[REBASE && FF] Update Paging Audit File Collection to Defer Free/Allocate Calls, Fix SMM Parsing #450
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TaylorBeebe
changed the title
TaylorBeebe
force-pushed
the
paging_audit_driver_updates
branch
4 times, most recently
from
0a5ff1b to
a8b59c2
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release/202311 #450 +/- ##
===============================================
Coverage 12.11% 12.11%
===============================================
Files 110 110
Lines 19024 19024
Branches 1735 1735
===============================================
Hits 2305 2305
Misses 16687 16687
Partials 32 32
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
TaylorBeebe
force-pushed
the
paging_audit_driver_updates
branch
from
a8b59c2 to
300cc77
Compare
TaylorBeebe
changed the title
TaylorBeebe
force-pushed
the
paging_audit_driver_updates
branch
from
300cc77 to
faf6cd8
Compare
github-actions
bot
added
the
language:python
Table entries were being collected but are not used
in the paging audit. While they could be used to
check heritable attributes, the PDE entries would
need to be split by level which makes determining
heritabiliy difficult. Instead, FlatPageTableLib
can be used in the future to check heritability.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA by running the paging audit with various memory protection profiles.
Integration Instructions
N/A
Description
Instead of having the globals in the driver and the app, move them
to the common file.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA by running the paging audit with various memory protection profiles.
Integration Instructions
N/A
Description
While collecting platform paging and memory info, freeing and
allocating memory will potentially changed the memory
layout and corrupt the test results. Because allocating and
freeing memory only transitions memory type between
EfiConventionalMemory and EfiBootServicesMemory (which are required
to have the same memory protection policy), this nuance didn't matter
much. However, as the DXE core is updated to support more strict
protections on free memory, this nuance will matter.
This patch updates the data collection routines to calculate and
allocate all required memory before fetching the memory map and
collecting page table data.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA by running the paging audit with various
memory protection profiles.
Integration Instructions
N/A
When parsing the x86 page table entries, the physical address
bits value collected is used to mask the page bytes. However,
this is unnecessary and incorrect as currently written.
The physical address bits value should be left shifted by 12 bits
to isolate the physical address bits. Even if we do this, the
masking is unnecessary because the physical address bits are
masked when reading the page table bytes.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA by running the paging audit with various
memory protection profiles.
Tested on an SMM-enabled Surface device.
Integration Instructions
N/A
The SMM paging audit needed to be updated to match the improvements
made to the DXE audit.
This change:
1. Reformats the SMM HTML template
2. Fixes the parsing of GDT and IDT entries
3. Adds the platform info data collection
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA by running the paging audit with various
memory protection profiles.
Tested on an SMM-enabled Surface device.
Integration Instructions
N/A
TaylorBeebe
force-pushed
the
paging_audit_driver_updates
branch
from
faf6cd8 to
c6617fb
Compare
os-d
approved these changes
Mar 18, 2024
kenlautner
approved these changes
Mar 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
How This Was Tested
Tested on Q35 and SBSA by running the paging audit with various memory protection profiles. The SMM audit was tested on an SMM-enabled Surface platform.
Integration Instructions
N/A