summaryrefslogtreecommitdiffstats
path: root/OvmfPkg/Sec
diff options
context:
space:
mode:
authorLaszlo Ersek <lersek@redhat.com>2015-11-30 18:41:20 +0000
committerlersek <lersek@Edk2>2015-11-30 18:41:20 +0000
commit9beac0d847bf9c299fe6c05b0fe7041a75bffa67 (patch)
treea8853eb7d340a3bb30c61f398aafa6ab48da1cb9 /OvmfPkg/Sec
parent320b4f084a256e16a7f0cbfa5f0b5c8e0bb1a0ac (diff)
downloadedk2-9beac0d847bf9c299fe6c05b0fe7041a75bffa67.tar.gz
edk2-9beac0d847bf9c299fe6c05b0fe7041a75bffa67.tar.bz2
edk2-9beac0d847bf9c299fe6c05b0fe7041a75bffa67.zip
OvmfPkg: Sec: assert the build-time calculated end of the scratch buffer
The DecompressMemFvs() function in "OvmfPkg/Sec/SecMain.c" uses more memory, temporarily, than what PEIFV and DXEFV will ultimately need. First, it uses an output buffer for decompression, second, the decompression itself needs a scratch buffer (and this scratch buffer is the highest area that SEC uses). DecompressMemFvs() used to be called on normal boots only (ie. not on S3 resume), which is why the decompression output buffer and the scratch buffer were allowed to scribble over RAM. However, we'll soon start to worry during S3 resume that the runtime OS might tamper with the pre-decompressed PEIFV, and we'll decompress the firmware volumes on S3 resume too, from pristine flash. For this we'll need to know the end of the scratch buffer in advance, so we can prepare a non-malicious OS for it. Calculate the end of the scratch buffer statically in the FDF files, and assert in DecompressMemFvs() that the runtime decompression will match it. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19036 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'OvmfPkg/Sec')
-rw-r--r--OvmfPkg/Sec/SecMain.c8
-rw-r--r--OvmfPkg/Sec/SecMain.inf1
2 files changed, 9 insertions, 0 deletions
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 0cf127af84..93e3594e29 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -362,6 +362,14 @@ DecompressMemFvs (
OutputBuffer = (VOID*) ((UINT8*)(UINTN) PcdGet32 (PcdOvmfDxeMemFvBase) + SIZE_1MB);
ScratchBuffer = ALIGN_POINTER ((UINT8*) OutputBuffer + OutputBufferSize, SIZE_1MB);
+
+ DEBUG ((EFI_D_VERBOSE, "%a: OutputBuffer@%p+0x%x ScratchBuffer@%p+0x%x "
+ "PcdOvmfDecompressionScratchEnd=0x%x\n", __FUNCTION__, OutputBuffer,
+ OutputBufferSize, ScratchBuffer, ScratchBufferSize,
+ PcdGet32 (PcdOvmfDecompressionScratchEnd)));
+ ASSERT ((UINTN)ScratchBuffer + ScratchBufferSize ==
+ PcdGet32 (PcdOvmfDecompressionScratchEnd));
+
Status = ExtractGuidedSectionDecode (
Section,
&OutputBuffer,
diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
index 415731ce54..9e8571dddd 100644
--- a/OvmfPkg/Sec/SecMain.inf
+++ b/OvmfPkg/Sec/SecMain.inf
@@ -70,3 +70,4 @@
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress
gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDecompressionScratchEnd