MdeModulePkg/BootScriptExecutorDxe: remove NX attr for FfsBuffer
If PcdDxeNxMemoryProtectionPolicy is set to enable protection for memory
of EfiReservedMemoryType, the BIOS will hang at a page fault exception
triggered by BootScriptExecutorDxe.
The root cause is that this driver will allocate memory of
EfiReservedMemoryType and relocate itself into this new memory. Since
EfiReservedMemoryType of memory is marked non-executable, re-start this
driver after relocation will cause exception. The fix is removing the NX
attribute after memory allocation.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
(cherry picked from commit 6a3094c996)
			
			
This commit is contained in:
		| @@ -68,6 +68,7 @@ | |||||||
|   LockBoxLib |   LockBoxLib | ||||||
|   CpuExceptionHandlerLib |   CpuExceptionHandlerLib | ||||||
|   DevicePathLib |   DevicePathLib | ||||||
|  |   DxeServicesTableLib | ||||||
|  |  | ||||||
| [Guids] | [Guids] | ||||||
|   gEfiBootScriptExecutorVariableGuid    ## PRODUCES ## UNDEFINED # SaveLockBox |   gEfiBootScriptExecutorVariableGuid    ## PRODUCES ## UNDEFINED # SaveLockBox | ||||||
|   | |||||||
| @@ -273,6 +273,7 @@ ReadyToLockEventNotify ( | |||||||
|   UINTN                                         Pages; |   UINTN                                         Pages; | ||||||
|   EFI_PHYSICAL_ADDRESS                          FfsBuffer; |   EFI_PHYSICAL_ADDRESS                          FfsBuffer; | ||||||
|   PE_COFF_LOADER_IMAGE_CONTEXT                  ImageContext; |   PE_COFF_LOADER_IMAGE_CONTEXT                  ImageContext; | ||||||
|  |   EFI_GCD_MEMORY_SPACE_DESCRIPTOR               MemDesc; | ||||||
|  |  | ||||||
|   Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface); |   Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface); | ||||||
|   if (EFI_ERROR (Status)) { |   if (EFI_ERROR (Status)) { | ||||||
| @@ -322,6 +323,19 @@ ReadyToLockEventNotify ( | |||||||
|                   &FfsBuffer |                   &FfsBuffer | ||||||
|                   ); |                   ); | ||||||
|   ASSERT_EFI_ERROR (Status); |   ASSERT_EFI_ERROR (Status); | ||||||
|  |  | ||||||
|  |   // | ||||||
|  |   // Make sure that the buffer can be used to store code. | ||||||
|  |   // | ||||||
|  |   Status = gDS->GetMemorySpaceDescriptor (FfsBuffer, &MemDesc); | ||||||
|  |   if (!EFI_ERROR (Status) && (MemDesc.Attributes & EFI_MEMORY_XP) != 0) { | ||||||
|  |     gDS->SetMemorySpaceAttributes ( | ||||||
|  |            FfsBuffer, | ||||||
|  |            EFI_PAGES_TO_SIZE (Pages), | ||||||
|  |            MemDesc.Attributes & (~EFI_MEMORY_XP) | ||||||
|  |            ); | ||||||
|  |   } | ||||||
|  |  | ||||||
|   ImageContext.ImageAddress = (PHYSICAL_ADDRESS)(UINTN)FfsBuffer; |   ImageContext.ImageAddress = (PHYSICAL_ADDRESS)(UINTN)FfsBuffer; | ||||||
|   // |   // | ||||||
|   // Align buffer on section boundary |   // Align buffer on section boundary | ||||||
|   | |||||||
| @@ -38,6 +38,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. | |||||||
| #include <Library/LockBoxLib.h> | #include <Library/LockBoxLib.h> | ||||||
| #include <Library/CpuExceptionHandlerLib.h> | #include <Library/CpuExceptionHandlerLib.h> | ||||||
| #include <Library/DevicePathLib.h> | #include <Library/DevicePathLib.h> | ||||||
|  | #include <Library/DxeServicesTableLib.h> | ||||||
|  |  | ||||||
| #include <Guid/AcpiS3Context.h> | #include <Guid/AcpiS3Context.h> | ||||||
| #include <Guid/BootScriptExecutorVariable.h> | #include <Guid/BootScriptExecutorVariable.h> | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user