diff --git a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html
index 03762dd8d6..84eaca248c 100644
--- a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html
+++ b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html
@@ -523,18 +523,34 @@
External Licenses
}
**/
var SavedFilters = [];
+ SavedFilters.push({
+ "Name": "NULL Page Check",
+ "Description": "NULL page should be EFI_MEMORY_RP",
+ "Filter": function (mrObject) {
+ var isTargetType = mrObject["System Memory"] === "NULL Page";
+ var hasInvalidAttributes = mrObject["Access Flag"] !== "No";
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("SpecialMemoryRegionsFilter", ["NULL Page"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
SavedFilters.push({
"Name": "RW+X",
"Description": "No memory range should have page attributes that allow read, write, and execute",
"Filter": function (mrObject) {
- if ((mrObject["Execute"] !== "Disabled") && (mrObject["Read/Write"] === "Enabled") && (mrObject["Access Flag"] === "Yes") && (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent")) {
- return true;
- }
- return false;
- }, //end of Filter function
+ isTargetType = (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent");
+ hasInvalidAttributes = (mrObject["Execute"] === "Enabled") &&
+ (mrObject["Read/Write"] === "Enabled") &&
+ (mrObject["Access Flag"] === "Yes");
+ return isTargetType && hasInvalidAttributes;
+ },
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
- SetMultiselectTo("ExecuteFilter", ["UX", "PX", "UX/PX", "Enabled"])
+ SetMultiselectTo("ExecuteFilter", ["Enabled"])
SetMultiselectTo("AccessFlagFilter", ["Yes"])
SetMultiselectTo("RWFilter", ["Enabled"])
SetMultiselectTo("MemorySpaceTypeFilter",
@@ -553,14 +569,13 @@ External Licenses
"Name": "Data Sections are No-Execute",
"Description": "Image data sections should be no-execute",
"Filter": function (mrObject) {
- if ((mrObject["Execute"] !== "Disabled") && (mrObject["Section Type"] === "DATA")) {
- return true;
- }
- return false;
+ isTargetType = (mrObject["Section Type"] === "DATA");
+ hasInvalidAttributes = (mrObject["Execute"] === "Enabled");
+ return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
- SetMultiselectTo("ExecuteFilter", ["UX", "PX", "UX/PX", "Enabled"])
+ SetMultiselectTo("ExecuteFilter", ["Disabled"])
SetMultiselectTo("SectionFilter", ["DATA"])
return true;
} //end of configuring filter inputs
@@ -570,10 +585,9 @@ External Licenses
"Name": "Code Sections are Read-Only",
"Description": "Image code sections should be read-only",
"Filter": function (mrObject) {
- if ((mrObject["Read/Write"] === "Enabled") && (mrObject["Section Type"] === "CODE")) {
- return true;
- }
- return false;
+ isTargetType = (mrObject["Section Type"] === "CODE");
+ hasInvalidAttributes = (mrObject["Read/Write"] === "Enabled");
+ return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
@@ -583,6 +597,58 @@ External Licenses
} //end of configuring filter inputs
});
+ SavedFilters.push({
+ "Name": "MMIO Execute Check",
+ "Description": "MMIO ranges should be non executable",
+ "Filter": function (mrObject) {
+ var isTargetType = (mrObject["GCD Memory Type"] === "EfiGcdMemoryTypeMemoryMappedIo") ||
+ (mrObject["Memory Type"] === "EfiMemoryMappedIO");
+ var hasInvalidAttributes = (mrObject["Execute"] !== "Disabled") &&
+ (mrObject["Access Flag"] !== "No");
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("MemorySpaceTypeFilter", ["EfiGcdMemoryTypeMemoryMappedIo"]);
+ SetMultiselectTo("MemoryTypeFilter", ["EfiMemoryMappedIO"]);
+ SetMultiselectTo("ExecuteFilter", ["Enabled"]);
+ SetMultiselectTo("AccessFlagFilter", ["Yes"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
+ SavedFilters.push({
+ "Name": "Free Memory Check",
+ "Description": "Free EFI memory should not be readable",
+ "Filter": function (mrObject) {
+ var isTargetType = mrObject["Memory Type"] === "EfiConventionalMemory";
+ var hasInvalidAttributes = mrObject["Access Flag"] !== "No";
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("MemoryTypeFilter", ["EfiConventionalMemory"]);
+ SetMultiselectTo("AccessFlagFilter", ["Yes"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
+ SavedFilters.push({
+ "Name": "Check Memory Not in EFI Memory Map is Inaccessible",
+ "Description": "Memory not in the EFI memory map should cause a fault if accessed",
+ "Filter": function (mrObject) {
+ var isTargetType = mrObject["Memory Type"] === "None";
+ var hasInvalidAttributes = mrObject["Access Flag"] !== "Yes";
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("MemoryTypeFilter", ["None"]);
+ SetMultiselectTo("AccessFlagFilter", ["Yes"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
//Fill in the test results tab
SavedFilters.forEach(function (TestObject) {
var FailedCount = EmbeddedJd.MemoryRanges.filter(TestObject.Filter);
@@ -608,6 +674,16 @@ External Licenses
}
});
+ var testName = "Memory Attribute Protocol is Installed";
+ var testDescription = "Checks if the platform produces the memory attribute protocol";
+ if (IsMemoryAttributeProtocolPresent === "TRUE") {
+ var b = $("" + testName + "
Description:" + testDescription + "
Status: Success
");
+ b.appendTo("div#TestStatusListWrapper");
+ } else {
+ var b = $("" + testName + "
Description:" + testDescription + "
Status: Failed
");
+ b.appendTo("div#TestStatusListWrapper");
+ }
+
$('div#tabs-3 select.selectpicker').selectpicker("refresh").change();
//Show warning if there are parsing errors
@@ -672,7 +748,6 @@ External Licenses
@ret boolean status of setting all requested values
**/
function SetMultiselectTo(selectName, listOfValuesSelected) {
- //var allOptions = $("select#" + selectName +" > option").map(function() { return $(this).val(); }).get(); //create array
$.each($("select#" + selectName + " option"), function (i, v) {
var index = listOfValuesSelected.indexOf($(v).text());
if (index > -1) {
@@ -685,9 +760,6 @@ External Licenses
});
$("select#" + selectName).change();
$("select#" + selectName).selectpicker('refresh');
- listOfValuesSelected.forEach(function (v, i, a) {
- AddAlert("Can't set " + selectName + " value to " + v, "warning");
- });
return (listOfValuesSelected.length === 0);
}
diff --git a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html
index e51764f51b..8403a9c241 100644
--- a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html
+++ b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html
@@ -545,13 +545,30 @@ External Licenses
**/
var SavedFilters = [];
SavedFilters.push({
- "Name": "RW+X", "Description": "No memory range should have page attributes that allow read, write, and execute",
+ "Name": "NULL Page Check",
+ "Description": "NULL page should be EFI_MEMORY_RP",
"Filter": function (mrObject) {
- if ((mrObject["Execute"] === "Enabled") && (mrObject["Read/Write"] === "Enabled") && (mrObject["Present"] === "Yes") && (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent")) {
- return true;
- }
- return false;
+ var isTargetType = mrObject["System Memory"] === "NULL Page";
+ var hasInvalidAttributes = mrObject["Present"] !== "No";
+ return isTargetType && hasInvalidAttributes;
}, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("SpecialMemoryRegionsFilter", ["NULL Page"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
+ SavedFilters.push({
+ "Name": "RW+X",
+ "Description": "No memory range should have page attributes that allow read, write, and execute",
+ "Filter": function (mrObject) {
+ isTargetType = (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent");
+ hasInvalidAttributes = (mrObject["Execute"] === "Enabled") &&
+ (mrObject["Read/Write"] === "Enabled") &&
+ (mrObject["Present"] === "Yes");
+ return isTargetType && hasInvalidAttributes;
+ },
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("ExecuteFilter", ["Enabled"])
@@ -570,11 +587,12 @@ External Licenses
});
SavedFilters.push({
- "Name": "Data Sections are No-Execute", "Description": "Image data sections should be no-execute", "Filter": function (mrObject) {
- if ((mrObject["Execute"] === "Enabled") && (mrObject["Section Type"] === "DATA")) {
- return true;
- }
- return false;
+ "Name": "Data Sections are No-Execute",
+ "Description": "Image data sections should be no-execute",
+ "Filter": function (mrObject) {
+ isTargetType = (mrObject["Section Type"] === "DATA");
+ hasInvalidAttributes = (mrObject["Execute"] === "Enabled");
+ return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
@@ -585,11 +603,12 @@ External Licenses
});
SavedFilters.push({
- "Name": "Code Sections are Read-Only", "Description": "Image code sections should be read-only", "Filter": function (mrObject) {
- if ((mrObject["Read/Write"] === "Enabled") && (mrObject["Section Type"] === "CODE")) {
- return true;
- }
- return false;
+ "Name": "Code Sections are Read-Only",
+ "Description": "Image code sections should be read-only",
+ "Filter": function (mrObject) {
+ isTargetType = (mrObject["Section Type"] === "CODE");
+ hasInvalidAttributes = (mrObject["Read/Write"] === "Enabled");
+ return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
@@ -599,6 +618,58 @@ External Licenses
} //end of configuring filter inputs
});
+ SavedFilters.push({
+ "Name": "MMIO Execute Check",
+ "Description": "MMIO ranges should be non executable",
+ "Filter": function (mrObject) {
+ var isTargetType = (mrObject["GCD Memory Type"] === "EfiGcdMemoryTypeMemoryMappedIo") ||
+ (mrObject["Memory Type"] === "EfiMemoryMappedIO");
+ var hasInvalidAttributes = (mrObject["Execute"] !== "Disabled") &&
+ (mrObject["Present"] !== "No");
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("MemorySpaceTypeFilter", ["EfiGcdMemoryTypeMemoryMappedIo"]);
+ SetMultiselectTo("MemoryTypeFilter", ["EfiMemoryMappedIO"]);
+ SetMultiselectTo("ExecuteFilter", ["Enabled"]);
+ SetMultiselectTo("PresentFilter", ["Yes"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
+ SavedFilters.push({
+ "Name": "Free Memory Check",
+ "Description": "Free EFI memory should not be readable",
+ "Filter": function (mrObject) {
+ var isTargetType = mrObject["Memory Type"] === "EfiConventionalMemory";
+ var hasInvalidAttributes = mrObject["Present"] !== "No";
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("MemoryTypeFilter", ["EfiConventionalMemory"]);
+ SetMultiselectTo("PresentFilter", ["Yes"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
+ SavedFilters.push({
+ "Name": "Check Memory Not in EFI Memory Map is Inaccessible",
+ "Description": "Memory not in the EFI memory map should cause a fault if accessed",
+ "Filter": function (mrObject) {
+ var isTargetType = mrObject["Memory Type"] === "None";
+ var hasInvalidAttributes = mrObject["Present"] !== "Yes";
+ return isTargetType && hasInvalidAttributes;
+ }, //end of Filter function
+ "ConfigureFilter": function () {
+ $("button#ClearAllFilter").click(); //clear the filters
+ SetMultiselectTo("MemoryTypeFilter", ["None"]);
+ SetMultiselectTo("PresentFilter", ["Yes"]);
+ return true;
+ } //end of configuring filter inputs
+ });
+
//Fill in the test results tab
SavedFilters.forEach(function (TestObject) {
var FailedCount = EmbeddedJd.MemoryRanges.filter(TestObject.Filter);
@@ -624,6 +695,16 @@ External Licenses
}
});
+ var testName = "Memory Attribute Protocol is Installed";
+ var testDescription = "Checks if the platform produces the memory attribute protocol";
+ if (IsMemoryAttributeProtocolPresent === "TRUE") {
+ var b = $("" + testName + "
Description:" + testDescription + "
Status: Success
");
+ b.appendTo("div#TestStatusListWrapper");
+ } else {
+ var b = $("" + testName + "
Description:" + testDescription + "
Status: Failed
");
+ b.appendTo("div#TestStatusListWrapper");
+ }
+
$('div#tabs-3 select.selectpicker').selectpicker("refresh").change();
//Show warning if there are parsing errors
@@ -701,9 +782,6 @@ External Licenses
});
$("select#" + selectName).change();
$("select#" + selectName).selectpicker('refresh');
- listOfValuesSelected.forEach(function (v, i, a) {
- AddAlert("Can't set " + selectName + " value to " + v, "warning");
- });
return (listOfValuesSelected.length === 0);
}