sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
system76-edk2/MdeModulePkg/Core/Dxe/DxeMain.inf
Ard Biesheuvel 7eb927db3e MdeModulePkg/DxeCore: implement memory protection policy 
This implements a DXE memory protection policy that ensures that regions
that don't require executable permissions are mapped with the non-exec
attribute set.

First of all, it iterates over all entries in the UEFI memory map, and
removes executable permissions according to the configured DXE memory
protection policy, as recorded in PcdDxeNxMemoryProtectionPolicy.

Secondly, it sets or clears the non-executable attribute when allocating
or freeing pages, both for page based or pool based allocations.

Note that this complements the image protection facility, which applies
strict permissions to BootServicesCode/RuntimeServicesCode regions when
the section alignment allows it. The memory protection configured by this
patch operates on non-code regions only.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2017-02-28 15:01:10 +00:00

209 lines
8.0 KiB
INI
Raw Blame History

## @file
# This is core module in DXE phase.
#
# It provides an implementation of DXE Core that is compliant with DXE CIS.
#
# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = DxeCore
MODULE_UNI_FILE = DxeCore.uni
FILE_GUID = D6A2CB7F-6A18-4e2f-B43B-9920A733700A
MODULE_TYPE = DXE_CORE
VERSION_STRING = 1.0
ENTRY_POINT = DxeMain
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC (EBC is for build only)
#
[Sources]
DxeMain.h
SectionExtraction/CoreSectionExtraction.c
Image/Image.c
Image/Image.h
Misc/DebugImageInfo.c
Misc/Stall.c
Misc/SetWatchdogTimer.c
Misc/InstallConfigurationTable.c
Misc/PropertiesTable.c
Misc/MemoryAttributesTable.c
Misc/MemoryProtection.c
Library/Library.c
Hand/DriverSupport.c
Hand/Notify.c
Hand/Locate.c
Hand/Handle.c
Hand/Handle.h
Gcd/Gcd.c
Gcd/Gcd.h
Mem/Pool.c
Mem/Page.c
Mem/MemData.c
Mem/Imem.h
Mem/MemoryProfileRecord.c
FwVolBlock/FwVolBlock.c
FwVolBlock/FwVolBlock.h
FwVol/FwVolWrite.c
FwVol/FwVolRead.c
FwVol/FwVolAttrib.c
FwVol/Ffs.c
FwVol/FwVol.c
FwVol/FwVolDriver.h
Event/Tpl.c
Event/Timer.c
Event/Event.c
Event/Event.h
Dispatcher/Dependency.c
Dispatcher/Dispatcher.c
DxeMain/DxeProtocolNotify.c
DxeMain/DxeMain.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
[LibraryClasses]
BaseMemoryLib
CacheMaintenanceLib
UefiDecompressLib
PerformanceLib
HobLib
BaseLib
UefiLib
DebugLib
DxeCoreEntryPoint
PeCoffLib
PeCoffGetEntryPointLib
PeCoffExtraActionLib
ExtractGuidedSectionLib
MemoryAllocationLib
UefiBootServicesTableLib
DevicePathLib
ReportStatusCodeLib
TimerLib
DxeServicesLib
DebugAgentLib
CpuExceptionHandlerLib
PcdLib
[Guids]
gEfiEventMemoryMapChangeGuid ## PRODUCES ## Event
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
## CONSUMES ## Event
## PRODUCES ## Event
gEfiEventExitBootServicesGuid
gEfiHobMemoryAllocModuleGuid ## CONSUMES ## HOB
gEfiFirmwareFileSystem2Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
gEfiFirmwareFileSystem3Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
gAprioriGuid ## SOMETIMES_CONSUMES ## File
gEfiDebugImageInfoTableGuid ## PRODUCES ## SystemTable
gEfiHobListGuid ## PRODUCES ## SystemTable
gEfiDxeServicesTableGuid ## PRODUCES ## SystemTable
## PRODUCES ## SystemTable
## SOMETIMES_CONSUMES ## HOB
gEfiMemoryTypeInformationGuid
gEfiEventDxeDispatchGuid ## PRODUCES ## Event
gLoadFixedAddressConfigurationTableGuid ## SOMETIMES_PRODUCES ## SystemTable
## PRODUCES ## Event
## CONSUMES ## Event
gIdleLoopEventGuid
gEventExitBootServicesFailedGuid ## SOMETIMES_PRODUCES ## Event
gEfiVectorHandoffTableGuid ## SOMETIMES_PRODUCES ## SystemTable
gEdkiiMemoryProfileGuid ## SOMETIMES_PRODUCES ## GUID # Install protocol
gEfiPropertiesTableGuid ## SOMETIMES_PRODUCES ## SystemTable
gEfiMemoryAttributesTableGuid ## SOMETIMES_PRODUCES ## SystemTable
gEfiEndOfDxeEventGroupGuid ## SOMETIMES_CONSUMES ## Event
[Ppis]
gEfiVectorHandoffInfoPpiGuid ## UNDEFINED # HOB
[Protocols]
## PRODUCES
## SOMETIMES_CONSUMES
gEfiDecompressProtocolGuid
gEfiLoadPeImageProtocolGuid ## SOMETIMES_PRODUCES # Produces when PcdFrameworkCompatibilitySupport is set
gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
gEfiLoadFileProtocolGuid ## SOMETIMES_CONSUMES
gEfiLoadFile2ProtocolGuid ## SOMETIMES_CONSUMES
gEfiBusSpecificDriverOverrideProtocolGuid ## SOMETIMES_CONSUMES
gEfiDriverFamilyOverrideProtocolGuid ## SOMETIMES_CONSUMES
gEfiPlatformDriverOverrideProtocolGuid ## SOMETIMES_CONSUMES
gEfiDriverBindingProtocolGuid ## SOMETIMES_CONSUMES
## PRODUCES
## CONSUMES
## NOTIFY
gEfiFirmwareVolumeBlockProtocolGuid
## PRODUCES
## CONSUMES
## NOTIFY
gEfiFirmwareVolume2ProtocolGuid
## PRODUCES
## CONSUMES
gEfiDevicePathProtocolGuid
gEfiLoadedImageProtocolGuid ## PRODUCES
gEfiLoadedImageDevicePathProtocolGuid ## PRODUCES
gEfiHiiPackageListProtocolGuid ## SOMETIMES_PRODUCES
gEfiEbcProtocolGuid ## SOMETIMES_CONSUMES
gEfiSmmBase2ProtocolGuid ## SOMETIMES_CONSUMES
gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
# Arch Protocols
gEfiBdsArchProtocolGuid ## CONSUMES
gEfiCpuArchProtocolGuid ## CONSUMES
gEfiMetronomeArchProtocolGuid ## CONSUMES
gEfiMonotonicCounterArchProtocolGuid ## CONSUMES
gEfiRealTimeClockArchProtocolGuid ## CONSUMES
gEfiResetArchProtocolGuid ## CONSUMES
gEfiRuntimeArchProtocolGuid ## CONSUMES
gEfiSecurityArchProtocolGuid ## CONSUMES
gEfiSecurity2ArchProtocolGuid ## SOMETIMES_CONSUMES
gEfiTimerArchProtocolGuid ## CONSUMES
gEfiVariableWriteArchProtocolGuid ## CONSUMES
gEfiVariableArchProtocolGuid ## CONSUMES
gEfiCapsuleArchProtocolGuid ## CONSUMES
gEfiWatchdogTimerArchProtocolGuid ## CONSUMES
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFrameworkCompatibilitySupport ## CONSUMES
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdLoadFixAddressBootTimeCodePageNumber ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdLoadFixAddressRuntimeCodePageNumber ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdLoadModuleAtFixAddressEnable ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxEfiSystemTablePointerAddress ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileMemoryType ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## CONSUMES
# [Hob]
# RESOURCE_DESCRIPTOR ## CONSUMES
# MEMORY_ALLOCATION ## CONSUMES
# FIRMWARE_VOLUME ## CONSUMES
# UNDEFINED ## CONSUMES # CPU
#
# [Event]
# EVENT_TYPE_RELATIVE_TIMER ## PRODUCES # DxeCore signals timer event.
# EVENT_TYPE_PERIODIC_TIMER ## PRODUCES # DxeCore signals timer event.
#
[UserExtensions.TianoCore."ExtraFiles"]
DxeCoreExtra.uni
Reference in New Issue View Git Blame Copy Permalink