePkg/Universal/EbcDxe/AArch64/EbcSupport.c @@ -383,7 +383,7 @@ EbcCreateThunks ( return EFI_INVALID_PARAMETER; } - InstructionBuffer = AllocatePool (sizeof (EBC_INSTRUCTION_BUFFER)); + InstructionBuffer = EbcAllocatePoolForThunk (sizeof (EBC_INSTRUCTION_BUFFER)); if (InstructionBuffer == NULL) { return EFI_OUT_OF_RESOURCES; } diff --git a/MdeModulePkg/Universal/EbcDxe/EbcInt.c b/MdeModulePkg/Universal/EbcDxe/EbcInt.c index 6fd2aaf5af27..727ba8bcae44 100644 --- a/MdeModulePkg/Universal/EbcDxe/EbcInt.c +++ b/MdeModulePkg/Universal/EbcDxe/EbcInt.c @@ -1410,3 +1410,26 @@ EbcVmTestUnsupported ( return EFI_UNSUPPORTED; } +/** + Allocates a buffer of type EfiBootServicesCode. + + @param AllocationSize The number of bytes to allocate. + + @return A pointer to the allocated buffer or NULL if allocation fails. + +**/ +VOID * +EFIAPI +EbcAllocatePoolForThunk ( + IN UINTN AllocationSize + ) +{ + VOID *Buffer; + EFI_STATUS Status; + + Status = gBS->AllocatePool (EfiBootServicesCode, AllocationSize, &Buffer); + if (EFI_ERROR (Status)) { + return NULL; + } + return Buffer; +} diff --git a/MdeModulePkg/Universal/EbcDxe/EbcInt.h b/MdeModulePkg/Universal/EbcDxe/EbcInt.h index 75017a23e75e..8aa7a4abbd63 100644 --- a/MdeModulePkg/Universal/EbcDxe/EbcInt.h +++ b/MdeModulePkg/Universal/EbcDxe/EbcInt.h @@ -246,4 +246,18 @@ typedef struct { CR(a, EBC_PROTOCOL_PRIVATE_DATA, EbcProtocol, EBC_PROTOCOL_PRIVATE_DATA_SIGNATURE) +/** + Allocates a buffer of type EfiBootServicesCode. + + @param AllocationSize The number of bytes to allocate. + + @return A pointer to the allocated buffer or NULL if allocation fails. + +**/ +VOID * +EFIAPI +EbcAllocatePoolForThunk ( + IN UINTN AllocationSize + ); + #endif // #ifndef _EBC_INT_H_ diff --git a/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c index 8e660b93ad64..a825846f89c3 100644 --- a/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c +++ b/MdeModulePkg/Universal/EbcDxe/Ia32/EbcSupport.c @@ -484,7 +484,7 @@ EbcCreateThunks ( ThunkSize = sizeof(mInstructionBufferTemplate); - Ptr = AllocatePool (sizeof(mInstructionBufferTemplate)); + Ptr = EbcAllocatePoolForThunk (sizeof(mInstructionBufferTemplate)); if (Ptr == NULL) { return EFI_OUT_OF_RESOURCES; diff --git a/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c index 95837cb67865..f99348f181a9 100644 --- a/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c +++ b/MdeModulePkg/Universal/EbcDxe/Ipf/EbcSupport.c @@ -403,7 +403,7 @@ EbcCreateThunks ( // Size = EBC_THUNK_SIZE + EBC_THUNK_ALIGNMENT - 1; ThunkSize = Size; - Ptr = AllocatePool (Size); + Ptr = EbcAllocatePoolForThunk (Size); if (Ptr == NULL) { return EFI_OUT_OF_RESOURCES; diff --git a/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c b/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c index 4325e2e52710..33a174917b69 100644 --- a/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c +++ b/MdeModulePkg/Universal/EbcDxe/X64/EbcSupport.c @@ -441,7 +441,7 @@ EbcCreateThunks ( ThunkSize = sizeof(mInstructionBufferTemplate); - Ptr = AllocatePool (sizeof(mInstructionBufferTemplate)); + Ptr = EbcAllocatePoolForThunk (sizeof(mInstructionBufferTemplate)); if (Ptr == NULL) { return EFI_OUT_OF_RESOURCES;