Skip to content

Commit

Permalink
DxePagingAuditTestApp: Remove MemoryOutsideEfiMemoryMapIsInaccessible…
Browse files Browse the repository at this point in the history
… Test

MemoryOutsideEfiMemoryMapIsInaccessible was attempting to test that memory
outside the EFI_MEMORY_MAP was marked EFI_MEMORY_RP or unmapped, however this
is not a valid test as we expect there to be ranges outside of the EFI_MEMORY_MAP,
such as GCD non-existent memory and non-runtime MMIO ranges. This patch removes
the test.
  • Loading branch information
os-d committed Aug 28, 2024
1 parent e135172 commit 602574c
Showing 2 changed files with 0 additions and 109 deletions.
2 changes: 0 additions & 2 deletions UefiTestingPkg/AuditTests/PagingAudit/README.md
Original file line number Diff line number Diff line change
@@ -66,8 +66,6 @@ is installed.
code are EFI_MEMORY_RO and sections containing data are EFI_MEMORY_XP.
- **BspStackIsXpAndHasGuardPage:** Checks that the stack is EFI_MEMORY_XP and has an
EFI_MEMORY_RP page at the base to catch overflow.
- **MemoryOutsideEfiMemoryMapIsInaccessible:** Checks that memory ranges not in
the EFI memory map EFI_MEMORY_RP or is not mapped.

#### Mode 2: Paging Audit Collection Tool

Original file line number Diff line number Diff line change
@@ -1348,112 +1348,6 @@ BspStackIsXpAndHasGuardPage (
return UNIT_TEST_PASSED;
}

/**
Checks that memory ranges not in the EFI
memory map will cause a CPU fault if accessed.
@param[in] Context Unit test context
@retval UNIT_TEST_PASSED The unit test passed
@retval other The unit test failed
**/
STATIC
UNIT_TEST_STATUS
EFIAPI
MemoryOutsideEfiMemoryMapIsInaccessible (
IN UNIT_TEST_CONTEXT Context
)
{
UINT64 StartOfAddressSpace;
UINT64 EndOfAddressSpace;
EFI_MEMORY_DESCRIPTOR *EndOfEfiMemoryMap;
EFI_MEMORY_DESCRIPTOR *CurrentEfiMemoryMapEntry;
BOOLEAN TestFailure;
EFI_PHYSICAL_ADDRESS LastMemoryMapEntryEnd;
EFI_STATUS Status;

DEBUG ((DEBUG_INFO, "%a Enter...\n", __FUNCTION__));

UT_ASSERT_NOT_EFI_ERROR (ValidatePageTableMapSize ());
UT_ASSERT_NOT_EFI_ERROR (ValidateEfiMemoryMapSize ());
UT_ASSERT_NOT_EFI_ERROR (PopulateMemorySpaceMap ());
UT_ASSERT_NOT_NULL (mMemorySpaceMap);
UT_ASSERT_NOT_EFI_ERROR (PopulateEfiMemoryMap ());
UT_ASSERT_NOT_EFI_ERROR (PopulatePageTableMap ());

StartOfAddressSpace = mMemorySpaceMap[0].BaseAddress;
EndOfAddressSpace = mMemorySpaceMap[mMemorySpaceMapCount - 1].BaseAddress +
mMemorySpaceMap[mMemorySpaceMapCount - 1].Length;
TestFailure = FALSE;
EndOfEfiMemoryMap = (EFI_MEMORY_DESCRIPTOR *)(((UINT8 *)mEfiMemoryMap + mEfiMemoryMapSize));
CurrentEfiMemoryMapEntry = mEfiMemoryMap;

if (CurrentEfiMemoryMapEntry->PhysicalStart > StartOfAddressSpace) {
Status = ValidateRegionAttributes (
&mMap,
StartOfAddressSpace,
CurrentEfiMemoryMapEntry->PhysicalStart - StartOfAddressSpace,
EFI_MEMORY_RP,
TRUE,
TRUE,
TRUE
);

// Inaccessible could mean EFI_MEMORY_RP or completely unmapped in page table
if (EFI_ERROR (Status) && (Status != EFI_NO_MAPPING)) {
TestFailure = TRUE;
}
}

LastMemoryMapEntryEnd = CurrentEfiMemoryMapEntry->PhysicalStart +
(CurrentEfiMemoryMapEntry->NumberOfPages * EFI_PAGE_SIZE);
CurrentEfiMemoryMapEntry = NEXT_MEMORY_DESCRIPTOR (CurrentEfiMemoryMapEntry, mEfiMemoryMapDescriptorSize);

while ((UINTN)CurrentEfiMemoryMapEntry < (UINTN)EndOfEfiMemoryMap) {
if (CurrentEfiMemoryMapEntry->PhysicalStart > LastMemoryMapEntryEnd) {
Status = ValidateRegionAttributes (
&mMap,
LastMemoryMapEntryEnd,
CurrentEfiMemoryMapEntry->PhysicalStart - LastMemoryMapEntryEnd,
EFI_MEMORY_RP,
TRUE,
TRUE,
TRUE
);

// Inaccessible could mean EFI_MEMORY_RP or completely unmapped in page table
if (EFI_ERROR (Status) && (Status != EFI_NO_MAPPING)) {
TestFailure = TRUE;
}
}

LastMemoryMapEntryEnd = CurrentEfiMemoryMapEntry->PhysicalStart +
(CurrentEfiMemoryMapEntry->NumberOfPages * EFI_PAGE_SIZE);
CurrentEfiMemoryMapEntry = NEXT_MEMORY_DESCRIPTOR (CurrentEfiMemoryMapEntry, mEfiMemoryMapDescriptorSize);
}

if (LastMemoryMapEntryEnd < EndOfAddressSpace) {
Status = ValidateRegionAttributes (
&mMap,
LastMemoryMapEntryEnd,
EndOfAddressSpace - LastMemoryMapEntryEnd,
EFI_MEMORY_RP,
TRUE,
TRUE,
TRUE
);

// Inaccessible could mean EFI_MEMORY_RP or completely unmapped in page table
if (EFI_ERROR (Status) && (Status != EFI_NO_MAPPING)) {
TestFailure = TRUE;
}
}

UT_ASSERT_FALSE (TestFailure);

return UNIT_TEST_PASSED;
}

/**
Entry Point of the shell app.
@@ -1547,7 +1441,6 @@ DxePagingAuditTestAppEntryPoint (
AddTestCase (Misc, "MMIO Regions are EFI_MEMORY_XP", "Security.Misc.MmioIsXp", MmioIsXp, NULL, GeneralTestCleanup, NULL);
AddTestCase (Misc, "Image code sections are EFI_MEMORY_RO and and data sections are EFI_MEMORY_XP", "Security.Misc.ImageCodeSectionsRoDataSectionsXp", ImageCodeSectionsRoDataSectionsXp, NULL, GeneralTestCleanup, NULL);
AddTestCase (Misc, "BSP stack is EFI_MEMORY_XP and has EFI_MEMORY_RP guard page", "Security.Misc.BspStackIsXpAndHasGuardPage", BspStackIsXpAndHasGuardPage, NULL, GeneralTestCleanup, NULL);
AddTestCase (Misc, "Memory outside of the EFI Memory Map is inaccessible", "Security.Misc.MemoryOutsideEfiMemoryMapIsInaccessible", MemoryOutsideEfiMemoryMapIsInaccessible, NULL, GeneralTestCleanup, NULL);

//
// Execute the tests.

0 comments on commit 602574c

Please sign in to comment.