MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ MdePkg/Include/Uefi/UefiSpec.h | 3 ++- 2 files changed, 8 insertions(+), 7 deletions(-)
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 The workaround in the UEFI memmap construction, near the end of the function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] should not clear the SP and CRYPTO bits, because OSes do (apparently) correctly interpret SP and CRYPTO as capabilities, and not as currently set attributes (upon which the OSes should set their page tables). For this reason, the SP and CRYPTO bits should be separated from the bitmask that we use for hiding the page-access attributes, in the workaround Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Dandan Bi <dandan.bi@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Zhiguang Liu <zhiguang.liu@intel.com> Cc: Oleksiy Yakovlev <oleksiyy@ami.com> Cc: Ard Biesheuvel (ARM address) <ard.biesheuvel@arm.com> MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ MdePkg/Include/Uefi/UefiSpec.h | 3 ++- 2 files changed, 8 insertions(+), 7 deletions(-) --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapita zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65566): https://edk2.groups.io/g/devel/message/65566 Mute This Topic: https://groups.io/mt/77056340/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
On 09/24/20 12:21, Malgorzata Kukiello wrote: > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 > > The workaround in the UEFI memmap construction, near the end of the > function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] should > not clear the SP and CRYPTO bits, because OSes do (apparently) correctly > interpret SP and CRYPTO as capabilities, and not as currently set > attributes (upon which the OSes should set their page tables). For this > reason, the SP and CRYPTO bits should be separated from the bitmask that > we use for hiding the page-access attributes, in the workaround > > Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com> > Cc: Michael D Kinney <michael.d.kinney@intel.com> > Cc: Jian J Wang <jian.j.wang@intel.com> > Cc: Hao A Wu <hao.a.wu@intel.com> > Cc: Dandan Bi <dandan.bi@intel.com> > Cc: Liming Gao <gaoliming@byosoft.com.cn> > Cc: Zhiguang Liu <zhiguang.liu@intel.com> > Cc: Oleksiy Yakovlev <oleksiyy@ami.com> > Cc: Ard Biesheuvel (ARM address) <ard.biesheuvel@arm.com> > > MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ > MdePkg/Include/Uefi/UefiSpec.h | 3 ++- > 2 files changed, 8 insertions(+), 7 deletions(-) series Reviewed-by: Laszlo Ersek <lersek@redhat.com> -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65569): https://edk2.groups.io/g/devel/message/65569 Mute This Topic: https://groups.io/mt/77056340/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Malgorzata: How do know OS (Windows or Linux) behavior for SP and CRYPTO attribute? Is there the public document to describe this behavior? Thanks Liming > -----邮件原件----- > 发件人: bounce+27952+65566+4905953+8761045@groups.io > <bounce+27952+65566+4905953+8761045@groups.io> 代表 Malgorzata > Kukiello > 发送时间: 2020年9月24日 18:22 > 收件人: devel@edk2.groups.io > 抄送: Malgorzata Kukiello <jacek.kukiello@intel.com>; Michael D Kinney > <michael.d.kinney@intel.com>; Jian J Wang <jian.j.wang@intel.com>; Hao A > Wu <hao.a.wu@intel.com>; Dandan Bi <dandan.bi@intel.com>; Liming Gao > <gaoliming@byosoft.com.cn>; Zhiguang Liu <zhiguang.liu@intel.com>; > Oleksiy Yakovlev <oleksiyy@ami.com>; Ard Biesheuvel > <ard.biesheuvel@arm.com> > 主题: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding > page-access caps from OSes hides SP and CRYPTO caps too > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 > > The workaround in the UEFI memmap construction, near the end of the > function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] > should > not clear the SP and CRYPTO bits, because OSes do (apparently) correctly > interpret SP and CRYPTO as capabilities, and not as currently set > attributes (upon which the OSes should set their page tables). For this > reason, the SP and CRYPTO bits should be separated from the bitmask that > we use for hiding the page-access attributes, in the workaround > > Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com> > Cc: Michael D Kinney <michael.d.kinney@intel.com> > Cc: Jian J Wang <jian.j.wang@intel.com> > Cc: Hao A Wu <hao.a.wu@intel.com> > Cc: Dandan Bi <dandan.bi@intel.com> > Cc: Liming Gao <gaoliming@byosoft.com.cn> > Cc: Zhiguang Liu <zhiguang.liu@intel.com> > Cc: Oleksiy Yakovlev <oleksiyy@ami.com> > Cc: Ard Biesheuvel (ARM address) <ard.biesheuvel@arm.com> > > MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ > MdePkg/Include/Uefi/UefiSpec.h | 3 ++- > 2 files changed, 8 insertions(+), 7 deletions(-) > --------------------------------------------------------------------- > Intel Technology Poland sp. z o.o. > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia > Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 > | Kapita zakadowy 200.000 PLN. > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i > moe zawiera informacje poufne. W razie przypadkowego otrzymania tej > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > This e-mail and any attachments may contain confidential material for the > sole use of the intended recipient(s). If you are not the intended recipient, > please contact the sender and delete all copies; any review or distribution by > others is strictly prohibited. > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65618): https://edk2.groups.io/g/devel/message/65618 Mute This Topic: https://groups.io/mt/77075662/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Liming, As for mktme there is a change commited: https://patchwork.kernel.org/patch/10935909/ As for SP I can't find anything specific. Thanks Meg -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of gaoliming Sent: Friday, September 25, 2020 10:55 AM To: devel@edk2.groups.io; Kukiello, Malgorzata <jacek.kukiello@intel.com> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Bi, Dandan <dandan.bi@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; 'Oleksiy Yakovlev' <oleksiyy@ami.com>; 'Ard Biesheuvel' <ard.biesheuvel@arm.com> Subject: 回复: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding page-access caps from OSes hides SP and CRYPTO caps too Malgorzata: How do know OS (Windows or Linux) behavior for SP and CRYPTO attribute? Is there the public document to describe this behavior? Thanks Liming > -----邮件原件----- > 发件人: bounce+27952+65566+4905953+8761045@groups.io > <bounce+27952+65566+4905953+8761045@groups.io> 代表 Malgorzata Kukiello > 发送时间: 2020年9月24日 18:22 > 收件人: devel@edk2.groups.io > 抄送: Malgorzata Kukiello <jacek.kukiello@intel.com>; Michael D Kinney > <michael.d.kinney@intel.com>; Jian J Wang <jian.j.wang@intel.com>; Hao > A Wu <hao.a.wu@intel.com>; Dandan Bi <dandan.bi@intel.com>; Liming Gao > <gaoliming@byosoft.com.cn>; Zhiguang Liu <zhiguang.liu@intel.com>; > Oleksiy Yakovlev <oleksiyy@ami.com>; Ard Biesheuvel > <ard.biesheuvel@arm.com> > 主题: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding > page-access caps from OSes hides SP and CRYPTO caps too > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 > > The workaround in the UEFI memmap construction, near the end of the > function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] > should > not clear the SP and CRYPTO bits, because OSes do (apparently) > correctly interpret SP and CRYPTO as capabilities, and not as > currently set attributes (upon which the OSes should set their page > tables). For this reason, the SP and CRYPTO bits should be separated > from the bitmask that we use for hiding the page-access attributes, in > the workaround > > Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com> > Cc: Michael D Kinney <michael.d.kinney@intel.com> > Cc: Jian J Wang <jian.j.wang@intel.com> > Cc: Hao A Wu <hao.a.wu@intel.com> > Cc: Dandan Bi <dandan.bi@intel.com> > Cc: Liming Gao <gaoliming@byosoft.com.cn> > Cc: Zhiguang Liu <zhiguang.liu@intel.com> > Cc: Oleksiy Yakovlev <oleksiyy@ami.com> > Cc: Ard Biesheuvel (ARM address) <ard.biesheuvel@arm.com> > > MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ > MdePkg/Include/Uefi/UefiSpec.h | 3 ++- > 2 files changed, 8 insertions(+), 7 deletions(-) > --------------------------------------------------------------------- > Intel Technology Poland sp. z o.o. > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII > Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > 957-07-52-316 > | Kapita zakadowy 200.000 PLN. > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata > i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > This e-mail and any attachments may contain confidential material for > the sole use of the intended recipient(s). If you are not the intended recipient, > please contact the sender and delete all copies; any review or distribution by > others is strictly prohibited. > > > > > > --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapita zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65683): https://edk2.groups.io/g/devel/message/65683 Mute This Topic: https://groups.io/mt/77176704/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Meg: What real problem do you meet with? What purpose is for this change? And, I also include UEFI Arch Rothman. Rothman: Can you help clarify what OS (Windows or Linux) behavior is expected for UEFI SP and CRYPTO memory attribute? Thanks Liming > -----邮件原件----- > 发件人: bounce+27952+65683+4905953+8761045@groups.io > <bounce+27952+65683+4905953+8761045@groups.io> 代表 Malgorzata > Kukiello > 发送时间: 2020年9月28日 23:39 > 收件人: devel@edk2.groups.io; gaoliming@byosoft.com.cn > 抄送: Kinney, Michael D <michael.d.kinney@intel.com>; Wang, Jian J > <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Bi, Dandan > <dandan.bi@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; 'Oleksiy > Yakovlev' <oleksiyy@ami.com>; 'Ard Biesheuvel' <ard.biesheuvel@arm.com> > 主题: Re: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding > page-access caps from OSes hides SP and CRYPTO caps too > > Liming, > As for mktme there is a change commited: > https://patchwork.kernel.org/patch/10935909/ > As for SP I can't find anything specific. > Thanks > Meg > > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of gaoliming > Sent: Friday, September 25, 2020 10:55 AM > To: devel@edk2.groups.io; Kukiello, Malgorzata <jacek.kukiello@intel.com> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Wang, Jian J > <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Bi, Dandan > <dandan.bi@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; 'Oleksiy > Yakovlev' <oleksiyy@ami.com>; 'Ard Biesheuvel' <ard.biesheuvel@arm.com> > Subject: 回复: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for > hiding page-access caps from OSes hides SP and CRYPTO caps too > > Malgorzata: > How do know OS (Windows or Linux) behavior for SP and CRYPTO attribute? > Is there the public document to describe this behavior? > > Thanks > Liming > > -----邮件原件----- > > 发件人: bounce+27952+65566+4905953+8761045@groups.io > > <bounce+27952+65566+4905953+8761045@groups.io> 代表 Malgorzata > Kukiello > > 发送时间: 2020年9月24日 18:22 > > 收件人: devel@edk2.groups.io > > 抄送: Malgorzata Kukiello <jacek.kukiello@intel.com>; Michael D Kinney > > <michael.d.kinney@intel.com>; Jian J Wang <jian.j.wang@intel.com>; Hao > > A Wu <hao.a.wu@intel.com>; Dandan Bi <dandan.bi@intel.com>; Liming Gao > > <gaoliming@byosoft.com.cn>; Zhiguang Liu <zhiguang.liu@intel.com>; > > Oleksiy Yakovlev <oleksiyy@ami.com>; Ard Biesheuvel > > <ard.biesheuvel@arm.com> > > 主题: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding > > page-access caps from OSes hides SP and CRYPTO caps too > > > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 > > > > The workaround in the UEFI memmap construction, near the end of the > > function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] > > should > > not clear the SP and CRYPTO bits, because OSes do (apparently) > > correctly interpret SP and CRYPTO as capabilities, and not as > > currently set attributes (upon which the OSes should set their page > > tables). For this reason, the SP and CRYPTO bits should be separated > > from the bitmask that we use for hiding the page-access attributes, in > > the workaround > > > > Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com> > > Cc: Michael D Kinney <michael.d.kinney@intel.com> > > Cc: Jian J Wang <jian.j.wang@intel.com> > > Cc: Hao A Wu <hao.a.wu@intel.com> > > Cc: Dandan Bi <dandan.bi@intel.com> > > Cc: Liming Gao <gaoliming@byosoft.com.cn> > > Cc: Zhiguang Liu <zhiguang.liu@intel.com> > > Cc: Oleksiy Yakovlev <oleksiyy@ami.com> > > Cc: Ard Biesheuvel (ARM address) <ard.biesheuvel@arm.com> > > > > MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ > > MdePkg/Include/Uefi/UefiSpec.h | 3 ++- > > 2 files changed, 8 insertions(+), 7 deletions(-) > > --------------------------------------------------------------------- > > Intel Technology Poland sp. z o.o. > > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII > > Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > > 957-07-52-316 > > | Kapita zakadowy 200.000 PLN. > > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata > > i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej > > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > > This e-mail and any attachments may contain confidential material for > > the sole use of the intended recipient(s). If you are not the intended > recipient, > > please contact the sender and delete all copies; any review or > distribution by > > others is strictly prohibited. > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > Intel Technology Poland sp. z o.o. > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia > Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | > Kapita zakadowy 200.000 PLN. > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe > zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, > prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek > przegldanie lub rozpowszechnianie jest zabronione. > This e-mail and any attachments may contain confidential material for the sole > use of the intended recipient(s). If you are not the intended recipient, please > contact the sender and delete all copies; any review or distribution by others is > strictly prohibited. > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65696): https://edk2.groups.io/g/devel/message/65696 Mute This Topic: https://groups.io/mt/77187950/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Liming, I am trying to enable a crypto technology, that requires handling on the OS side (implemented in the kernel.org patch), generally speaking I mark in memory map all regions that can be encrypted using the before mentioned tech. Then OS checks that attribute and decides whether or not to enable that. So the real problem is that currently all my attributes are overwritten and cleared. Thanks Meg -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of gaoliming Sent: Tuesday, September 29, 2020 3:13 AM To: devel@edk2.groups.io; Kukiello, Malgorzata <jacek.kukiello@intel.com>; Rothman, Michael A <michael.a.rothman@intel.com> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Bi, Dandan <dandan.bi@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; 'Oleksiy Yakovlev' <oleksiyy@ami.com>; 'Ard Biesheuvel' <ard.biesheuvel@arm.com> Subject: 回复: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding page-access caps from OSes hides SP and CRYPTO caps too Meg: What real problem do you meet with? What purpose is for this change? And, I also include UEFI Arch Rothman. Rothman: Can you help clarify what OS (Windows or Linux) behavior is expected for UEFI SP and CRYPTO memory attribute? Thanks Liming > -----邮件原件----- > 发件人: bounce+27952+65683+4905953+8761045@groups.io > <bounce+27952+65683+4905953+8761045@groups.io> 代表 Malgorzata Kukiello > 发送时间: 2020年9月28日 23:39 > 收件人: devel@edk2.groups.io; gaoliming@byosoft.com.cn > 抄送: Kinney, Michael D <michael.d.kinney@intel.com>; Wang, Jian J > <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Bi, Dandan > <dandan.bi@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; > 'Oleksiy Yakovlev' <oleksiyy@ami.com>; 'Ard Biesheuvel' > <ard.biesheuvel@arm.com> > 主题: Re: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding > page-access caps from OSes hides SP and CRYPTO caps too > > Liming, > As for mktme there is a change commited: > https://patchwork.kernel.org/patch/10935909/ > As for SP I can't find anything specific. > Thanks > Meg > > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of > gaoliming > Sent: Friday, September 25, 2020 10:55 AM > To: devel@edk2.groups.io; Kukiello, Malgorzata > <jacek.kukiello@intel.com> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Wang, Jian J > <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Bi, Dandan > <dandan.bi@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; > 'Oleksiy Yakovlev' <oleksiyy@ami.com>; 'Ard Biesheuvel' > <ard.biesheuvel@arm.com> > Subject: 回复: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for > hiding page-access caps from OSes hides SP and CRYPTO caps too > > Malgorzata: > How do know OS (Windows or Linux) behavior for SP and CRYPTO attribute? > Is there the public document to describe this behavior? > > Thanks > Liming > > -----邮件原件----- > > 发件人: bounce+27952+65566+4905953+8761045@groups.io > > <bounce+27952+65566+4905953+8761045@groups.io> 代表 Malgorzata > Kukiello > > 发送时间: 2020年9月24日 18:22 > > 收件人: devel@edk2.groups.io > > 抄送: Malgorzata Kukiello <jacek.kukiello@intel.com>; Michael D Kinney > > <michael.d.kinney@intel.com>; Jian J Wang <jian.j.wang@intel.com>; > > Hao A Wu <hao.a.wu@intel.com>; Dandan Bi <dandan.bi@intel.com>; > > Liming Gao <gaoliming@byosoft.com.cn>; Zhiguang Liu > > <zhiguang.liu@intel.com>; Oleksiy Yakovlev <oleksiyy@ami.com>; Ard > > Biesheuvel <ard.biesheuvel@arm.com> > > 主题: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for hiding > > page-access caps from OSes hides SP and CRYPTO caps too > > > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 > > > > The workaround in the UEFI memmap construction, near the end of the > > function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] > > should > > not clear the SP and CRYPTO bits, because OSes do (apparently) > > correctly interpret SP and CRYPTO as capabilities, and not as > > currently set attributes (upon which the OSes should set their page > > tables). For this reason, the SP and CRYPTO bits should be separated > > from the bitmask that we use for hiding the page-access attributes, > > in the workaround > > > > Signed-off-by: Malgorzata Kukiello <jacek.kukiello@intel.com> > > Cc: Michael D Kinney <michael.d.kinney@intel.com> > > Cc: Jian J Wang <jian.j.wang@intel.com> > > Cc: Hao A Wu <hao.a.wu@intel.com> > > Cc: Dandan Bi <dandan.bi@intel.com> > > Cc: Liming Gao <gaoliming@byosoft.com.cn> > > Cc: Zhiguang Liu <zhiguang.liu@intel.com> > > Cc: Oleksiy Yakovlev <oleksiyy@ami.com> > > Cc: Ard Biesheuvel (ARM address) <ard.biesheuvel@arm.com> > > > > MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ > > MdePkg/Include/Uefi/UefiSpec.h | 3 ++- > > 2 files changed, 8 insertions(+), 7 deletions(-) > > -------------------------------------------------------------------- > > - > > Intel Technology Poland sp. z o.o. > > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII > > Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > > 957-07-52-316 > > | Kapita zakadowy 200.000 PLN. > > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego > > adresata i moe zawiera informacje poufne. W razie przypadkowego > > otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae > > jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > > This e-mail and any attachments may contain confidential material > > for the sole use of the intended recipient(s). If you are not the > > intended > recipient, > > please contact the sender and delete all copies; any review or > distribution by > > others is strictly prohibited. > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > Intel Technology Poland sp. z o.o. > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII > Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > 957-07-52-316 | Kapita zakadowy 200.000 PLN. > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata > i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > This e-mail and any attachments may contain confidential material for > the sole use of the intended recipient(s). If you are not the intended > recipient, please contact the sender and delete all copies; any review > or distribution by others is strictly prohibited. > > > > > --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapita zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65835): https://edk2.groups.io/g/devel/message/65835 Mute This Topic: https://groups.io/mt/77260834/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.