diff options
| author | Jian J Wang <jian.j.wang@intel.com> | 2018-03-14 16:28:34 +0800 |
|---|---|---|
| committer | Star Zeng <star.zeng@intel.com> | 2018-03-16 15:01:11 +0800 |
| commit | 7fef06af4ec100f3f8856e3fa08ef067a9fd40d2 (patch) | |
| tree | ed498d5f901a0d102ce035d948c3d0eb15fe47d3 /MdeModulePkg/Core/Dxe/Misc | |
| parent | a24de121cf70bc48555b68d942b94fd10a074387 (diff) | |
| download | edk2-7fef06af4ec100f3f8856e3fa08ef067a9fd40d2.zip edk2-7fef06af4ec100f3f8856e3fa08ef067a9fd40d2.tar.gz edk2-7fef06af4ec100f3f8856e3fa08ef067a9fd40d2.tar.bz2 | |
MdeModulePkg/Core: allow HeapGuard even before CpuArchProtocol installed
Due to the fact that HeapGuard needs CpuArchProtocol to update page
attributes, the feature is normally enabled after CpuArchProtocol is
installed. Since there're some drivers are loaded before CpuArchProtocl,
they cannot make use HeapGuard feature to detect potential issues.
This patch fixes above situation by updating the DXE core to skip the
NULL check against global gCpu in the IsMemoryTypeToGuard(), and adding
NULL check against gCpu in SetGuardPage() and UnsetGuardPage() to make
sure that they can be called but do nothing. This will allow HeapGuard to
record all guarded memory without setting the related Guard pages to not-
present.
Once the CpuArchProtocol is installed, a protocol notify will be called
to complete the work of setting Guard pages to not-present.
Please note that above changes will cause a #PF in GCD code during cleanup
of map entries, which is initiated by CpuDxe driver to update real mtrr
and paging attributes back to GCD. During that time, CpuDxe doesn't allow
GCD to update memory attributes and then any Guard page cannot be unset.
As a result, this will prevent Guarded memory from freeing during memory
map cleanup.
The solution is to avoid allocating guarded memory as memory map entries
in GCD code. It's done by setting global mOnGuarding to TRUE before memory
allocation and setting it back to FALSE afterwards in GCD function
CoreAllocateGcdMapEntry().
Cc: Star Zeng <star.zeng@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Diffstat (limited to 'MdeModulePkg/Core/Dxe/Misc')
| -rw-r--r-- | MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c index 407aece..2f7e490 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -1001,6 +1001,11 @@ MemoryProtectionCpuArchProtocolNotify ( InitializeDxeNxMemoryProtectionPolicy ();
}
+ //
+ // Call notify function meant for Heap Guard.
+ //
+ HeapGuardCpuArchProtocolNotify ();
+
if (mImageProtectionPolicy == 0) {
return;
}
|