UefiCpuPkg/PiSmmCpu: Add SMM Comm Buffer Paging Protection.

This patch sets the normal OS buffer EfiLoaderCode/Data,
EfiBootServicesCode/Data, EfiConventionalMemory, EfiACPIReclaimMemory
to be not present after SmmReadyToLock.

To access these region in OS runtime phase is not a good solution.

Previously, we did similar check in SmmMemLib to help SMI handler
do the check. But if SMI handler forgets the check, it can still
access these OS region and bring risk.

So here we enforce the policy to prevent it happening.

Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
This commit is contained in:
Jiewen Yao
2016-11-24 13:36:56 +08:00
parent 09119a00cc
commit d2fc771113
5 changed files with 324 additions and 12 deletions

View File

@@ -503,6 +503,11 @@ SmmReadyToLockEventNotify (
{
GetAcpiCpuData ();
//
// Cache a copy of UEFI memory map before we start profiling feature.
//
GetUefiMemoryMap ();
//
// Set SMM ready to lock flag and return
//
@@ -1153,17 +1158,6 @@ ConfigSmmCodeAccessCheck (
}
}
/**
Set code region to be read only and data region to be execute disable.
**/
VOID
SetRegionAttributes (
VOID
)
{
SetMemMapAttributes ();
}
/**
This API provides a way to allocate memory for page table.
@@ -1320,7 +1314,12 @@ PerformRemainingTasks (
//
// Mark critical region to be read-only in page table
//
SetRegionAttributes ();
SetMemMapAttributes ();
//
// For outside SMRAM, we only map SMM communication buffer or MMIO.
//
SetUefiMemMapAttributes ();
//
// Set page table itself to be read-only