Skip to content

Commit

Permalink
Paging Audit: Add 5 Tests to HTML Templates
Browse files Browse the repository at this point in the history 
Description

Adds the following tests to the HTML templates:

1. Test that the NULL page is EFI_MEMORY_RP
2. Check that MMIO memory is non-executable.
3. Check that EfiConventionalMemory is non-executable.
4. Check that memory not in the EFI memory map is not accessible.
5. Check that the memory attribute protocol is present on the platform.

- [x] Impacts functionality?
  - **Functionality** - Does the change ultimately impact how firmware functions?
  - Examples: Add a new library, publish a new PPI, update an algorithm, ...
- [ ] Impacts security?
  - **Security** - Does the change have a direct security impact on an application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- [ ] Breaking change?
  - **Breaking change** - Will anyone consuming this change experience a break
    in build or boot behavior?
  - Examples: Add a new library class, move a module to a different repo, call
    a function in a new library class in a pre-existing module, ...
- [x] Includes tests?
  - **Tests** - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
  - **Documentation** - Does the change contain explicit documentation additions
    outside direct code modifications (and comments)?
  - Examples: Update readme file, add feature readme file, link to documentation
    on an a separate Web page, ...

How This Was Tested

Tested on Q35 and SBSA

Integration Instructions

N/A
  • Loading branch information
@TaylorBeebe
TaylorBeebe committed Oct 13, 2023
1 parent 687ec71 commit d9520ea
Show file tree
Hide file tree
Showing 2 changed files with 187 additions and 37 deletions.
110 changes: 91 additions & 19 deletions UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_AArch64.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -523,18 +523,34 @@ <h3>External Licenses</h3>
}
**/
var SavedFilters = [];
SavedFilters.push({
"Name": "NULL Page Check",
"Description": "NULL page should be EFI_MEMORY_RP",
"Filter": function (mrObject) {
var isTargetType = mrObject["System Memory"] === "NULL Page";
var hasInvalidAttributes = mrObject["Access Flag"] !== "No";
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("SpecialMemoryRegionsFilter", ["NULL Page"]);
return true;
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "RW+X",
"Description": "No memory range should have page attributes that allow read, write, and execute",
"Filter": function (mrObject) {
if ((mrObject["Execute"] !== "Disabled") && (mrObject["Read/Write"] === "Enabled") && (mrObject["Access Flag"] === "Yes") && (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent")) {
return true;
}
return false;
}, //end of Filter function
isTargetType = (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent");
hasInvalidAttributes = (mrObject["Execute"] === "Enabled") &&
(mrObject["Read/Write"] === "Enabled") &&
(mrObject["Access Flag"] === "Yes");
return isTargetType && hasInvalidAttributes;
},
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("ExecuteFilter", ["UX", "PX", "UX/PX", "Enabled"])
SetMultiselectTo("ExecuteFilter", ["Enabled"])
SetMultiselectTo("AccessFlagFilter", ["Yes"])
SetMultiselectTo("RWFilter", ["Enabled"])
SetMultiselectTo("MemorySpaceTypeFilter",
Expand All @@ -553,14 +569,13 @@ <h3>External Licenses</h3>
"Name": "Data Sections are No-Execute",
"Description": "Image data sections should be no-execute",
"Filter": function (mrObject) {
if ((mrObject["Execute"] !== "Disabled") && (mrObject["Section Type"] === "DATA")) {
return true;
}
return false;
isTargetType = (mrObject["Section Type"] === "DATA");
hasInvalidAttributes = (mrObject["Execute"] === "Enabled");
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("ExecuteFilter", ["UX", "PX", "UX/PX", "Enabled"])
SetMultiselectTo("ExecuteFilter", ["Disabled"])
SetMultiselectTo("SectionFilter", ["DATA"])
return true;
} //end of configuring filter inputs
Expand All @@ -570,10 +585,9 @@ <h3>External Licenses</h3>
"Name": "Code Sections are Read-Only",
"Description": "Image code sections should be read-only",
"Filter": function (mrObject) {
if ((mrObject["Read/Write"] === "Enabled") && (mrObject["Section Type"] === "CODE")) {
return true;
}
return false;
isTargetType = (mrObject["Section Type"] === "CODE");
hasInvalidAttributes = (mrObject["Read/Write"] === "Enabled");
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
Expand All @@ -583,6 +597,58 @@ <h3>External Licenses</h3>
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "MMIO Execute Check",
"Description": "MMIO ranges should be non executable",
"Filter": function (mrObject) {
var isTargetType = (mrObject["GCD Memory Type"] === "EfiGcdMemoryTypeMemoryMappedIo") ||
(mrObject["Memory Type"] === "EfiMemoryMappedIO");
var hasInvalidAttributes = (mrObject["Execute"] !== "Disabled") &&
(mrObject["Access Flag"] !== "No");
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("MemorySpaceTypeFilter", ["EfiGcdMemoryTypeMemoryMappedIo"]);
SetMultiselectTo("MemoryTypeFilter", ["EfiMemoryMappedIO"]);
SetMultiselectTo("ExecuteFilter", ["Enabled"]);
SetMultiselectTo("AccessFlagFilter", ["Yes"]);
return true;
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "Free Memory Check",
"Description": "Free EFI memory should not be readable",
"Filter": function (mrObject) {
var isTargetType = mrObject["Memory Type"] === "EfiConventionalMemory";
var hasInvalidAttributes = mrObject["Access Flag"] !== "No";
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("MemoryTypeFilter", ["EfiConventionalMemory"]);
SetMultiselectTo("AccessFlagFilter", ["Yes"]);
return true;
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "Check Memory Not in EFI Memory Map is Inaccessible",
"Description": "Memory not in the EFI memory map should cause a fault if accessed",
"Filter": function (mrObject) {
var isTargetType = mrObject["Memory Type"] === "None";
var hasInvalidAttributes = mrObject["Access Flag"] !== "No";
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("MemoryTypeFilter", ["None"]);
SetMultiselectTo("AccessFlagFilter", ["Yes"]);
return true;
} //end of configuring filter inputs
});

//Fill in the test results tab
SavedFilters.forEach(function (TestObject) {
var FailedCount = EmbeddedJd.MemoryRanges.filter(TestObject.Filter);
Expand All @@ -608,6 +674,16 @@ <h3>External Licenses</h3>
}
});

var testName = "Memory Attribute Protocol is Installed";
var testDescription = "Checks if the platform produces the memory attribute protocol";
if (IsMemoryAttributeProtocolPresent === "TRUE") {
var b = $("<div class='TestStatus bg-success'><h4>" + testName + "</h4><p>Description:" + testDescription + "<br />Status: Success</p></div>");
b.appendTo("div#TestStatusListWrapper");
} else {
var b = $("<div class='TestStatus bg-danger'><h4>" + testName + "</h4><p>Description:" + testDescription + "<br />Status: Failed</p></div>");
b.appendTo("div#TestStatusListWrapper");
}

$('div#tabs-3 select.selectpicker').selectpicker("refresh").change();

//Show warning if there are parsing errors
Expand Down Expand Up @@ -672,7 +748,6 @@ <h3>External Licenses</h3>
@ret boolean status of setting all requested values
**/
function SetMultiselectTo(selectName, listOfValuesSelected) {
//var allOptions = $("select#" + selectName +" > option").map(function() { return $(this).val(); }).get(); //create array
$.each($("select#" + selectName + " option"), function (i, v) {
var index = listOfValuesSelected.indexOf($(v).text());
if (index > -1) {
Expand All @@ -685,9 +760,6 @@ <h3>External Licenses</h3>
});
$("select#" + selectName).change();
$("select#" + selectName).selectpicker('refresh');
listOfValuesSelected.forEach(function (v, i, a) {
AddAlert("Can't set " + selectName + " value to " + v, "warning");
});
return (listOfValuesSelected.length === 0);
}

Expand Down
114 changes: 96 additions & 18 deletions UefiTestingPkg/AuditTests/PagingAudit/Windows/DxePaging_template_X64.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -545,13 +545,30 @@ <h3>External Licenses</h3>
**/
var SavedFilters = [];
SavedFilters.push({
"Name": "RW+X", "Description": "No memory range should have page attributes that allow read, write, and execute",
"Name": "NULL Page Check",
"Description": "NULL page should be EFI_MEMORY_RP",
"Filter": function (mrObject) {
if ((mrObject["Execute"] === "Enabled") && (mrObject["Read/Write"] === "Enabled") && (mrObject["Present"] === "Yes") && (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent")) {
return true;
}
return false;
var isTargetType = mrObject["System Memory"] === "NULL Page";
var hasInvalidAttributes = mrObject["Present"] !== "No";
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("SpecialMemoryRegionsFilter", ["NULL Page"]);
return true;
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "RW+X",
"Description": "No memory range should have page attributes that allow read, write, and execute",
"Filter": function (mrObject) {
isTargetType = (mrObject["GCD Memory Type"] !== "EfiGcdMemoryTypeNonExistent");
hasInvalidAttributes = (mrObject["Execute"] === "Enabled") &&
(mrObject["Read/Write"] === "Enabled") &&
(mrObject["Present"] === "Yes");
return isTargetType && hasInvalidAttributes;
},
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("ExecuteFilter", ["Enabled"])
Expand All @@ -570,11 +587,12 @@ <h3>External Licenses</h3>
});

SavedFilters.push({
"Name": "Data Sections are No-Execute", "Description": "Image data sections should be no-execute", "Filter": function (mrObject) {
if ((mrObject["Execute"] === "Enabled") && (mrObject["Section Type"] === "DATA")) {
return true;
}
return false;
"Name": "Data Sections are No-Execute",
"Description": "Image data sections should be no-execute",
"Filter": function (mrObject) {
isTargetType = (mrObject["Section Type"] === "DATA");
hasInvalidAttributes = (mrObject["Execute"] === "Enabled");
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
Expand All @@ -585,11 +603,12 @@ <h3>External Licenses</h3>
});

SavedFilters.push({
"Name": "Code Sections are Read-Only", "Description": "Image code sections should be read-only", "Filter": function (mrObject) {
if ((mrObject["Read/Write"] === "Enabled") && (mrObject["Section Type"] === "CODE")) {
return true;
}
return false;
"Name": "Code Sections are Read-Only",
"Description": "Image code sections should be read-only",
"Filter": function (mrObject) {
isTargetType = (mrObject["Section Type"] === "CODE");
hasInvalidAttributes = (mrObject["Read/Write"] === "Enabled");
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
Expand All @@ -599,6 +618,58 @@ <h3>External Licenses</h3>
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "MMIO Execute Check",
"Description": "MMIO ranges should be non executable",
"Filter": function (mrObject) {
var isTargetType = (mrObject["GCD Memory Type"] === "EfiGcdMemoryTypeMemoryMappedIo") ||
(mrObject["Memory Type"] === "EfiMemoryMappedIO");
var hasInvalidAttributes = (mrObject["Execute"] !== "Disabled") &&
(mrObject["Present"] !== "No");
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("MemorySpaceTypeFilter", ["EfiGcdMemoryTypeMemoryMappedIo"]);
SetMultiselectTo("MemoryTypeFilter", ["EfiMemoryMappedIO"]);
SetMultiselectTo("ExecuteFilter", ["Enabled"]);
SetMultiselectTo("PresentFilter", ["Yes"]);
return true;
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "Free Memory Check",
"Description": "Free EFI memory should not be readable",
"Filter": function (mrObject) {
var isTargetType = mrObject["Memory Type"] === "EfiConventionalMemory";
var hasInvalidAttributes = mrObject["Present"] !== "No";
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("MemoryTypeFilter", ["EfiConventionalMemory"]);
SetMultiselectTo("PresentFilter", ["Yes"]);
return true;
} //end of configuring filter inputs
});

SavedFilters.push({
"Name": "Check Memory Not in EFI Memory Map is Inaccessible",
"Description": "Memory not in the EFI memory map should cause a fault if accessed",
"Filter": function (mrObject) {
var isTargetType = mrObject["Memory Type"] === "None";
var hasInvalidAttributes = mrObject["Present"] !== "Yes";
return isTargetType && hasInvalidAttributes;
}, //end of Filter function
"ConfigureFilter": function () {
$("button#ClearAllFilter").click(); //clear the filters
SetMultiselectTo("MemoryTypeFilter", ["None"]);
SetMultiselectTo("PresentFilter", ["Yes"]);
return true;
} //end of configuring filter inputs
});

//Fill in the test results tab
SavedFilters.forEach(function (TestObject) {
var FailedCount = EmbeddedJd.MemoryRanges.filter(TestObject.Filter);
Expand All @@ -624,6 +695,16 @@ <h3>External Licenses</h3>
}
});

var testName = "Memory Attribute Protocol is Installed";
var testDescription = "Checks if the platform produces the memory attribute protocol";
if (IsMemoryAttributeProtocolPresent === "TRUE") {
var b = $("<div class='TestStatus bg-success'><h4>" + testName + "</h4><p>Description:" + testDescription + "<br />Status: Success</p></div>");
b.appendTo("div#TestStatusListWrapper");
} else {
var b = $("<div class='TestStatus bg-danger'><h4>" + testName + "</h4><p>Description:" + testDescription + "<br />Status: Failed</p></div>");
b.appendTo("div#TestStatusListWrapper");
}

$('div#tabs-3 select.selectpicker').selectpicker("refresh").change();

//Show warning if there are parsing errors
Expand Down Expand Up @@ -701,9 +782,6 @@ <h3>External Licenses</h3>
});
$("select#" + selectName).change();
$("select#" + selectName).selectpicker('refresh');
listOfValuesSelected.forEach(function (v, i, a) {
AddAlert("Can't set " + selectName + " value to " + v, "warning");
});
return (listOfValuesSelected.length === 0);
}

Expand Down

0 comments on commit d9520ea

Please sign in to comment.