In UnsetGuardPage(), before SmmReadyToLock, remove NX and RO
memory attribute protection for guarded page since
EfiConventionalMemory in SMRAM is RW and executable before
SmmReadyToLock. If UnsetGuardPage() happens after SmmReadyToLock,
then apply EFI_MEMORY_XP to the guarded page to make sure
EfiConventionalMemory in SMRAM is NX since EfiConventionalMemory
in SMRAM is marked as NX in PiSmmCpuDxe driver when SmmReadyToLock.
Signed-off-by: Dun Tan <dun....@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Cc: Ray Ni <ray...@intel.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org>
---
MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
index 8f3bab6fee..25310122ca 100644
--- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
+++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
@@ -553,9 +553,23 @@ UnsetGuardPage (
mSmmMemoryAttribute,
BaseAddress,
EFI_PAGE_SIZE,
- EFI_MEMORY_RP
+
EFI_MEMORY_RP|EFI_MEMORY_RO|EFI_MEMORY_XP
);
ASSERT_EFI_ERROR (Status);
+
+ if (gST == NULL) {
+ //
+ // Make sure EfiConventionalMemory is NX after SmmReadyToLock
+ //
+ Status = mSmmMemoryAttribute->SetMemoryAttributes (
+ mSmmMemoryAttribute,
+ BaseAddress,
+ EFI_PAGE_SIZE,
+ EFI_MEMORY_XP
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
+
mOnGuarding = FALSE;
}
}
--
2.31.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105970): https://edk2.groups.io/g/devel/message/105970
Mute This Topic: https://groups.io/mt/99424820/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
