From d8b5a6de31fb57044210ca79992af3e5134b8777 Mon Sep 17 00:00:00 2001 From: Mikhail Krichanov Date: Mon, 2 Sep 2024 12:42:14 +0300 Subject: [PATCH] Core/Dxe: Refactored DisableSMAP(), EnableSMAP() names. --- MdeModulePkg/Core/Dxe/DxeMain.h | 4 +- MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 4 +- .../Core/Dxe/SysCall/AARCH64/InitializeMsr.c | 8 +- .../Core/Dxe/SysCall/ARM/InitializeMsr.c | 11 +- MdeModulePkg/Core/Dxe/SysCall/BootServices.c | 156 +++++++++--------- .../Dxe/SysCall/IA32/CoreBootServices.nasm | 20 +-- .../Core/Dxe/SysCall/SupportedProtocols.c | 52 +++--- .../Dxe/SysCall/X64/CoreBootServices.nasm | 12 +- 8 files changed, 132 insertions(+), 135 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h index 33653cb325..69cae7dcdd 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -2743,13 +2743,13 @@ CallRing3 ( VOID EFIAPI -DisableSMAP ( +AllowSupervisorAccessToUserMemory ( VOID ); VOID EFIAPI -EnableSMAP ( +ForbidSupervisorAccessToUserMemory ( VOID ); diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c index 7a5d96775a..a6bd36b71b 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -762,14 +762,14 @@ CoreExitBootServices ( // Free resources allocated for Ring3. // if (gRing3Data != NULL) { - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if (gRing3Data->SystemTable.ConfigurationTable != NULL) { CoreFreePages ( (EFI_PHYSICAL_ADDRESS)(UINTN)gRing3Data->SystemTable.ConfigurationTable, EFI_SIZE_TO_PAGES (gRing3Data->SystemTable.NumberOfTableEntries * sizeof (EFI_CONFIGURATION_TABLE)) ); } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); CoreFreePages ( (EFI_PHYSICAL_ADDRESS)(UINTN)gRing3Data, diff --git a/MdeModulePkg/Core/Dxe/SysCall/AARCH64/InitializeMsr.c b/MdeModulePkg/Core/Dxe/SysCall/AARCH64/InitializeMsr.c index 21e8bf98dd..f9a8c3c2bd 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/AARCH64/InitializeMsr.c +++ b/MdeModulePkg/Core/Dxe/SysCall/AARCH64/InitializeMsr.c @@ -70,7 +70,7 @@ SysCallBootService ( return Status; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CopyMem ((VOID *)((UINTN)Physical + sizeof (UINTN)), (VOID *)UserRsp, 8 * sizeof (UINTN)); SetUefiImageMemoryAttributes ( @@ -78,7 +78,7 @@ SysCallBootService ( EFI_PAGE_SIZE, EFI_MEMORY_XP ); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = CallBootService ( Type, @@ -180,7 +180,7 @@ InitializeMsr ( VOID EFIAPI -DisableSMAP ( +AllowSupervisorAccessToUserMemory ( VOID ) { @@ -191,7 +191,7 @@ DisableSMAP ( VOID EFIAPI -EnableSMAP ( +ForbidSupervisorAccessToUserMemory ( VOID ) { diff --git a/MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeMsr.c b/MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeMsr.c index 8ab94b67d7..a3ab2a7484 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeMsr.c +++ b/MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeMsr.c @@ -67,7 +67,7 @@ SysCallBootService ( return Status; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); // // First 3 arguments are passed through R1-R3 and copied to SysCall Stack. // @@ -76,7 +76,7 @@ SysCallBootService ( // All remaining arguments are on User Stack. // CopyMem ((VOID *)((UINTN)Physical + 5 * sizeof (UINTN)), (VOID *)UserRsp, 4 * sizeof (UINTN)); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = CallBootService ( Type, @@ -110,12 +110,9 @@ InitializeMsr ( InitializeSysCallHandler (SysCallBootService); } -// -// TODO: Refactoring. -// VOID EFIAPI -DisableSMAP ( +AllowSupervisorAccessToUserMemory ( VOID ) { @@ -126,7 +123,7 @@ DisableSMAP ( VOID EFIAPI -EnableSMAP ( +ForbidSupervisorAccessToUserMemory ( VOID ) { diff --git a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c index e729c3c10f..fabbb41e5f 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c +++ b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c @@ -333,9 +333,9 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument3 + sizeof (VOID *) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = FindGuid ((EFI_GUID *)CoreRbp->Argument1, &CoreProtocol, &MemoryCoreSize); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if (EFI_ERROR (Status)) { return Status; } @@ -346,14 +346,14 @@ CallBootService ( &Interface ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if (Interface != NULL) { Interface = PrepareRing3Interface (CoreProtocol, Interface, MemoryCoreSize); ASSERT (Interface != NULL); *(VOID **)CoreRbp->Argument3 = Interface; } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return Status; @@ -379,17 +379,17 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp + 8 * sizeof (UINTN) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = FindGuid ((EFI_GUID *)CoreRbp->Argument2, &CoreProtocol, &MemoryCoreSize); if (EFI_ERROR (Status)) { - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return Status; } Argument4 = UserRsp->Arguments[4]; Argument5 = UserRsp->Arguments[5]; Argument6 = UserRsp->Arguments[6]; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = gBS->OpenProtocol ( (EFI_HANDLE)CoreRbp->Argument1, @@ -401,13 +401,13 @@ CallBootService ( ); if ((VOID **)CoreRbp->Argument3 != NULL) { - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if (Interface != NULL) { Interface = PrepareRing3Interface (CoreProtocol, Interface, MemoryCoreSize); } *(VOID **)CoreRbp->Argument3 = Interface; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); } return Status; @@ -426,7 +426,7 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + sizeof (VOID **) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CoreHandle = *(EFI_HANDLE *)CoreRbp->Argument1; UserArgList = (VOID **)CoreRbp->Argument2; @@ -440,7 +440,7 @@ CallBootService ( Status = FindGuid ((EFI_GUID *)UserArgList[Index], (EFI_GUID **)&CoreArgList[Index], &MemoryCoreSize); if (EFI_ERROR (Status)) { - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); while (Index > 0) { FreePool (CoreArgList[Index - 1]); @@ -460,7 +460,7 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)&UserArgList[Index + 2] + sizeof (VOID *) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); ASSERT (Index < MAX_LIST); CoreArgList[Index] = NULL; @@ -483,9 +483,9 @@ CallBootService ( CoreSimpleFileSystem->OpenVolume = CoreOpenVolume; - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); mRing3SimpleFileSystemPointer = (EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *)UserArgList[Index + 1]; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); } } @@ -512,15 +512,15 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp + 6 * sizeof (UINTN) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = FindGuid ((EFI_GUID *)CoreRbp->Argument2, &CoreProtocol, &MemoryCoreSize); if (EFI_ERROR (Status)) { - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return Status; } Argument4 = UserRsp->Arguments[4]; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = gBS->CloseProtocol ( (EFI_HANDLE)CoreRbp->Argument1, @@ -546,9 +546,9 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument3 + sizeof (VOID *) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = FindGuid ((EFI_GUID *)CoreRbp->Argument2, &CoreProtocol, &MemoryCoreSize); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if (EFI_ERROR (Status)) { return Status; } @@ -559,14 +559,14 @@ CallBootService ( &Interface ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if (Interface != NULL) { Interface = PrepareRing3Interface (CoreProtocol, Interface, MemoryCoreSize); ASSERT (Interface != NULL); *(VOID **)CoreRbp->Argument3 = Interface; } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return Status; @@ -587,14 +587,14 @@ CallBootService ( (EFI_PHYSICAL_ADDRESS *)&Argument4 ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp->Arguments[4] + sizeof (EFI_PHYSICAL_ADDRESS) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); *(EFI_PHYSICAL_ADDRESS *)UserRsp->Arguments[4] = (EFI_PHYSICAL_ADDRESS)Argument4; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return Status; @@ -643,9 +643,9 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + sizeof (EFI_GUID) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = FindGuid ((EFI_GUID *)CoreRbp->Argument2, &CoreProtocol, &MemoryCoreSize); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if (EFI_ERROR (Status)) { return Status; } @@ -662,7 +662,7 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp + 7 * sizeof (UINTN) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if ((UINTN *)UserRsp->Arguments[4] != NULL) { gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); @@ -696,7 +696,7 @@ CallBootService ( *(EFI_HANDLE **)UserRsp->Arguments[5] = (EFI_HANDLE *)(UINTN)Ring3Pages; } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return StatusBS; @@ -720,9 +720,9 @@ CallBootService ( return EFI_OUT_OF_RESOURCES; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CopyMem ((VOID *)Argument4, (VOID *)CoreRbp->Argument1, CoreRbp->Argument2); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = gBS->CalculateCrc32 ( (VOID *)Argument4, @@ -730,9 +730,9 @@ CallBootService ( (UINT32 *)&Argument5 ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); *(UINT32 *)CoreRbp->Argument3 = (UINT32)Argument5; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return Status; @@ -759,19 +759,19 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp + 7 * sizeof (UINTN) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument1 + StrSize ((CHAR16 *)CoreRbp->Argument1) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument6 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument1), (CHAR16 *)CoreRbp->Argument1); if ((VOID *)Argument6 == NULL) { - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return EFI_OUT_OF_RESOURCES; } Status = FindGuid ((EFI_GUID *)CoreRbp->Argument2, &CoreProtocol, &MemoryCoreSize); if (EFI_ERROR (Status)) { - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument6); return Status; } @@ -791,12 +791,12 @@ CallBootService ( Argument5 = (UINTN)AllocatePool (Argument4); if ((VOID *)Argument5 == NULL) { - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument6); return EFI_OUT_OF_RESOURCES; } } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = gRT->GetVariable ( (CHAR16 *)Argument6, @@ -806,7 +806,7 @@ CallBootService ( (VOID *)Argument5 ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if ((VOID *)UserRsp->Arguments[5] != NULL) { CopyMem ((VOID *)UserRsp->Arguments[5], (VOID *)Argument5, Argument4); } @@ -816,7 +816,7 @@ CallBootService ( if ((UINT32 *)CoreRbp->Argument3 != NULL) { *(UINT32 *)CoreRbp->Argument3 = (UINT32)Attributes; } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument6); @@ -863,7 +863,7 @@ CallBootService ( #endif ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); #if defined (MDE_CPU_ARM) // // EFI_LBA Lba is aligned on 8 bytes. @@ -872,7 +872,7 @@ CallBootService ( #else Attributes = *(UINT64 *)&UserRsp->Arguments[5]; #endif - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Argument5 = (UINTN)AllocatePool (CoreRbp->Argument3); if ((VOID *)Argument5 == NULL) { @@ -886,14 +886,14 @@ CallBootService ( CoreRbp->Argument3, (VOID *)Argument5 ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp->Arguments[4] + CoreRbp->Argument3 - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); CopyMem ((VOID *)UserRsp->Arguments[4], (VOID *)Argument5, CoreRbp->Argument3); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument5); @@ -925,7 +925,7 @@ CallBootService ( return EFI_OUT_OF_RESOURCES; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp->Arguments[4] + CoreRbp->Argument3 - 1), &Attributes); @@ -941,7 +941,7 @@ CallBootService ( #else Attributes = *(UINT64 *)&UserRsp->Arguments[5]; #endif - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = BlockIo->WriteBlocks ( BlockIo, @@ -988,7 +988,7 @@ CallBootService ( #endif ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); #if defined (MDE_CPU_ARM) // // UINT64 Offset is aligned on 8 bytes. @@ -997,7 +997,7 @@ CallBootService ( #else Attributes = *(UINT64 *)&UserRsp->Arguments[5]; #endif - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Argument5 = (UINTN)AllocatePool (CoreRbp->Argument3); if ((VOID *)Argument5 == NULL) { @@ -1011,14 +1011,14 @@ CallBootService ( CoreRbp->Argument3, (VOID *)Argument5 ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp->Arguments[4] + CoreRbp->Argument3 - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); CopyMem ((VOID *)UserRsp->Arguments[4], (VOID *)Argument5, CoreRbp->Argument3); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument5); @@ -1050,7 +1050,7 @@ CallBootService ( return EFI_OUT_OF_RESOURCES; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp->Arguments[4] + CoreRbp->Argument3 - 1), &Attributes); @@ -1066,7 +1066,7 @@ CallBootService ( #else Attributes = *(UINT64 *)&UserRsp->Arguments[5]; #endif - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = DiskIo->WriteDisk ( DiskIo, @@ -1096,12 +1096,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument2, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + StrSize ((CHAR16 *)CoreRbp->Argument2) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument4 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument2), (CHAR16 *)CoreRbp->Argument2); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument4 == NULL) { return EFI_OUT_OF_RESOURCES; } @@ -1111,12 +1111,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument3, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument3 + StrSize ((CHAR16 *)CoreRbp->Argument3) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument5 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument3), (CHAR16 *)CoreRbp->Argument3); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument5 == NULL) { if ((VOID *)Argument4 != NULL) { FreePool ((VOID *)Argument4); @@ -1158,12 +1158,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument2, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + StrSize ((CHAR16 *)CoreRbp->Argument2) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument4 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument2), (CHAR16 *)CoreRbp->Argument2); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument4 == NULL) { return EFI_OUT_OF_RESOURCES; } @@ -1173,12 +1173,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument3, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument3 + StrSize ((CHAR16 *)CoreRbp->Argument3) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument5 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument3), (CHAR16 *)CoreRbp->Argument3); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument5 == NULL) { if ((VOID *)Argument4 != NULL) { FreePool ((VOID *)Argument4); @@ -1219,12 +1219,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument2, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + StrSize ((CHAR16 *)CoreRbp->Argument2) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument4 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument2), (CHAR16 *)CoreRbp->Argument2); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument4 == NULL) { return EFI_OUT_OF_RESOURCES; } @@ -1236,9 +1236,9 @@ CallBootService ( ); if ((VOID *)Argument4 != NULL) { - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = StrCpyS ((CHAR16 *)CoreRbp->Argument2, StrLen ((CHAR16 *)CoreRbp->Argument2) + 1, (CHAR16 *)Argument4); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument4); } @@ -1260,12 +1260,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument2, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + StrSize ((CHAR16 *)CoreRbp->Argument2) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument4 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument2), (CHAR16 *)CoreRbp->Argument2); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument4 == NULL) { return EFI_OUT_OF_RESOURCES; } @@ -1277,9 +1277,9 @@ CallBootService ( ); if ((VOID *)Argument4 != NULL) { - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = StrCpyS ((CHAR16 *)CoreRbp->Argument2, StrLen ((CHAR16 *)CoreRbp->Argument2) + 1, (CHAR16 *)Argument4); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument4); } @@ -1305,9 +1305,9 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument3 + CoreRbp->Argument2 - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Argument4 = (UINTN)AllocateCopyPool (CoreRbp->Argument2, (CHAR8 *)CoreRbp->Argument3); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument4 == NULL) { return EFI_OUT_OF_RESOURCES; } @@ -1316,7 +1316,7 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp + 6 * sizeof (UINTN) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if ((CHAR16 *)UserRsp->Arguments[4] != NULL) { gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); @@ -1332,7 +1332,7 @@ CallBootService ( return EFI_OUT_OF_RESOURCES; } } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Unicode->FatToStr ( Unicode, @@ -1346,9 +1346,9 @@ CallBootService ( } if ((VOID *)Argument5 != NULL) { - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CopyMem ((VOID *)UserRsp->Arguments[4], (VOID *)Argument5, 2 * (CoreRbp->Argument2 + 1)); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument5); } @@ -1372,12 +1372,12 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)CoreRbp->Argument2, &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + StrSize ((CHAR16 *)CoreRbp->Argument2) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); Argument4 = (UINTN)AllocateCopyPool (StrSize ((CHAR16 *)CoreRbp->Argument2), (CHAR16 *)CoreRbp->Argument2); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if ((VOID *)Argument4 == NULL) { return EFI_OUT_OF_RESOURCES; } @@ -1386,7 +1386,7 @@ CallBootService ( gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)((UINTN)UserRsp + 6 * sizeof (UINTN) - 1), &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if ((CHAR8 *)UserRsp->Arguments[4] != NULL) { gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)UserRsp->Arguments[4], &Attributes); ASSERT ((Attributes & EFI_MEMORY_USER) != 0); @@ -1402,7 +1402,7 @@ CallBootService ( return EFI_OUT_OF_RESOURCES; } } - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = (EFI_STATUS)Unicode->StrToFat ( Unicode, @@ -1416,9 +1416,9 @@ CallBootService ( } if ((VOID *)Argument5 != NULL) { - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CopyMem ((VOID *)UserRsp->Arguments[4], (VOID *)Argument5, CoreRbp->Argument3); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); FreePool ((VOID *)Argument5); } diff --git a/MdeModulePkg/Core/Dxe/SysCall/IA32/CoreBootServices.nasm b/MdeModulePkg/Core/Dxe/SysCall/IA32/CoreBootServices.nasm index ade43fc05d..c4d3714f2c 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/IA32/CoreBootServices.nasm +++ b/MdeModulePkg/Core/Dxe/SysCall/IA32/CoreBootServices.nasm @@ -20,12 +20,12 @@ SECTION .text ;------------------------------------------------------------------------------ ; VOID ; EFIAPI -; DisableSMAP ( +; AllowSupervisorAccessToUserMemory ( ; VOID ; ); ;------------------------------------------------------------------------------ -global ASM_PFX(DisableSMAP) -ASM_PFX(DisableSMAP): +global ASM_PFX(AllowSupervisorAccessToUserMemory) +ASM_PFX(AllowSupervisorAccessToUserMemory): pushfd pop eax or eax, 0x40000 ; Set AC (bit 18) @@ -36,12 +36,12 @@ ASM_PFX(DisableSMAP): ;------------------------------------------------------------------------------ ; VOID ; EFIAPI -; EnableSMAP ( +; ForbidSupervisorAccessToUserMemory ( ; VOID ; ); ;------------------------------------------------------------------------------ -global ASM_PFX(EnableSMAP) -ASM_PFX(EnableSMAP): +global ASM_PFX(ForbidSupervisorAccessToUserMemory) +ASM_PFX(ForbidSupervisorAccessToUserMemory): pushfd pop eax and eax, ~0x40000 ; Clear AC (bit 18) @@ -131,14 +131,14 @@ ASM_PFX(CoreBootServices): je coreReturnAddress ; Prepare CallBootService arguments. - call ASM_PFX(DisableSMAP) + call ASM_PFX(AllowSupervisorAccessToUserMemory) mov eax, [edx + 4 * 4] ; User Argument 3 push eax mov eax, [edx + 3 * 4] ; User Argument 2 push eax mov eax, [edx + 2 * 4] ; User Argument 1 push eax - call ASM_PFX(EnableSMAP) + call ASM_PFX(ForbidSupervisorAccessToUserMemory) mov ebp, esp push edx push ebp @@ -209,10 +209,10 @@ coreReturnAddress: pop ebp pop ebx - call ASM_PFX(DisableSMAP) + call ASM_PFX(AllowSupervisorAccessToUserMemory) mov eax, [edx + 2 * 4] ; User Argument 1 push eax - call ASM_PFX(EnableSMAP) + call ASM_PFX(ForbidSupervisorAccessToUserMemory) pop eax sti diff --git a/MdeModulePkg/Core/Dxe/SysCall/SupportedProtocols.c b/MdeModulePkg/Core/Dxe/SysCall/SupportedProtocols.c index c89a431d10..d0e8944913 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/SupportedProtocols.c +++ b/MdeModulePkg/Core/Dxe/SysCall/SupportedProtocols.c @@ -51,7 +51,7 @@ GoToRing3 ( Input = (RING3_CALL_DATA *)(UINTN)Ring3Pages; - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Input->NumberOfArguments = Number; Input->EntryPoint = EntryPoint; @@ -60,7 +60,7 @@ GoToRing3 ( Input->Arguments[Index] = VA_ARG (Marker, UINTN); } VA_END (Marker); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); #if defined (MDE_CPU_X64) || defined (MDE_CPU_IA32) if (Number == 2) { @@ -98,7 +98,7 @@ GoToRing3 ( // Problem 2: Uart memory maped page is not allocated at the very beginnig // and can be used for translation table later. // - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); // // Problem 3: QEMU ramdomly breaks GP registers' context. // @@ -107,7 +107,7 @@ GoToRing3 ( EFI_PAGE_SIZE, EFI_MEMORY_XP ); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); #endif CoreFreePages (Ring3Pages, PagesNumber); @@ -136,9 +136,9 @@ Ring3Copy ( return NULL; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CopyMem ((VOID *)(UINTN)Ring3, Core, Size); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); return (VOID *)(UINTN)Ring3; } @@ -300,9 +300,9 @@ CoreFileRead ( Ring3BufferSize = (UINTN *)(UINTN)Ring3Pages; - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); *Ring3BufferSize = *BufferSize; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if (Buffer != NULL) { Ring3Buffer = (VOID *)((UINTN *)(UINTN)Ring3Pages + 1); @@ -316,13 +316,13 @@ CoreFileRead ( Ring3Buffer ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if ((Ring3Buffer != NULL) && (Buffer != NULL) && (*BufferSize >= *Ring3BufferSize)) { CopyMem (Buffer, Ring3Buffer, *Ring3BufferSize); } *BufferSize = *Ring3BufferSize; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); CoreFreePages (Ring3Pages, PagesNumber); @@ -414,9 +414,9 @@ CoreFileGetPosition ( return Status; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); *(UINT64 *)(UINTN)Ring3Position = *Position; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); Status = GoToRing3 ( 2, @@ -425,9 +425,9 @@ CoreFileGetPosition ( Ring3Position ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); *Position = *(UINT64 *)(UINTN)Ring3Position; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); CoreFreePages (Ring3Position, 1); @@ -475,9 +475,9 @@ CoreFileGetInfo ( Ring3BufferSize = (UINTN *)(UINTN)Ring3Pages; - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); *Ring3BufferSize = *BufferSize; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if (Buffer != NULL) { Ring3Buffer = (VOID *)((UINTN *)(UINTN)Ring3Pages + 1); @@ -486,9 +486,9 @@ CoreFileGetInfo ( if (InformationType != NULL) { Ring3InformationType = (EFI_GUID *)((UINTN)Ring3Pages + sizeof (UINTN *) + *BufferSize); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); CopyGuid (Ring3InformationType, InformationType); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); } Status = GoToRing3 ( @@ -500,13 +500,13 @@ CoreFileGetInfo ( Ring3Buffer ); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); if ((Ring3Buffer != NULL) && (Buffer != NULL) && (*BufferSize >= *Ring3BufferSize)) { CopyMem (Buffer, Ring3Buffer, *Ring3BufferSize); } *BufferSize = *Ring3BufferSize; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); CoreFreePages (Ring3Pages, PagesNumber); @@ -628,9 +628,9 @@ CoreFileOpen ( Ring3NewHandle = (EFI_FILE_PROTOCOL **)(UINTN)Ring3Pages; Ring3FileName = (CHAR16 *)((EFI_FILE_PROTOCOL **)(UINTN)Ring3Pages + 1); - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); Status = StrCpyS (Ring3FileName, StrLen (FileName) + 1, FileName); - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); if (EFI_ERROR (Status)) { *NewHandle = NULL; CoreFreePages (Ring3Pages, PagesNumber); @@ -706,9 +706,9 @@ CoreFileOpen ( NewFile->Protocol.WriteEx = CoreFileWriteEx; NewFile->Protocol.FlushEx = CoreFileFlushEx; - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); NewFile->Ring3File = *Ring3NewHandle; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); *NewHandle = (EFI_FILE_PROTOCOL *)NewFile; @@ -765,7 +765,7 @@ CoreOpenVolume ( return EFI_OUT_OF_RESOURCES; } - DisableSMAP (); + AllowSupervisorAccessToUserMemory (); mRing3FileProtocol.Revision = (*Ring3Root)->Revision; mRing3FileProtocol.Open = (*Ring3Root)->Open; mRing3FileProtocol.Close = (*Ring3Root)->Close; @@ -783,7 +783,7 @@ CoreOpenVolume ( mRing3FileProtocol.FlushEx = (*Ring3Root)->FlushEx; File->Ring3File = *Ring3Root; - EnableSMAP (); + ForbidSupervisorAccessToUserMemory (); File->Protocol.Revision = mRing3FileProtocol.Revision; File->Protocol.Open = CoreFileOpen; diff --git a/MdeModulePkg/Core/Dxe/SysCall/X64/CoreBootServices.nasm b/MdeModulePkg/Core/Dxe/SysCall/X64/CoreBootServices.nasm index cf1bd7c94b..3c88b9a743 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/X64/CoreBootServices.nasm +++ b/MdeModulePkg/Core/Dxe/SysCall/X64/CoreBootServices.nasm @@ -18,12 +18,12 @@ SECTION .text ;------------------------------------------------------------------------------ ; VOID ; EFIAPI -; DisableSMAP ( +; AllowSupervisorAccessToUserMemory ( ; VOID ; ); ;------------------------------------------------------------------------------ -global ASM_PFX(DisableSMAP) -ASM_PFX(DisableSMAP): +global ASM_PFX(AllowSupervisorAccessToUserMemory) +ASM_PFX(AllowSupervisorAccessToUserMemory): pushfq pop r10 or r10, 0x40000 ; Set AC (bit 18) @@ -34,12 +34,12 @@ ASM_PFX(DisableSMAP): ;------------------------------------------------------------------------------ ; VOID ; EFIAPI -; EnableSMAP ( +; ForbidSupervisorAccessToUserMemory ( ; VOID ; ); ;------------------------------------------------------------------------------ -global ASM_PFX(EnableSMAP) -ASM_PFX(EnableSMAP): +global ASM_PFX(ForbidSupervisorAccessToUserMemory) +ASM_PFX(ForbidSupervisorAccessToUserMemory): pushfq pop r10 and r10, ~0x40000 ; Clear AC (bit 18)