sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
717fb60443fbaedfab9a37fd186361b3b9e1ecfe
system76-edk2/UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.h
Jiewen Yao 717fb60443 UefiCpuPkg/PiSmmCpuDxeSmm: Add paging protection. 
PiSmmCpuDxeSmm consumes SmmAttributesTable and setup page table:
1) Code region is marked as read-only and Data region is non-executable,
if the PE image is 4K aligned.
2) Important data structure is set to RO, such as GDT/IDT.
3) SmmSaveState is set to non-executable,
and SmmEntrypoint is set to read-only.
4) If static page is supported, page table is read-only.

We use page table to protect other components, and itself.

If we use dynamic paging, we can still provide *partial* protection.
And hope page table is not modified by other components.

The XD enabling code is moved to SmiEntry to let NX take effect.

Cc: Jeff Fan <jeff.fan@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
2016-11-17 16:30:07 +08:00

118 lines
2.2 KiB
C
Raw Blame History

/** @file
SMM profile header file.
Copyright (c) 2012 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _SMM_PROFILE_H_
#define _SMM_PROFILE_H_
#include "SmmProfileInternal.h"
//
// External functions
//
/**
Initialize processor environment for SMM profile.
@param CpuIndex The index of the processor.
**/
VOID
ActivateSmmProfile (
IN UINTN CpuIndex
);
/**
Initialize SMM profile in SMM CPU entry point.
@param[in] Cr3 The base address of the page tables to use in SMM.
**/
VOID
InitSmmProfile (
UINT32 Cr3
);
/**
Increase SMI number in each SMI entry.
**/
VOID
SmmProfileRecordSmiNum (
VOID
);
/**
The Page fault handler to save SMM profile data.
@param Rip The RIP when exception happens.
@param ErrorCode The Error code of exception.
**/
VOID
SmmProfilePFHandler (
UINTN Rip,
UINTN ErrorCode
);
/**
Updates page table to make some memory ranges (like system memory) absent
and make some memory ranges (like MMIO) present and execute disable. It also
update 2MB-page to 4KB-page for some memory ranges.
**/
VOID
SmmProfileStart (
VOID
);
/**
Page fault IDT handler for SMM Profile.
**/
VOID
EFIAPI
PageFaultIdtHandlerSmmProfile (
VOID
);
/**
Check if XD feature is supported by a processor.
**/
VOID
CheckFeatureSupported (
VOID
);
/**
Update page table according to protected memory ranges and the 4KB-page mapped memory ranges.
**/
VOID
InitPaging (
VOID
);
//
// The flag indicates if execute-disable is supported by processor.
//
extern BOOLEAN mXdSupported;
//
// The flag indicates if execute-disable is enabled on processor.
//
extern BOOLEAN mXdEnabled;
#endif // _SMM_PROFILE_H_
Reference in New Issue View Git Blame Copy Permalink