diff mbox series

[edk2,v4,2/7] MdeModulePkg/PeiCore: allocate BootServicesCode memory for PE/COFF images

Message ID 1488206291-25768-3-git-send-email-ard.biesheuvel@linaro.org
State Accepted
Commit a0ffd7a9ee575615ad5fd0777825b5362a16b49f
Headers show
Series MdeModulePkg/DxeCore: increased memory protection | expand

Commit Message

Ard Biesheuvel Feb. 27, 2017, 2:38 p.m. UTC 
Ensure that any memory allocated for PE/COFF images is identifiable as
a boot services code region, so that we know it requires its executable
permissions to be preserved when we tighten mapping permissions later on.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

---
 MdeModulePkg/Core/Pei/Image/Image.c | 23 ++++++++++++--------
 1 file changed, 14 insertions(+), 9 deletions(-)

-- 
2.7.4

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Comments

Gao, Liming Feb. 28, 2017, 5:42 a.m. UTC | #1 
Reviewed-by: Liming Gao <liming.gao@intel.com>


>-----Original Message-----

>From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]

>Sent: Monday, February 27, 2017 10:38 PM

>To: edk2-devel@lists.01.org; afish@apple.com; leif.lindholm@linaro.org;

>Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming

><liming.gao@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>

>Cc: lersek@redhat.com; Tian, Feng <feng.tian@intel.com>; Zeng, Star

><star.zeng@intel.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>

>Subject: [PATCH v4 2/7] MdeModulePkg/PeiCore: allocate BootServicesCode

>memory for PE/COFF images

>

>Ensure that any memory allocated for PE/COFF images is identifiable as

>a boot services code region, so that we know it requires its executable

>permissions to be preserved when we tighten mapping permissions later on.

>

>Contributed-under: TianoCore Contribution Agreement 1.0

>Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

>Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

>---

> MdeModulePkg/Core/Pei/Image/Image.c | 23 ++++++++++++--------

> 1 file changed, 14 insertions(+), 9 deletions(-)

>

>diff --git a/MdeModulePkg/Core/Pei/Image/Image.c

>b/MdeModulePkg/Core/Pei/Image/Image.c

>index d659de8b3e64..68e40c027e63 100644

>--- a/MdeModulePkg/Core/Pei/Image/Image.c

>+++ b/MdeModulePkg/Core/Pei/Image/Image.c

>@@ -112,11 +112,12 @@ GetImageReadFunction (

>   IN      PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext

>   )

> {

>-  PEI_CORE_INSTANCE  *Private;

>-  VOID*  MemoryBuffer;

>+  PEI_CORE_INSTANCE     *Private;

>+  EFI_PHYSICAL_ADDRESS  MemoryBuffer;

>

>   Private = PEI_CORE_INSTANCE_FROM_PS_THIS

>(GetPeiServicesTablePointer ());

>-

>+  MemoryBuffer = 0;

>+

>   if (Private->PeiMemoryInstalled  && (((Private-

>>HobList.HandoffInformationTable->BootMode != BOOT_ON_S3_RESUME)

>&& PcdGetBool (PcdShadowPeimOnBoot)) ||

>       ((Private->HobList.HandoffInformationTable->BootMode ==

>BOOT_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot))) &&

>       (EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_X64) ||

>EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_IA32))) {

>@@ -125,9 +126,9 @@ GetImageReadFunction (

>     //  compilers that have been tested

>     //

>     if (Private->ShadowedImageRead == NULL) {

>-      MemoryBuffer = AllocatePages (0x400 / EFI_PAGE_SIZE + 1);

>-      ASSERT (MemoryBuffer != NULL);

>-      CopyMem (MemoryBuffer, (CONST VOID *) (UINTN)

>PeiImageReadForShadow, 0x400);

>+      PeiServicesAllocatePages (EfiBootServicesCode, 0x400 / EFI_PAGE_SIZE +

>1, &MemoryBuffer);

>+      ASSERT (MemoryBuffer != 0);

>+      CopyMem ((VOID *)(UINTN)MemoryBuffer, (CONST VOID *) (UINTN)

>PeiImageReadForShadow, 0x400);

>       Private->ShadowedImageRead = (PE_COFF_LOADER_READ_FILE) (UINTN)

>MemoryBuffer;

>     }

>

>@@ -453,12 +454,16 @@ LoadAndRelocatePeCoffImage (

>         //

>         // The PEIM is not assiged valid address, try to allocate page to load it.

>         //

>-        ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)

>AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));

>+        Status = PeiServicesAllocatePages (EfiBootServicesCode,

>+                                           EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),

>+                                           &ImageContext.ImageAddress);

>       }

>     } else {

>-      ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)

>AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));

>+      Status = PeiServicesAllocatePages (EfiBootServicesCode,

>+                                         EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),

>+                                         &ImageContext.ImageAddress);

>     }

>-    if (ImageContext.ImageAddress != 0) {

>+    if (!EFI_ERROR (Status)) {

>       //

>       // Adjust the Image Address to make sure it is section alignment.

>       //

>--

>2.7.4


_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
diff mbox series

Patch

diff --git a/MdeModulePkg/Core/Pei/Image/Image.c b/MdeModulePkg/Core/Pei/Image/Image.c
index d659de8b3e64..68e40c027e63 100644
--- a/MdeModulePkg/Core/Pei/Image/Image.c
+++ b/MdeModulePkg/Core/Pei/Image/Image.c
@@ -112,11 +112,12 @@  GetImageReadFunction (
   IN      PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
   )
 {
-  PEI_CORE_INSTANCE  *Private;
-  VOID*  MemoryBuffer;
+  PEI_CORE_INSTANCE     *Private;
+  EFI_PHYSICAL_ADDRESS  MemoryBuffer;
 
   Private = PEI_CORE_INSTANCE_FROM_PS_THIS (GetPeiServicesTablePointer ());
-  
+  MemoryBuffer = 0;
+
   if (Private->PeiMemoryInstalled  && (((Private->HobList.HandoffInformationTable->BootMode != BOOT_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnBoot)) || 
       ((Private->HobList.HandoffInformationTable->BootMode == BOOT_ON_S3_RESUME) && PcdGetBool (PcdShadowPeimOnS3Boot))) &&
       (EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_X64) || EFI_IMAGE_MACHINE_TYPE_SUPPORTED(EFI_IMAGE_MACHINE_IA32))) {
@@ -125,9 +126,9 @@  GetImageReadFunction (
     //  compilers that have been tested
     //
     if (Private->ShadowedImageRead == NULL) {
-      MemoryBuffer = AllocatePages (0x400 / EFI_PAGE_SIZE + 1);
-      ASSERT (MemoryBuffer != NULL);
-      CopyMem (MemoryBuffer, (CONST VOID *) (UINTN) PeiImageReadForShadow, 0x400);
+      PeiServicesAllocatePages (EfiBootServicesCode, 0x400 / EFI_PAGE_SIZE + 1, &MemoryBuffer);
+      ASSERT (MemoryBuffer != 0);
+      CopyMem ((VOID *)(UINTN)MemoryBuffer, (CONST VOID *) (UINTN) PeiImageReadForShadow, 0x400);
       Private->ShadowedImageRead = (PE_COFF_LOADER_READ_FILE) (UINTN) MemoryBuffer;
     }
 
@@ -453,12 +454,16 @@  LoadAndRelocatePeCoffImage (
         //
         // The PEIM is not assiged valid address, try to allocate page to load it.
         //
-        ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN) AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));
+        Status = PeiServicesAllocatePages (EfiBootServicesCode,
+                                           EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),
+                                           &ImageContext.ImageAddress);
       }
     } else {
-      ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN) AllocatePages (EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize));
+      Status = PeiServicesAllocatePages (EfiBootServicesCode,
+                                         EFI_SIZE_TO_PAGES ((UINT32) AlignImageSize),
+                                         &ImageContext.ImageAddress);
     }
-    if (ImageContext.ImageAddress != 0) {
+    if (!EFI_ERROR (Status)) {
       //
       // Adjust the Image Address to make sure it is section alignment.
       //