Re: [edk2] [PATCH v2 0/2] Resolve feature conflict between NX and Stack guard

Tue, 06 Mar 2018 19:17:30 -0800 

On 3/6/2018 9:33 PM, Hao Wu wrote:

V2 changes:

A. Use Hoblib APIs to get the base of stack from Hob.
B. Remove unnecessary local variable used in function
    InitializeDxeNxMemoryProtectionPolicy().

V1 history:

If enabled, NX memory protection feature will mark some types of active
memory as NX (non-executable), which includes the first page of the stack.
This will overwrite the attributes of the first page of the stack if the
stack guard feature is also enabled.

The series will override the attributes setting to the first page of the
stack by adding back the 'EFI_MEMORY_RP' attribute when the stack guard
feature is enabled.

Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Star Zeng <star.z...@intel.com>
Cc: Eric Dong <eric.d...@intel.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Ruiyu Ni <ruiyu...@intel.com>

Hao Wu (2):
   MdeModulePkg/Core: Refine handling NULL detection in NX setting
   MdeModulePkg/Core: Fix feature conflict between NX and Stack guard

  MdeModulePkg/Core/Dxe/DxeMain.inf             |  4 +-
  MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 74 +++++++++++++++++++++++----
  2 files changed, 67 insertions(+), 11 deletions(-)



      if (MemoryMapEntry->PhysicalStart == 0 &&
          PcdGet8 (PcdNullPointerDetectionPropertyMask) != 0) {

        ASSERT (MemoryMapEntry->NumberOfPages > 0);
        //
// Add EFI_MEMORY_RP attribute for page 0 if NULL pointer detection is 
        // enabled.
        //
[Ray] 1. I prefer to move the above comments before the "if (...)".

        SetUefiImageMemoryAttributes (
          0,
          EFI_PAGES_TO_SIZE (1),
          EFI_MEMORY_RP | Attributes);
      }

      if (StackBase != 0 &&
          (StackBase >= MemoryMapEntry->PhysicalStart &&
           StackBase <  MemoryMapEntry->PhysicalStart +
LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT)) && 
          PcdGetBool (PcdCpuStackGuard)) {

        //
// Add EFI_MEMORY_RP attribute for the first page of the stack if stack 
        // guard is enabled.
        //
        SetUefiImageMemoryAttributes (
          StackBase,
          EFI_PAGES_TO_SIZE (1),
          EFI_MEMORY_RP | Attributes);
[Ray] 2. The StackBase is directly used here. So do we need to check
whether it's page aligned? Do we need to check whether the range
[StackBase, StackBase + 4KB) is inside the MemoryMapEntry?
      }

--
Thanks,
Ray
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to