From patchwork Fri Feb 24 15:04:58 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 94487 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp728383qgi; Fri, 24 Feb 2017 07:05:20 -0800 (PST) X-Received: by 10.99.8.194 with SMTP id 185mr4099928pgi.76.1487948720437; Fri, 24 Feb 2017 07:05:20 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id n64si233827pfj.43.2017.02.24.07.05.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 24 Feb 2017 07:05:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 30CC28217E; Fri, 24 Feb 2017 07:05:19 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id E873B8217E for ; Fri, 24 Feb 2017 07:05:17 -0800 (PST) Received: by mail-wm0-x231.google.com with SMTP id v77so16586106wmv.0 for ; Fri, 24 Feb 2017 07:05:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=52yooIEdiISiLV9Hy6Kl4VlCrQFT4xMyOMgF/FTqR78=; b=A1iuM5cQ/IdheTE14frlZY6OM7ZODaIo546/mqD1ANnIjVY9WdBGFoOKnDzUiF/5mS TFAWBNh+PR3Z3NAhWaufzihty+GOjhQOE204Aej68cRA5sX6oLAerUEREgN7MOv25ofD jqzu8VBYweAX8OcPqYJMnj8pUXQLxnbNYhoKk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=52yooIEdiISiLV9Hy6Kl4VlCrQFT4xMyOMgF/FTqR78=; b=O0aVgZvMerbzQMy00ABFm2JLAaLmdngKFG3UkZ+1TXHI+ftwrC6jqNLHF4x5oSKbob ZojSGOKNjCXatI+PVV4GLaeByd4NHAKw3Xcy7WlfdDbJw4UG54iQ4hLCHlp9n0RRD2JU IdByti0MVUfyFp3fw8kKqNncaSuMrywYkLLh/x4ZcwhCIWh6U2NUWA69fqHYFReR4eeJ yofVJbZJM3KlGn+RQ/+5Ncq/h/vM5NOLYbsjD+6BNmVSLNdL0Xxpwy3RDr0emCYF0XoE Ho/Tmp7utfUZTHAfMsTyKsQ//dmTevOwImoPHwoj1oNqCuIRwj7N6N/DJYxAAY34Mxa/ 10Fw== X-Gm-Message-State: AMke39nUIpphiF/p0hYapGVerift4lBQHsCteViJpeQd3BDuDKrhFfg8BAv49rDUkBWpnowU X-Received: by 10.28.45.213 with SMTP id t204mr3053192wmt.113.1487948715896; Fri, 24 Feb 2017 07:05:15 -0800 (PST) Received: from localhost.localdomain ([105.149.201.216]) by smtp.gmail.com with ESMTPSA id w207sm2687048wmw.1.2017.02.24.07.05.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 24 Feb 2017 07:05:15 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, afish@apple.com, leif.lindholm@linaro.org, michael.d.kinney@intel.com, liming.gao@intel.com, jiewen.yao@intel.com Date: Fri, 24 Feb 2017 15:04:58 +0000 Message-Id: <1487948699-3179-5-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1487948699-3179-1-git-send-email-ard.biesheuvel@linaro.org> References: <1487948699-3179-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH v2 4/5] MdeModulePkg: define PCD for DXE memory protection policy X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: feng.tian@intel.com, lersek@redhat.com, star.zeng@intel.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Define a new fixed/patchable PCD that sets the DXE memory protection policy: its primary use is to define which memory types should have their executable permissions removed. Combined with the image protection policy, this can be used to implement a strict W^X policy, i.e.. a policy where no regions exist that are both executable and writable at the same time. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- MdeModulePkg/MdeModulePkg.dec | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 426634fbbd4d..ea64cdf3772d 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -1107,6 +1107,22 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047 + ## Set DXE memory protection policy. The policy is bitwise. + # If a bit is set, memory regions of the associated type will be mapped + # non-executable.

+ # BIT0 - EfiLoaderData.
+ # - EfiBootServicesData.
+ # - EfiRuntimeServicesData.
+ # - EfiConventionalMemory.
+ # - EfiUnusableMemory.
+ # - EfiPersistentMemory.
+ # - EfiACPIReclaimMemory.
+ # BIT1 - EfiReservedMemoryType.
+ # BIT2 - EfiACPIMemoryNVS.
+ # @Prompt Set DXE memory protection policy. + # @ValidRange 0x80000002 | 0x00000000 - 0x00000007 + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeMemoryProtectionPolicy|0x0000007|UINT32|0x00001048 + ## PCI Serial Device Info. It is an array of Device, Function, and Power Management # information that describes the path that contains zero or more PCI to PCI briges # followed by a PCI serial device. Each array entry is 4-bytes in length. The