mu_basecore icon indicating copy to clipboard operation
mu_basecore copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Apply EFI_MEMORY_RP on Free Memory

Open TaylorBeebe opened this issue 1 year ago • 2 comments

Description

This PR makes the necessary changes to apply EFI_MEMORY_RP on EfiConventionalMemory and adds a memory protection policy to configure the setting.

  • [x] Impacts functionality?
    • Functionality - Does the change ultimately impact how firmware functions?
    • Examples: Add a new library, publish a new PPI, update an algorithm, ...
  • [x] Impacts security?
    • Security - Does the change have a direct security impact on an application, flow, or firmware?
    • Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ...
  • [x] Breaking change?
    • Breaking change - Will anyone consuming this change experience a break in build or boot behavior?
    • Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ...
  • [ ] Includes tests?
    • Tests - Does the change include any explicit test code?
    • Examples: Unit tests, integration tests, robot tests, ...
  • [ ] Includes documentation?
    • Documentation - Does the change contain explicit documentation additions outside direct code modifications (and comments)?
    • Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ...

How This Was Tested

Tested by running the DXE Paging Audit on Q35 and SBSA with various memory protection profiles.

Integration Instructions

Platforms which use pre-built binaries of Mu repos will need to rebuild them to sync the memory protection policy between all modules.

TaylorBeebe avatar Mar 13 '24 21:03 TaylorBeebe

Codecov Report

Attention: Patch coverage is 0% with 61 lines in your changes are missing coverage. Please review.

Project coverage is 1.22%. Comparing base (c3d12d3) to head (102db66).

Files Patch % Lines
MdeModulePkg/Core/Dxe/Mem/HeapGuard.c 0.00% 44 Missing :warning:
MdeModulePkg/Core/Dxe/Mem/Page.c 0.00% 10 Missing :warning:
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c 0.00% 5 Missing :warning:
...eModulePkg/Core/Dxe/Misc/MemoryProtectionSupport.c 0.00% 2 Missing :warning:
Additional details and impacted files 
@@               Coverage Diff               @@
##           release/202311     #768   +/-   ##
===============================================
  Coverage            1.22%    1.22%           
===============================================
  Files                1303     1303           
  Lines              335757   335676   -81     
  Branches             3183     3183           
===============================================
  Hits                 4118     4118           
+ Misses             331563   331482   -81     
  Partials               76       76
Flag Coverage Δ
MdeModulePkg 0.68% <0.00%> (+<0.01%) :arrow_up:
MdePkg 5.37% <ø> (ø)
NetworkPkg 0.00% <ø> (ø)
PolicyServicePkg 30.41% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter avatar Mar 13 '24 22:03 codecov-commenter

The following PRs should go in before this one:

  1. https://github.com/microsoft/mu_silicon_arm_tiano/pull/220
  2. https://github.com/microsoft/mu_tiano_platforms/pull/876
  3. https://github.com/microsoft/mu_plus/pull/450

TaylorBeebe avatar Mar 14 '24 15:03 TaylorBeebe