зеркало из https://github.com/microsoft/mu_plus.git
167 Коммитов
| Автор | SHA1 | Сообщение | Дата |
|---|---|---|---|
Taylor Beebe
|
69dda0b597
|
Add StackCheckLib Instances to Platform DSC Files (#446)
## Description
An instance of StackCheckLib must be in each DSC to accommodate
-fstack-protector and /GS flags.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested in pipelines
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
1f5c696742
|
Remove Pre-Split MemoryProtectionTestApp Files (#405)
## Description
|
|
|
Taylor Beebe
|
f95d40a42b
|
Fix DxePagingAuditTestApp Typo, Update FlatPageTableLib AARCH64 IsPageReadable() Check (#402)
## Description
DxePagingAuditTestApp: When checking an image section characteristics, a
bitmasking is done which incorrectly includes a logical OR instead of a
bitwise OR.
FlatPageTableLib: The AARCH64 IsPageReadable() routine correctly checks
for the no access, r/w case (0b00) but not the r/w, r/w case (0b01)
because both 0b11 and 0b01 would pass the latter check.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on a Surface ARM platform and SBSA
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
2c40f8a82a
|
DxePagingAudit: Skip Stack Publishing if Stack Info Isn't Valid (#400)
## Description
The MemoryInfoDatabase.dat file contains information about the content
of memory regions. If an entry in the database file is invalid, it will
break the generation of the paging audit. Before adding the stack info
to the database file, check that the stack size is greater than zero.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on Q35 by generating the paging audit
## Integration Instructions
N/A
|
|
Taylor Beebe
|
f79fe549fc |
DxePagingAudit: Update Shell Tests to Use the Validate Function
Description
This patch updates the shell tests to use the validate function from
the previous patch. This allows the tests to be more exact in reporting
regions which do not meet the memory protection security bar.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 by running the app.
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
c04bc553d5 |
DxePagingAudit: Add Function to Check Attributes Using GetRegionAccessAttributes()
Description
ValidatePageTableAttributes() is a function that validates the attributes
of the input memory region. It uses GetRegionAccessAttributes() to get
the attributes of the region and compares them to the
attributes passed in. This function will be used by each test case
to check that the page/translation table attributes match the memory
protection requirements.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 by running the app with the following patch.
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
93a6a350c5 |
DxePagingAudit: Pre-allocate Memory For Maps in Shell Tests
Description
The page table map, EFI memory map, and EFI memory space map all
describe the layout of the system address space. Because of this,
if allocations are performed while these maps are being generated,
then the maps generated the earliest will be inaccurate. This
change pre-allocates the memory for these maps before they are
generated to ensure that the maps are consistent.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 by running the app with the following patch.
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
c0279a4589 |
FlatPageTableLib: Update GetRegionAccessAttributes()
Description
GetRegionAccessAttributes() takes an input region description and page
table map and outputs the attributes of that region. Because it's
common for multi-page regions to have varying attributes, the patch
updates the function to return the attributes of the first
attribute-contiguous range found in the region and report the actual
size of that range. This allows the caller to collect the attributes
of the region by calling the function repeatedly instead of needing
to guess which subsection of the region has contiguous attributes.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 by running the function.
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
9156848eb6 |
FlatPageTableLib: Add a Dump Table Function
Description
This patch adds a function to dump the contents of a flat page
table to the console. This is useful for debugging.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 by running the function.
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
ce6280a3c0 |
DxePagingAudit: Always Write Out All Files
Description
This updates the paging audit to always write out all .dat files
even if the buffers are empty. The presence of the file acts
as a receipt that the audit was run successfully and helps with
automated unit testing.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 by creating the paging audit.
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
ef5218ab09
|
DxePagingAudit: Update MemoryOutsideEfiMemoryMapIsInaccessible Test (#381)
## Description
1. MemoryOutsideEfiMemoryMapIsInaccessible checks if memory not present
in the EFI memory map has the EFI_MEMORY_RP attribute. The previous
version of this test assumed that the memory range spanned by the EFI
memory map was contiguous which is sometimes not the case on platforms.
This update changes the flow of the test to look at interstitial gaps in
the memory map and not just those on the flanks.
2. The EFI memory map returned through the boot services table is
sometimes out of order. This update sorts the memory map and memory
space map whenever they're populated for a test.
3. The X64 MemoryOutsideEfiMemoryMapIsInaccessible HTML test had a typo
which is fixed in this update.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on Q35 and ARM
## Integration Instructions
N/A
|
|
kuqin12
|
36cec67a40
|
Minor debug print updates for DxePagingAuditTestApp (#382)
## Description
This change updated some print levels and added the PDB name for images
being looked at.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on proprietary virtual ARM platform and verified updated prints
works as expected.
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
f5354997ae
|
Split MemoryProtectionTestApp to DXE and SMM Versions (#379)
## Description
MemoryProtectionTestApp was written before Project Mu supported an ARM
platform and Standalone MM. The test app generates the test cases for
both the SMM and DXE environments. The SMM tests will report failure for
Arm platforms and platforms using Standalone MM, so this update
separates the test app into SMM and DXE versions.
The SMM version will still require a driver to handle the SMI calls. To
reduce confusing naming, MemoryProtectionTestSmm (the driver supporting
SMM memory protection testing) has been renamed to
SmmMemoryProtectionTestDriver.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
SMM test was checked on a physical x86 platform. The DXE test was
checked on Q35 and SBSA
## Integration Instructions
Instances of
`
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/MemoryProtectionTestApp.inf
`
will need to be updated to
`UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/SmmMemoryProtectionTestApp.inf
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/App/DxeMemoryProtectionTestApp.inf
`
And instances of
`
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/Smm/MemoryProtectionTestSmm.inf
`
will need to be updated to
`
UefiTestingPkg/FunctionalSystemTests/MemoryProtectionTest/Driver/SmmMemoryProtectionTestDriver.inf
`
|
|
|
Taylor Beebe
|
b8145972da
|
MemoryProtectionTestApp: Separate Reset Method Init to Arch Specific Files (#376)
## Description
The reset test method is not supported on ARM platforms currently
(support will be added later, but it's not high priority because this
test method often takes 40+ minutes). This PR separates the
initialization of this testing method to architecture specific logic so
the test method is not attempted on ARM platforms.
This also fixes a build error on ARM platforms caused by
DefaultExceptionHandlerLib being included (which does not support
UEFI_APPLICATION without a MU override).
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Running the updated test app on Q35 and SBSA
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
e4ca465d91
|
Add Unaccepted Memory Type to Memory Protection Test App (#371)
## Description
EDK2 added EfiUnacceptedMemoryType to the memory type list. This update
adds this memory type to the memory protection test app and skips it
because it is not allocatable.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on Q35
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
792a81eba8
|
Use New Stack Cookie Library (#367)
## Description
Update one DSC file to use the new stack cookie library, and
MdePkg/MdeLibs.dsc.inc contains the definitions for the new stack cookie
libraries for the remaining DSC files.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [x] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on Q35 GCC and MSVC builds
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
4ca8d648e2 |
Paging Audit: Add 5 Tests to HTML Templates
Description
Adds the following tests to the HTML templates:
1. Test that the NULL page is EFI_MEMORY_RP
2. Check that MMIO memory is non-executable.
3. Check that EfiConventionalMemory is non-executable.
4. Check that memory not in the EFI memory map is not accessible.
5. Check that the memory attribute protocol is present on the platform.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
b4f1594135 |
Paging Audit: Refactor Filter Logic and add Logical OR Filtering
Description
1. Refactor the filtering logic to be more general instead of requiring
an update function for each filterable column.
2. Add a toggle to the filter logic to switch between logical AND
and logical OR filtering when comparing column values in each
row. This is a nice to have feature when parsing the data.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
43bd789b7c |
Paging Audit: Make Header in Memory Data Tab Horizontally Scrollable
Description
Make the header in the Memory Data tab horizontally scrollable
so that when scrolling through the data, the header is always
aligned.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
26e2e45741 |
Paging Audit: Reformat HTML Templates
Description
Auto-format the HTML templates according to the default HTML formatter
in vscode.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
N/A
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
c54d64347d |
Bugfix: Ensure EntryCount is Updated in AArch64 CreateFlatPageTable()
Description
When the input PAGE_MAP in CreateFlatPageTable() doesn't have enough
memory to hold the flat page table, the function will return
EFI_BUFFER_TOO_SMALL. This fixes this return case to also update the
EntryCount in the PAGE_MAP so that the caller can know how many entries
are needed.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
4ab7c89787 |
Paging Audit: Skip Collecting Invalid Pages on AArch64
Description
The valid bit is no longer displayed on the AArch64 paging audit
output, so unmapped pages shouldn't be collected in the .dat files.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
8b73b5bd78 |
Paging Audit: Collect Memory Attribute Protocol Data
Description
Collects the Memory Attribute Protocol presence data in
PlatformInfo.dat and adds its value to the output HTML report.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
972c92703b |
Paging Audit: Minor Formatting Fixes in Shell App
Description
Fixes minor formatting issues in DxePagingAuditTestApp.c.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
N/A
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
0b235e6e4c |
Paging Audit: Add 8 Tests to Shell App
Description
This change adds 8 tests to the paging audit shell app. Which check
the following:
1. Unallocated memory is EFI_MEMORY_RP
2. Memory Attribute Protocol is present
3. Calls to allocate pages and pools return buffers with restrictive access attributes
4. NULL page is EFI_MEMORY_RP
5. MMIO Regions are Non Executable
6. Image code sections are EFI_MEMORY_RO and and data sections are EFI_MEMORY_XP
7. BSP stack is EFI_MEMORY_XP and has EFI_MEMORY_RP guard page
8. Memory outside of the EFI Memory Map is inaccessible
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
277d45568c |
Update DxePagingAudit to use FlatPageTableLib
Description
Now that FlatPageTableLib is available, update DxePagingAudit to use
it instead of needing to implement its own parsing logic.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [x] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested on Q35 and SBSA by adding a temporary test to check the output
of the Memory Attribute Protocol against the output of
FlatPageTableLib.
Integration Instructions
An instance of FlatPageTableLib will need to be added to platforms
which build the paging audit.
|
|
|
Taylor Beebe
|
af263a940d |
Add FlatPageTableLib
Description
Creates a new library, FlatPageTableLib, which works on X64 and AARCH64
platforms and converts the page table to a "flat" version. The flat
version is a one-dimensional array where each entry is an address,
a length, and attributes. The library will walk the page/translation
table and combine blocks/leaves with the same attributes into a single
entry in the flat array. The attributes mask for each architecture is
defined in the header and includes both the upper and lower block/leaf
attributes. On both X64 and AARCH64, the hierarchical inheritance of
attributes is factored into the determination of block/leaf attributes.
This allows the consumer of the library to easily check the attributes
of any region in the page/translation table.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Tested by running the paging audit on SBSA and Q35 and by comparing
the output against the Memory Attribute Protocol
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
c528cb5ac7 |
Spellcheck Fixes
Description
Fixes misspellings found in CI.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
N/A
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
ac481a42ef
|
Bugfix: Fix Off by One Error When Creating X64 PlatformInfo.dat (#317)
## Description
AsciiSPrint() returns the string index non-inclusive of the NULL
terminator, so adding 1 to the returned string index causes a NULL byte
to be at the end of the PlatformInfo.dat file which can cause a parsing
error when interpreted in .csv format in python.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on Q35
## Integration Instructions
N/A
|
|
Michael Kubacki
|
e5f9bd7331
|
Integrate UefiCpuLib breaking change (#304)
## Description
Updates the repo for a change that merged UefiCpuLib with CpuLib.
UefiCpuLib will be removed entirely soon so all references are updated
to CpuLib.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
- Repo CI build
- Platform integration build (in QemuQ35Pkg)
## Integration Instructions
N/A
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
|
|
|
Taylor Beebe
|
e01181d145 |
Interpret AARCH64 XN Bits According to Execution Level
Description
Check the Execution Level of the platform (if it's AACH64) when
interpreting the XN bits.
For each item, place an "x" in between `[` and `]` if true. Example: `[x]`.
_(you can also check items in the GitHub UI)_
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Running the Paging Audit in QemuQ35Pkg and QemuSbsaPkg
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
1a1799ee95 |
Create PlatformInfo.dat File in Paging Audit Processor Logic
Description
PlatformInfo.dat will contain information required to parse the
page tables. Some info contained in the PlatformInfo.dat file.
Type/Phase and Architecture needed to be passed in via the command
line. Bitwidth was published as a memory range object and needed
a hack in the script to be consumed. Execution Level was not previously
published and is needed to correctly parse the bits of AARCH64 pages.
For each item, place an "x" in between `[` and `]` if true. Example: `[x]`.
_(you can also check items in the GitHub UI)_
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Running the Paging Audit in QemuQ35Pkg and QemuSbsaPkg
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
c0d44c4584
|
Update UXN/PXN Parsing and Fix Filters in Paging Audit (#290)
## Description
1. Update the HTML/Javascript filters for RWX to not include
GcdNonExistent regions
2. Combine the UX and PX fields into one Execute field to make it easier
to check for RWX regions
3. Update the filters to not fail if the multiselect call fails to
select all options. This can occur if one of the options does not exist
in the paging audit.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Running the paging audit on Q35 and SBSA
## Integration Instructions
N/A
|
|
Joey Vagedes
|
1e7d11ac55
|
ci.yaml: add PrEval entry (#267)
## Description
Adds PrEval entries for all packages to enable the new PrEval Policy 5.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
N/A
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
8502050c0e |
Update BootAuditTestApp to Correctly Test Load Option Variables (#256)
## Description BootAuditTestApp tests the variable policy for the SysPrep####, PlatformRecovery####, and Driver#### variables by attempting to get and set the variables. When calling SetVariable with one of these three variables, VarCheckLib will sanity check the variable data and return EFI_INVALID_PARAMETER if the data is not a valid load option. Because we want to check if the variables are writable, we need to create properly formatted data before calling SetVariable. This PR uses the DevicePath of the running EFI application to create a load option to properly test the writability of the boot option variables securely. Fixes Issue https://github.com/microsoft/mu_plus/issues/252 - [x] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [x] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... ## How This Was Tested Tested on Q35 ## Integration Instructions N/A |
|
|
Taylor Beebe
|
933c7b2940 |
Reduce RWX Test UT_LOG Verbosity in DxePagingAuditTestApp (#257)
## Description
There are often many ranges exempt from the RWX test, and printing every
exempt region to the log can overflow the XML buffer and result in the
actual failing ranges not to be printed.
To reduce the likelihood of missing failing ranges in the output XML,
this PR removes the UT_LOG calls for exempt regions.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Running on Q35
## Integration Instructions
N/A
|
|
|
kuqin12
|
99b466b00f
|
Continue power management on disabled APs (#243)
# Preface Please ensure you have read the [contribution docs](https://github.com/microsoft/mu/blob/master/CONTRIBUTING.md) prior to submitting the pull request. In particular, [pull request guidelines](https://github.com/microsoft/mu/blob/master/CONTRIBUTING.md#pull-request-best-practices). ## Description Current implementation will stop the execution on the APs that are disabled. This behavior will prevent the test suites from full validation, as some cores might be disabled by design. This change will add a check prior to core power management operations and proceed with the other cores if the AP of interest is disabled. For each item, place an "x" in between `[` and `]` if true. Example: `[x]`. _(you can also check items in the GitHub UI)_ - [x] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [x] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... ## How This Was Tested This was tested on ARM FVP virtual platform with 16 cores. A shell based unit test is used for validation. ## Integration Instructions N/A |
|
Taylor Beebe
|
23ca29bee2 |
Restructure the MemoryProtectionTestApp
Description
This update adds comments throughout the MemoryProtectionTestApp.c file
to better explain the purpose of each function and the overall flow
of the application. It also removes unused functions and makes some
minor updates to the minor logic changes to the Reset testing
method.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [x] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Running the test on Q35 and SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
d974efc5e6 |
Enable Using the Memory Attribute Protocol in MemoryProtectionTestApp
Description
MemoryProtectionTestApp traditionally operates by violating every memory protection and either clearing the faults or performing a warm reset. This PR adds a third method of running the test through the use of the memory attribute protocol. Instead of intentionally causing faults, this method checks the attributes of the region which should fault against the expected protection attributes.
Using the Memory Attribute Protocol will be the default way of running the test, but the user can now identify their preferred testing method by passing in arguments when running the test app.
--WarmReset: Test will be run by violating the memory protection policy with the expectation that the system will reboot each time. The test will take roughly 45 minutes to run with a strict protection policy.
--ClearFaults: Test will be run by violating the memory protection policy with the expectation that the exception handler will clear the faulting page(s) and allow the test to continue. The test will take <5 seconds to run with a strict protection policy.
--MemoryAttribute:The protection policy will be validated by using the Memory Attribute Protocol to get the memory attributes of the page(s) which are expected to be protected. The test will take <5 seconds to run with a strict protection policy.
NOTE: The Memory Attribute Protocol uses the core memory manager to determine paging attributes. If there is a bug in the memory manager, this may manifest in incorrect output from the protocol and an invalid test result. The most robust way to run the test is to use the ClearFaults or WarmReset methods as it will actually trigger faults through CPU page/translation table walks.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [x] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Running the test on Q35
Integration Instructions
N/A
|
|
Chris Fernald
|
c9de3a7444 |
Fix invalid bytes in INF file leading to build warnings (#229)
## Description Fixes invalid bytes preceding the first UTF-8 bytes in the MemoryAttributeProtocolFuncTestApp.inf. This fixes build warnings that are occurring in the MU_PLUS CI and Platform builds. - [ ] Impacts functionality? - [ ] Impacts security? - [ ] Breaking change? - [ ] Includes tests? - [ ] Includes documentation? ## How This Was Tested Successfully built locally. ## Integration Instructions N/A |
|
Marvin Häuser
|
e68b5b23d7 |
UefiTestingPkg/MemmapAndMatTestApp: Fix memory map entry overlap check (#218)
## Description Due to utilizing the `A_IS_BETWEEN_B_AND_C` macro, equality to the start and end addresses is currently not considered for the memory map entry overlap checks within the same map. However, e.g., duplicate entries within the same map should be detected as a malformation. Introduce a new overlap macro to detect those cases. ## How This Was Tested We discovered MAT corruption with duplicate entries due to a downstream bug. MemmapAndMatTestApp does not detect this malformation as-is. With the change, both corrupted and corrected MATs yield the expected test results with MemmapAndMatTestApp. ## Integration Instructions N/A Co-authored-by: Aaron <105021049+apop5@users.noreply.github.com> |
|
|
Taylor Beebe
|
36192f5667 |
Update Paging Audit Parsing Script to Better Handle Page Splitting (#220)
## Description
When working through the page table, it's possible page groups should be
split if there is an image or system memory type present in that range.
Also, not all objects which can be interpreted as memory ranges have set
(non-None) VirtualStart or NumberOfPages fields for debug printing.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Running on SBSA and Q35 produced page tables
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
9902b851a4 |
Add Support for the Parsing of the Access Flag Bit in the Paging Audit Windows Scripts
Description
Add support for the Access Flag to the paging audit Windows scripts. The
Access Flag bit is analogous to the Valid bit on X64.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Running the test on SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
fde349b546 |
Update the AARCH64 Translation Table Guard Page Collection to Check the Access Flag
Description
Update the PagingAuditProcessor.c to parse check guard pages using
the access flag (AF) bit.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
How This Was Tested
Running the test on SBSA
Integration Instructions
N/A
|
|
|
Taylor Beebe
|
fe3079b0c5 |
Bugfix: Update the Paging Audit Parsing Script to Properly Capture UXN and PXN Bits
Description
Fix the parsing of ARM translation table UXN and PXN bits.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
Running the test on SBSA
N/A
|
|
|
Taylor Beebe
|
5bf218b183 |
Remove Optimizations from MemoryProtectionTestApp GCC5 Build Command (#212)
## Description
Runs of the MemoryProtectionTestApp on GCC5 builds can cause an invalid
opcode after returning from a cleared exception due to the insertion of
the "ud2" instruction after a NULL dereference.
"[ud2] Generates an invalid opcode. This instruction is provided for
software testing to explicitly generate an invalid opcode. The opcode
for this instruction is reserved for this purpose. Other than raising
the invalid opcode exception, this instruction is the same as the NOP
instruction. This instruction's operation is the same in non-64-bit
modes and 64-bit mode."
Because we are purposefully dereferencing NULL, we don't want these
instructions inserted. Turning off optimizations solves this problem.
- [x] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Running the test on Q35 GCC5 build
## Integration Instructions
N/A
|
|
|
kuqin12
|
2f4e1d2525 |
Added the cache flushing before sending to C3 and fixing a stack mis-calculation (#206)
# Preface Please ensure you have read the [contribution docs](https://github.com/microsoft/mu/blob/master/CONTRIBUTING.md) prior to submitting the pull request. In particular, [pull request guidelines](https://github.com/microsoft/mu/blob/master/CONTRIBUTING.md#pull-request-best-practices). ## Description This change fixed an issue when suspending the BSP to C3, the returned context could be randomly corrupted, which was due to the core number calculation was incorrect, which made the BSP uses the beginning of allocated buffer as the stack bottom. In the meantime, not flushing the cache makes the debugger not able to identify the memory write through stack pointer corruptions. This change should fix both of them. For each item, place an "x" in between `[` and `]` if true. Example: `[x]`. _(you can also check items in the GitHub UI)_ - [x] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... ## How This Was Tested This is verified on proprietary hardware platform. ## Integration Instructions N/A |
|
|
Taylor Beebe
|
0a371f5bf2 |
Add AARCH64 RWX Test to DxePagingAuditApp (#201)
## Description
Add functionality to the common app logic and an
AARCH64 implementation of the RWX test.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Tested on Q35 and SBSA
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
0866321f90 |
Add MemoryAttributeProtocolFuncTestApp (#192)
## Description
This test used to reside in MdePkg, but because an AARCH64
implementation needed to be added to the test which necessitated a
dependency on ArmPkg, the test needed to be removed from MdePkg to
adhere to our rule of no dependencies from MU_BASECORE to other repos.
This PR adds the test app with the added AARCH64 implementation and
rewrites the X64 page split test to remove the need for structs
representing each page table level.
- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
flow, or firmware?
- Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
- **Tests** - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
on an a separate Web page, ...
## How This Was Tested
Running on Q35 and SBSA
## Integration Instructions
N/A
|
|
|
Taylor Beebe
|
36d456bfcb |
Update the Paging Audit Readme to Reflect Recent Changes (#196)
## Description Updates the readme of the paging audit to provide instructions for how to use the app and driver. #102 - [ ] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [x] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... ## How This Was Tested N/A ## Integration Instructions N/A |