From nobody Wed Apr 24 14:04:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+56301+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+56301+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1585150189; cv=none; d=zohomail.com; s=zohoarc; b=b17D0DeW1UEF9zQx4Jypr/UIn6/eViXCwwXRUn2NPm1YT9+8Q8cIooldaFUDkSlEO4A3JZ6P+N6sVk/xU4MKuxTPqJmqSrG6TC9mB78HNf2ECFJVgzGRGGJuvtrsrcZHNiWTZz2CtRKDYoWx4gg1hvheP2OTSQTa3Ot/PCb5qIM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1585150189; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=q7po0kG+4rGpPcYsFgPnkVc3DtKb5IOQqPqvWZ9Tv3Q=; b=fdXHB0Mui4lRkUdvl5qXe+C2p9aET1aUVWPqWl0LLsucTvlFxMVcY/NV6SlIyy0LEAKB8CkgPZjYtvRj4d4deXzzXCNC4JZWHULeDPQUp2uy9YkvOpBh1sjMuyq03GN9JRc4I3/Q/L3XwXvxX0GZ/1c1YkODq66ZNYEglAnTQNE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+56301+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 158515018960523.735553976410415; Wed, 25 Mar 2020 08:29:49 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id AgbUYY1788612xV6hMOKHkN9; Wed, 25 Mar 2020 08:29:49 -0700 X-Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by mx.groups.io with SMTP id smtpd.web10.14218.1585150188491097335 for ; Wed, 25 Mar 2020 08:29:48 -0700 X-Received: by mail-wm1-f67.google.com with SMTP id a9so3174896wmj.4 for ; Wed, 25 Mar 2020 08:29:48 -0700 (PDT) X-Gm-Message-State: X1Yg2QWmjnsaHg25yxGDWlIkx1787277AA= X-Google-Smtp-Source: ADFU+vvSRlzhyGUwiC97LMBsZQgr6U3MhZ9SGdupE258bSqcXjNbsRC1kxeTmqpPNOW75jkTwjzuZw== X-Received: by 2002:a1c:7ec9:: with SMTP id z192mr3988276wmc.100.1585150186858; Wed, 25 Mar 2020 08:29:46 -0700 (PDT) X-Received: from e123331-lin.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr. [109.210.65.247]) by smtp.gmail.com with ESMTPSA id r15sm29249296wra.19.2020.03.25.08.29.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Mar 2020 08:29:46 -0700 (PDT) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Laszlo Ersek , Leif Lindholm , Ashish Singhal Subject: [edk2-devel] [PATCH v3 1/3] ArmPkg/ArmMmuLib AARCH64: limit recursion when freeing page tables Date: Wed, 25 Mar 2020 16:29:38 +0100 Message-Id: <20200325152940.1492-2-ard.biesheuvel@linaro.org> In-Reply-To: <20200325152940.1492-1-ard.biesheuvel@linaro.org> References: <20200325152940.1492-1-ard.biesheuvel@linaro.org> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1585150189; bh=ou3f8lrZUAjCmNo3pZ2ijl1j0tD0HHYxREKVzBLcZiQ=; h=Cc:Date:From:Reply-To:Subject:To; b=C2683kXA+i6igMlVTNcwRA5yIpsGebBziGbHzL/6VFXSwvQaAWgHV2JeH76ZUugCHUS +Ri565XwDCVLZ2ZGHm5KGDPGll1O0cb/8fvVprJodWWQE0ZY+BTZzSPPV4bQ1zQjGARwv lYm3JtXrR5lvqWk88RgCicHxxGzD8bw8kII= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" FreePageTablesRecursive () traverses the page table tree depth first to free all pages that it finds, without taking into account the level at which it is operating. Since TT_TYPE_TABLE_ENTRY aliases TT_TYPE_BLOCK_ENTRY_LEVEL3, we cannot distinguish table entries from block entries unless we take the level into account, and so we may be dereferencing garbage if we happen to try and free a hierarchy of page tables that has level 3 pages in it. Let's fix this by passing the level into FreePageTablesRecursive (), and limit the recursion to levels < 3. Signed-off-by: Ard Biesheuvel Reviewed-by: Ashish Singhal Reviewed-by: Leif Lindholm Tested-by: Ashish Singhal Tested-by: Laszlo Ersek --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr= ary/ArmMmuLib/AArch64/ArmMmuLibCore.c index a43d468b73ca..d78918cf7ba8 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -142,15 +142,21 @@ ReplaceTableEntry ( STATIC VOID FreePageTablesRecursive ( - IN UINT64 *TranslationTable + IN UINT64 *TranslationTable, + IN UINTN Level ) { UINTN Index; =20 - for (Index =3D 0; Index < TT_ENTRY_COUNT; Index++) { - if ((TranslationTable[Index] & TT_TYPE_MASK) =3D=3D TT_TYPE_TABLE_ENTR= Y) { - FreePageTablesRecursive ((VOID *)(UINTN)(TranslationTable[Index] & - TT_ADDRESS_MASK_BLOCK_ENTRY= )); + ASSERT (Level <=3D 3); + + if (Level < 3) { + for (Index =3D 0; Index < TT_ENTRY_COUNT; Index++) { + if ((TranslationTable[Index] & TT_TYPE_MASK) =3D=3D TT_TYPE_TABLE_EN= TRY) { + FreePageTablesRecursive ((VOID *)(UINTN)(TranslationTable[Index] & + TT_ADDRESS_MASK_BLOCK_ENT= RY), + Level + 1); + } } } FreePages (TranslationTable, 1); @@ -254,7 +260,7 @@ UpdateRegionMappingRecursive ( // possible for existing table entries, since we cannot revert t= he // modifications we made to the subhierarchy it represents.) // - FreePageTablesRecursive (TranslationTable); + FreePageTablesRecursive (TranslationTable, Level + 1); } return Status; } --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#56301): https://edk2.groups.io/g/devel/message/56301 Mute This Topic: https://groups.io/mt/72543072/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed Apr 24 14:04:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+56303+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+56303+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1585150192; cv=none; d=zohomail.com; s=zohoarc; b=a9Tqb0IK7hSerH8Nbam/ypatgXPj/1JTDV36TKek/+vaiUYKvDC0xVlnEbJhf+ZgoAJJkt2YBvRa4dPrNhakgT7DOgU8lBHu4awyrwZCo8BM0b67Jc7YzJws6afG0iSzUCDrIn9X2emUEwr07PpyH2VltL67ydoFd9vy7m5U+64= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1585150192; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=QoisvECc34LXBH2AcpDVemPxSvPjZz6aOjyFKxKKMpQ=; b=BkRfWHbqKnVVYLU1RKz6yUxIPzp6VDd30g82fF9vZixRfuakqov9DF9X2pKKj1Z9yW/Or7gKgh2RkjaqHZZ0IV4Nr8z5/0vJuAX2pedO1lruLcplCblIeamiRiFlE0lYrzarYFnGtNqUO7in6X7pPXTIvpAndlzqUDziOV/tYX4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+56303+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1585150192874689.8146818280227; Wed, 25 Mar 2020 08:29:52 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 8FVZYY1788612xooT8yGtIZX; Wed, 25 Mar 2020 08:29:52 -0700 X-Received: from mail-wm1-f68.google.com (mail-wm1-f68.google.com [209.85.128.68]) by mx.groups.io with SMTP id smtpd.web11.14236.1585150191733096102 for ; Wed, 25 Mar 2020 08:29:52 -0700 X-Received: by mail-wm1-f68.google.com with SMTP id a9so3175213wmj.4 for ; Wed, 25 Mar 2020 08:29:51 -0700 (PDT) X-Gm-Message-State: H2CEsN9186f4XJVXBvRFnqrex1787277AA= X-Google-Smtp-Source: ADFU+vsjjOQO+aV0f1VwBT1KjAKsLN6KIjBWs4r2xR/7QBxNdZl4IeRGP0Av1DlcO5boU8eJ0Qx7ww== X-Received: by 2002:a1c:2d8a:: with SMTP id t132mr4204301wmt.83.1585150187902; Wed, 25 Mar 2020 08:29:47 -0700 (PDT) X-Received: from e123331-lin.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr. [109.210.65.247]) by smtp.gmail.com with ESMTPSA id r15sm29249296wra.19.2020.03.25.08.29.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Mar 2020 08:29:47 -0700 (PDT) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Laszlo Ersek , Leif Lindholm , Ashish Singhal Subject: [edk2-devel] [PATCH v3 2/3] ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types Date: Wed, 25 Mar 2020 16:29:39 +0100 Message-Id: <20200325152940.1492-3-ard.biesheuvel@linaro.org> In-Reply-To: <20200325152940.1492-1-ard.biesheuvel@linaro.org> References: <20200325152940.1492-1-ard.biesheuvel@linaro.org> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1585150192; bh=tcpMh5cGYGZjLN368Hs89kOM5miMBUVdoM37pFDvaZQ=; h=Cc:Date:From:Reply-To:Subject:To; b=FtbanJ0Dh4DsOXhhrgNXsZoUIFC7+sSn3r0kF1pwbNwPhq3+tm1IEVddYIdDPBYrQAL ixqeUrEbiaaUqGXb8EZbNX9Vn8E+KGoa8uL/spNbhqTXkT3pEgsXyu/CLP+NHDLh8WsYM labzWzMjGMhDXBcnEse2GkbajftYqeI1OnM= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Given how the meaning of the attribute bits for page table entry types is slightly awkward, and changes between levels, add some helpers to abstract from this. Signed-off-by: Ard Biesheuvel Reviewed-by: Leif Lindholm Reviewed-by: Ashish Singhal Tested-by: Ashish Singhal Tested-by: Laszlo Ersek --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 40 +++++++++++++++++--- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr= ary/ArmMmuLib/AArch64/ArmMmuLibCore.c index d78918cf7ba8..0680ba36d907 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -162,6 +162,36 @@ FreePageTablesRecursive ( FreePages (TranslationTable, 1); } =20 +STATIC +BOOLEAN +IsBlockEntry ( + IN UINT64 Entry, + IN UINTN Level + ) +{ + if (Level =3D=3D 3) { + return (Entry & TT_TYPE_MASK) =3D=3D TT_TYPE_BLOCK_ENTRY_LEVEL3; + } + return (Entry & TT_TYPE_MASK) =3D=3D TT_TYPE_BLOCK_ENTRY; +} + +STATIC +BOOLEAN +IsTableEntry ( + IN UINT64 Entry, + IN UINTN Level + ) +{ + if (Level =3D=3D 3) { + // + // TT_TYPE_TABLE_ENTRY aliases TT_TYPE_BLOCK_ENTRY_LEVEL3 + // so we need to take the level into account as well. + // + return FALSE; + } + return (Entry & TT_TYPE_MASK) =3D=3D TT_TYPE_TABLE_ENTRY; +} + STATIC EFI_STATUS UpdateRegionMappingRecursive ( @@ -203,7 +233,7 @@ UpdateRegionMappingRecursive ( if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0) { ASSERT (Level < 3); =20 - if ((*Entry & TT_TYPE_MASK) !=3D TT_TYPE_TABLE_ENTRY) { + if (!IsTableEntry (*Entry, Level)) { // // No table entry exists yet, so we need to allocate a page table // for the next level. @@ -221,7 +251,7 @@ UpdateRegionMappingRecursive ( InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); } =20 - if ((*Entry & TT_TYPE_MASK) =3D=3D TT_TYPE_BLOCK_ENTRY) { + if (IsBlockEntry (*Entry, Level)) { // // We are splitting an existing block entry, so we have to popul= ate // the new table with the attributes of the block entry it repla= ces. @@ -252,7 +282,7 @@ UpdateRegionMappingRecursive ( AttributeSetMask, AttributeClearMask, TranslationTable, Level + 1); if (EFI_ERROR (Status)) { - if ((*Entry & TT_TYPE_MASK) !=3D TT_TYPE_TABLE_ENTRY) { + if (!IsTableEntry (*Entry, Level)) { // // We are creating a new table entry, so on failure, we can free= all // allocations we made recursively, given that the whole subhier= archy @@ -265,10 +295,10 @@ UpdateRegionMappingRecursive ( return Status; } =20 - if ((*Entry & TT_TYPE_MASK) !=3D TT_TYPE_TABLE_ENTRY) { + if (!IsTableEntry (*Entry, Level)) { EntryValue =3D (UINTN)TranslationTable | TT_TYPE_TABLE_ENTRY; ReplaceTableEntry (Entry, EntryValue, RegionStart, - (*Entry & TT_TYPE_MASK) =3D=3D TT_TYPE_BLOCK_EN= TRY); + IsBlockEntry (*Entry, Level)); } } else { EntryValue =3D (*Entry & AttributeClearMask) | AttributeSetMask; --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#56303): https://edk2.groups.io/g/devel/message/56303 Mute This Topic: https://groups.io/mt/72543077/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed Apr 24 14:04:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+56302+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+56302+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1585150192; cv=none; d=zohomail.com; s=zohoarc; b=ZPH+DPypFSis4gnQ1zpdhaIpuE+/HFIEWFBg/kAWf3CIVlnOlFhw5Xg9Xu9KU6ukpw2gAbnnlri0pmNj+6aMbLN6YzWsoH4smNsjHWzdbj2Rg7HpedgFQ+B80TbuJVT3bJsw9uNunfsubLVQpfx9vl+ojRn7iP/KkkZ6/oK2O0o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1585150192; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=AXsnldrutmAnWrlJfOTDb5FRSRyI7J8dfOKWIYcW/3Q=; b=gfsfhNluFPFJghe1mgOvKvnRKyPAlPpztXMNHDIgpMiA7cuYr9p8m2e18REWBXchOnghvYTGckUFpAbWEVbCArDTZo450P/RpBPhjTHbwiH9WBgDyqXoPtqNvULwcgi5j7Go8tDvpz7hq2/7VZxZbbJoGrPUQ1T/lIVdl7S/KJI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+56302+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1585150192072473.3642034341874; Wed, 25 Mar 2020 08:29:52 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id L7b8YY1788612xf7CJZgMQ17; Wed, 25 Mar 2020 08:29:51 -0700 X-Received: from mail-wm1-f66.google.com (mail-wm1-f66.google.com [209.85.128.66]) by mx.groups.io with SMTP id smtpd.web12.14183.1585150190655340848 for ; Wed, 25 Mar 2020 08:29:51 -0700 X-Received: by mail-wm1-f66.google.com with SMTP id g62so3205073wme.1 for ; Wed, 25 Mar 2020 08:29:50 -0700 (PDT) X-Gm-Message-State: ijCeh9wExiHhhYkQis75lhakx1787277AA= X-Google-Smtp-Source: ADFU+vtMCEarBbJOrOdHV3KMb1eqaHGl0BBrvPnBkHA/lVq3AAffUnCIszFiVJnm7OCkEUQK13TYLw== X-Received: by 2002:a7b:c7d4:: with SMTP id z20mr3904944wmk.48.1585150188872; Wed, 25 Mar 2020 08:29:48 -0700 (PDT) X-Received: from e123331-lin.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr. [109.210.65.247]) by smtp.gmail.com with ESMTPSA id r15sm29249296wra.19.2020.03.25.08.29.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Mar 2020 08:29:48 -0700 (PDT) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Laszlo Ersek , Leif Lindholm , Ashish Singhal Subject: [edk2-devel] [PATCH v3 3/3] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Date: Wed, 25 Mar 2020 16:29:40 +0100 Message-Id: <20200325152940.1492-4-ard.biesheuvel@linaro.org> In-Reply-To: <20200325152940.1492-1-ard.biesheuvel@linaro.org> References: <20200325152940.1492-1-ard.biesheuvel@linaro.org> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1585150191; bh=yeGrp+6sT0mgZgTmTZ3EQjaZ78QkOvChPh1FzxHcVoc=; h=Cc:Date:From:Reply-To:Subject:To; b=W6u0zvWcXiLNmMSODmp/b95jcycSuz9Qc8vvPpjGG3VYW0VSK9tNF8t3fltTtDkui1w y0LBwQRnjzGk1hH9/xWoeZinDmZpmtuf9A81G+r1CGrDFFcQh36wJl6PKU/JhMLpK6QG3 l7tBKK7Im8xFOi68OCTtfya8dwlqpu7GSMM= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Currently, depending on the size of the region being (re)mapped, the page table manipulation code may replace a table entry with a block entry, even if the existing table entry uses different mapping attributes to describe different parts of the region it covers. This is undesirable, and instead, we should avoid doing so unless we are disregarding the original attributes anyway. And if we make such a replacement, we should free all the page tables that have become orphaned in the process. So let's implement this, by taking the table entry path through the code for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced. Signed-off-by: Ard Biesheuvel Reviewed-by: Ashish Singhal Tested-by: Ashish Singhal Tested-by: Laszlo Ersek --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr= ary/ArmMmuLib/AArch64/ArmMmuLibCore.c index 0680ba36d907..3b10ef58f0a2 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -229,8 +229,12 @@ UpdateRegionMappingRecursive ( // than a block, and recurse to create the block or page entries at // the next level. No block mappings are allowed at all at level 0, // so in that case, we have to recurse unconditionally. + // If we are changing a table entry and the AttributeClearMask is non-= zero, + // we cannot replace it with a block entry without potentially losing + // attribute information, so keep the table entry in that case. // - if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0) { + if (Level =3D=3D 0 || ((RegionStart | BlockEnd) & BlockMask) !=3D 0 || + (IsTableEntry (*Entry, Level) && AttributeClearMask !=3D 0)) { ASSERT (Level < 3); =20 if (!IsTableEntry (*Entry, Level)) { @@ -251,6 +255,8 @@ UpdateRegionMappingRecursive ( InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); } =20 + ZeroMem (TranslationTable, EFI_PAGE_SIZE); + if (IsBlockEntry (*Entry, Level)) { // // We are splitting an existing block entry, so we have to popul= ate @@ -268,8 +274,6 @@ UpdateRegionMappingRecursive ( FreePages (TranslationTable, 1); return Status; } - } else { - ZeroMem (TranslationTable, EFI_PAGE_SIZE); } } else { TranslationTable =3D (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOC= K_ENTRY); @@ -306,7 +310,20 @@ UpdateRegionMappingRecursive ( EntryValue |=3D (Level =3D=3D 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 : TT_TYPE_BLOCK_ENTRY; =20 - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + if (IsTableEntry (*Entry, Level)) { + // + // We are replacing a table entry with a block entry. This is only + // possible if we are keeping none of the original attributes. + // We can free the table entry's page table, and all the ones below + // it, since we are dropping the only possible reference to it. + // + ASSERT (AttributeClearMask =3D=3D 0); + TranslationTable =3D (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOC= K_ENTRY); + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); + FreePageTablesRecursive (TranslationTable, Level + 1); + } else { + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + } } } return EFI_SUCCESS; --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#56302): https://edk2.groups.io/g/devel/message/56302 Mute This Topic: https://groups.io/mt/72543076/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-