From d9520ea5e6982a272c4e7a4b7fb61bff75005b46 Mon Sep 17 00:00:00 2001 From: Taylor Beebe Date: Sat, 7 Oct 2023 20:36:53 -0700 Subject: [PATCH] Paging Audit: Add 5 Tests to HTML Templates Description Adds the following tests to the HTML templates: 1. Test that the NULL page is EFI_MEMORY_RP 2. Check that MMIO memory is non-executable. 3. Check that EfiConventionalMemory is non-executable. 4. Check that memory not in the EFI memory map is not accessible. 5. Check that the memory attribute protocol is present on the platform. - [x] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [x] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... How This Was Tested Tested on Q35 and SBSA Integration Instructions N/A --- .../Windows/DxePaging_template_AArch64.html | 110 ++++++++++++++--- .../Windows/DxePaging_template_X64.html | 114 +++++++++++++++--- 2 files changed, 187 insertions(+), 37 deletions(-) diff --git a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html index 03762dd8d6..013d82a274 100644 --- a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html +++ b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html @@ -523,18 +523,34 @@

External Licenses

} **/ var SavedFilters = []; + SavedFilters.push({ + "Name": "NULL Page Check", + "Description": "NULL page should be EFI_MEMORY_RP", + "Filter": function (mrObject) { + var isTargetType = mrObject["System Memory"] === "NULL Page"; + var hasInvalidAttributes = mrObject["Access Flag"] !== "No"; + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("SpecialMemoryRegionsFilter", ["NULL Page"]); + return true; + } //end of configuring filter inputs + }); + SavedFilters.push({ "Name": "RW+X", "Description": "No memory range should have page attributes that allow read, write, and execute", "Filter": function (mrObject) { - if ((mrObject["Execute"] !== "Disabled") && (mrObject["Read/Write"] === "Enabled") && (mrObject["Access Flag"] === "Yes") && (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent")) { - return true; - } - return false; - }, //end of Filter function + isTargetType = (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent"); + hasInvalidAttributes = (mrObject["Execute"] === "Enabled") && + (mrObject["Read/Write"] === "Enabled") && + (mrObject["Access Flag"] === "Yes"); + return isTargetType && hasInvalidAttributes; + }, "ConfigureFilter": function () { $("button#ClearAllFilter").click(); //clear the filters - SetMultiselectTo("ExecuteFilter", ["UX", "PX", "UX/PX", "Enabled"]) + SetMultiselectTo("ExecuteFilter", ["Enabled"]) SetMultiselectTo("AccessFlagFilter", ["Yes"]) SetMultiselectTo("RWFilter", ["Enabled"]) SetMultiselectTo("MemorySpaceTypeFilter", @@ -553,14 +569,13 @@

External Licenses

"Name": "Data Sections are No-Execute", "Description": "Image data sections should be no-execute", "Filter": function (mrObject) { - if ((mrObject["Execute"] !== "Disabled") && (mrObject["Section Type"] === "DATA")) { - return true; - } - return false; + isTargetType = (mrObject["Section Type"] === "DATA"); + hasInvalidAttributes = (mrObject["Execute"] === "Enabled"); + return isTargetType && hasInvalidAttributes; }, //end of Filter function "ConfigureFilter": function () { $("button#ClearAllFilter").click(); //clear the filters - SetMultiselectTo("ExecuteFilter", ["UX", "PX", "UX/PX", "Enabled"]) + SetMultiselectTo("ExecuteFilter", ["Disabled"]) SetMultiselectTo("SectionFilter", ["DATA"]) return true; } //end of configuring filter inputs @@ -570,10 +585,9 @@

External Licenses

"Name": "Code Sections are Read-Only", "Description": "Image code sections should be read-only", "Filter": function (mrObject) { - if ((mrObject["Read/Write"] === "Enabled") && (mrObject["Section Type"] === "CODE")) { - return true; - } - return false; + isTargetType = (mrObject["Section Type"] === "CODE"); + hasInvalidAttributes = (mrObject["Read/Write"] === "Enabled"); + return isTargetType && hasInvalidAttributes; }, //end of Filter function "ConfigureFilter": function () { $("button#ClearAllFilter").click(); //clear the filters @@ -583,6 +597,58 @@

External Licenses

} //end of configuring filter inputs }); + SavedFilters.push({ + "Name": "MMIO Execute Check", + "Description": "MMIO ranges should be non executable", + "Filter": function (mrObject) { + var isTargetType = (mrObject["GCD Memory Type"] === "EfiGcdMemoryTypeMemoryMappedIo") || + (mrObject["Memory Type"] === "EfiMemoryMappedIO"); + var hasInvalidAttributes = (mrObject["Execute"] !== "Disabled") && + (mrObject["Access Flag"] !== "No"); + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("MemorySpaceTypeFilter", ["EfiGcdMemoryTypeMemoryMappedIo"]); + SetMultiselectTo("MemoryTypeFilter", ["EfiMemoryMappedIO"]); + SetMultiselectTo("ExecuteFilter", ["Enabled"]); + SetMultiselectTo("AccessFlagFilter", ["Yes"]); + return true; + } //end of configuring filter inputs + }); + + SavedFilters.push({ + "Name": "Free Memory Check", + "Description": "Free EFI memory should not be readable", + "Filter": function (mrObject) { + var isTargetType = mrObject["Memory Type"] === "EfiConventionalMemory"; + var hasInvalidAttributes = mrObject["Access Flag"] !== "No"; + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("MemoryTypeFilter", ["EfiConventionalMemory"]); + SetMultiselectTo("AccessFlagFilter", ["Yes"]); + return true; + } //end of configuring filter inputs + }); + + SavedFilters.push({ + "Name": "Check Memory Not in EFI Memory Map is Inaccessible", + "Description": "Memory not in the EFI memory map should cause a fault if accessed", + "Filter": function (mrObject) { + var isTargetType = mrObject["Memory Type"] === "None"; + var hasInvalidAttributes = mrObject["Access Flag"] !== "No"; + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("MemoryTypeFilter", ["None"]); + SetMultiselectTo("AccessFlagFilter", ["Yes"]); + return true; + } //end of configuring filter inputs + }); + //Fill in the test results tab SavedFilters.forEach(function (TestObject) { var FailedCount = EmbeddedJd.MemoryRanges.filter(TestObject.Filter); @@ -608,6 +674,16 @@

External Licenses

} }); + var testName = "Memory Attribute Protocol is Installed"; + var testDescription = "Checks if the platform produces the memory attribute protocol"; + if (IsMemoryAttributeProtocolPresent === "TRUE") { + var b = $("

" + testName + "

Description:" + testDescription + "
Status: Success

"); + b.appendTo("div#TestStatusListWrapper"); + } else { + var b = $("

" + testName + "

Description:" + testDescription + "
Status: Failed

"); + b.appendTo("div#TestStatusListWrapper"); + } + $('div#tabs-3 select.selectpicker').selectpicker("refresh").change(); //Show warning if there are parsing errors @@ -672,7 +748,6 @@

External Licenses

@ret boolean status of setting all requested values **/ function SetMultiselectTo(selectName, listOfValuesSelected) { - //var allOptions = $("select#" + selectName +" > option").map(function() { return $(this).val(); }).get(); //create array $.each($("select#" + selectName + " option"), function (i, v) { var index = listOfValuesSelected.indexOf($(v).text()); if (index > -1) { @@ -685,9 +760,6 @@

External Licenses

}); $("select#" + selectName).change(); $("select#" + selectName).selectpicker('refresh'); - listOfValuesSelected.forEach(function (v, i, a) { - AddAlert("Can't set " + selectName + " value to " + v, "warning"); - }); return (listOfValuesSelected.length === 0); } diff --git a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html index e51764f51b..8403a9c241 100644 --- a/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html +++ b/UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html @@ -545,13 +545,30 @@

External Licenses

**/ var SavedFilters = []; SavedFilters.push({ - "Name": "RW+X", "Description": "No memory range should have page attributes that allow read, write, and execute", + "Name": "NULL Page Check", + "Description": "NULL page should be EFI_MEMORY_RP", "Filter": function (mrObject) { - if ((mrObject["Execute"] === "Enabled") && (mrObject["Read/Write"] === "Enabled") && (mrObject["Present"] === "Yes") && (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent")) { - return true; - } - return false; + var isTargetType = mrObject["System Memory"] === "NULL Page"; + var hasInvalidAttributes = mrObject["Present"] !== "No"; + return isTargetType && hasInvalidAttributes; }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("SpecialMemoryRegionsFilter", ["NULL Page"]); + return true; + } //end of configuring filter inputs + }); + + SavedFilters.push({ + "Name": "RW+X", + "Description": "No memory range should have page attributes that allow read, write, and execute", + "Filter": function (mrObject) { + isTargetType = (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent"); + hasInvalidAttributes = (mrObject["Execute"] === "Enabled") && + (mrObject["Read/Write"] === "Enabled") && + (mrObject["Present"] === "Yes"); + return isTargetType && hasInvalidAttributes; + }, "ConfigureFilter": function () { $("button#ClearAllFilter").click(); //clear the filters SetMultiselectTo("ExecuteFilter", ["Enabled"]) @@ -570,11 +587,12 @@

External Licenses

}); SavedFilters.push({ - "Name": "Data Sections are No-Execute", "Description": "Image data sections should be no-execute", "Filter": function (mrObject) { - if ((mrObject["Execute"] === "Enabled") && (mrObject["Section Type"] === "DATA")) { - return true; - } - return false; + "Name": "Data Sections are No-Execute", + "Description": "Image data sections should be no-execute", + "Filter": function (mrObject) { + isTargetType = (mrObject["Section Type"] === "DATA"); + hasInvalidAttributes = (mrObject["Execute"] === "Enabled"); + return isTargetType && hasInvalidAttributes; }, //end of Filter function "ConfigureFilter": function () { $("button#ClearAllFilter").click(); //clear the filters @@ -585,11 +603,12 @@

External Licenses

}); SavedFilters.push({ - "Name": "Code Sections are Read-Only", "Description": "Image code sections should be read-only", "Filter": function (mrObject) { - if ((mrObject["Read/Write"] === "Enabled") && (mrObject["Section Type"] === "CODE")) { - return true; - } - return false; + "Name": "Code Sections are Read-Only", + "Description": "Image code sections should be read-only", + "Filter": function (mrObject) { + isTargetType = (mrObject["Section Type"] === "CODE"); + hasInvalidAttributes = (mrObject["Read/Write"] === "Enabled"); + return isTargetType && hasInvalidAttributes; }, //end of Filter function "ConfigureFilter": function () { $("button#ClearAllFilter").click(); //clear the filters @@ -599,6 +618,58 @@

External Licenses

} //end of configuring filter inputs }); + SavedFilters.push({ + "Name": "MMIO Execute Check", + "Description": "MMIO ranges should be non executable", + "Filter": function (mrObject) { + var isTargetType = (mrObject["GCD Memory Type"] === "EfiGcdMemoryTypeMemoryMappedIo") || + (mrObject["Memory Type"] === "EfiMemoryMappedIO"); + var hasInvalidAttributes = (mrObject["Execute"] !== "Disabled") && + (mrObject["Present"] !== "No"); + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("MemorySpaceTypeFilter", ["EfiGcdMemoryTypeMemoryMappedIo"]); + SetMultiselectTo("MemoryTypeFilter", ["EfiMemoryMappedIO"]); + SetMultiselectTo("ExecuteFilter", ["Enabled"]); + SetMultiselectTo("PresentFilter", ["Yes"]); + return true; + } //end of configuring filter inputs + }); + + SavedFilters.push({ + "Name": "Free Memory Check", + "Description": "Free EFI memory should not be readable", + "Filter": function (mrObject) { + var isTargetType = mrObject["Memory Type"] === "EfiConventionalMemory"; + var hasInvalidAttributes = mrObject["Present"] !== "No"; + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("MemoryTypeFilter", ["EfiConventionalMemory"]); + SetMultiselectTo("PresentFilter", ["Yes"]); + return true; + } //end of configuring filter inputs + }); + + SavedFilters.push({ + "Name": "Check Memory Not in EFI Memory Map is Inaccessible", + "Description": "Memory not in the EFI memory map should cause a fault if accessed", + "Filter": function (mrObject) { + var isTargetType = mrObject["Memory Type"] === "None"; + var hasInvalidAttributes = mrObject["Present"] !== "Yes"; + return isTargetType && hasInvalidAttributes; + }, //end of Filter function + "ConfigureFilter": function () { + $("button#ClearAllFilter").click(); //clear the filters + SetMultiselectTo("MemoryTypeFilter", ["None"]); + SetMultiselectTo("PresentFilter", ["Yes"]); + return true; + } //end of configuring filter inputs + }); + //Fill in the test results tab SavedFilters.forEach(function (TestObject) { var FailedCount = EmbeddedJd.MemoryRanges.filter(TestObject.Filter); @@ -624,6 +695,16 @@

External Licenses

} }); + var testName = "Memory Attribute Protocol is Installed"; + var testDescription = "Checks if the platform produces the memory attribute protocol"; + if (IsMemoryAttributeProtocolPresent === "TRUE") { + var b = $("

" + testName + "

Description:" + testDescription + "
Status: Success

"); + b.appendTo("div#TestStatusListWrapper"); + } else { + var b = $("

" + testName + "

Description:" + testDescription + "
Status: Failed

"); + b.appendTo("div#TestStatusListWrapper"); + } + $('div#tabs-3 select.selectpicker').selectpicker("refresh").change(); //Show warning if there are parsing errors @@ -701,9 +782,6 @@

External Licenses

}); $("select#" + selectName).change(); $("select#" + selectName).selectpicker('refresh'); - listOfValuesSelected.forEach(function (v, i, a) { - AddAlert("Can't set " + selectName + " value to " + v, "warning"); - }); return (listOfValuesSelected.length === 0); }