On 10/19/18 03:50, Jian J Wang wrote: > UAF (Use-After-Free) memory detection is new feature introduced to > detect illegal access to memory which has been freed. The principle > behind is similar to heap guard feature, that is we'll turn all pool > memory allocation to page allocation and mark them to be not-present > once they are freed. > > This also implies that, once a page is allocated and freed, it cannot > be re-allocated. This will bring another issue, which is that there's > risk that memory space will be used out. To address it, this patch > series add logic put part (at most 64 pages a time) of freed pages > back into page pool, so that the memory service can still have memory > to allocate, when all memory space have been allocated once. This is > called memory promotion. The promoted pages are always from the eldest > pages freed. > > To use this feature, one can simply set following PCD to 1 > gEfiMdeModulePkgTokenSpaceGuid.PcdUseAfterFreeDetectionPropertyMask > > Please note this feature cannot be used with heap guard feature controlled > by PCD gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask. > > Cc: Star Zeng <[email protected]> > Cc: Michael D Kinney <[email protected]> > Cc: Jiewen Yao <[email protected]> > Cc: Ruiyu Ni <[email protected]> > Cc: Laszlo Ersek <[email protected]> > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Jian J Wang <[email protected]> > --- > MdeModulePkg/MdeModulePkg.dec | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec > index 6037504fa7..83736cd761 100644 > --- a/MdeModulePkg/MdeModulePkg.dec > +++ b/MdeModulePkg/MdeModulePkg.dec > @@ -1029,6 +1029,12 @@ > # @Prompt Enable UEFI Stack Guard. > gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|FALSE|BOOLEAN|0x30001055 > > + ## This mask is to control Use-After-Free Memory Detection behavior. > + # BIT0 - Enable Use-After-Free memory detection for UEFI modules.<BR> > + # BIT1..7 - Reserved for future uses.<BR> > + # @Prompt The Use-After-Free Memory Detection feature mask > + > gEfiMdeModulePkgTokenSpaceGuid.PcdUseAfterFreeDetectionPropertyMask|0x0|UINT8|0x30001056 > + > [PcdsFixedAtBuild, PcdsPatchableInModule] > ## Dynamic type PCD can be registered callback function for Pcd setting > action. > # PcdMaxPeiPcdCallBackNumberPerPcdEntry indicates the maximum number of > callback function >
The default value looks fine to me; can't comment on the rest. Acked-by: Laszlo Ersek <[email protected]> _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
