From nobody Mon Nov 25 20:37:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+65568+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+65568+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1600951990; cv=none; d=zohomail.com; s=zohoarc; b=lM/1fsNB8Dl99FeWykCfJhESEgnHNHZf7VJ3DCsRU6AM0Mw80lc7TAZPZ6hzUnthN6NXnNfRA4alvXvr6RuX4r1ikc2eofTcj+q0VDQmqk7hw/2WWLLyAyOTOolf45/GLNDXUFkCPhwjBzS3nTlF0DykXQa5Up36uyfNkvs+Kxs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600951990; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=jgMP6Wfz0bT5wcNTIG+Hvrsw4+yjkDBdGdaTW8YNUis=; b=GUn7kQS0suy5Ivy3IEj0tYtFOxZiwQmwRj1ad45nn0c9yHJkHr7n6FJ0PlTUjmVMAO/aJeHDUWO+5i1lmf0KAGn9D0PocdGLtw7MUMWmeN0cbSG/sv+7Om/KX7zWxow/1T2Z1zSHFNauEM8aIwRmG4bR8OheIoEtWR2hhV4GU0g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+65568+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1600951990733265.6860661279462; Thu, 24 Sep 2020 05:53:10 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id X0kuYY1788612xkGkNPYO9eo; Thu, 24 Sep 2020 05:53:10 -0700 X-Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web12.13478.1600942984954609160 for ; Thu, 24 Sep 2020 03:23:05 -0700 IronPort-SDR: 4W/A22fvpY1cpLCy0ryZMU3oiQI5Qw+8gnGub3lNReuQGI4993ZsAMQG7xRzlk7qfFHBRbM/fd 5nCIIICoUNHw== X-IronPort-AV: E=McAfee;i="6000,8403,9753"; a="245956162" X-IronPort-AV: E=Sophos;i="5.77,297,1596524400"; d="scan'208";a="245956162" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2020 03:23:03 -0700 IronPort-SDR: V3KpenV44XAxeFbNh+rCFWDiP0l2NxqcHTExL0aRkFckbleygxmSeLLYNvWvq1s/UPmnLSsO7K KdMiWb0SewAg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,297,1596524400"; d="scan'208";a="338996289" X-Received: from jkukiell-desk.ger.corp.intel.com ([10.102.87.26]) by orsmga008.jf.intel.com with ESMTP; 24 Sep 2020 03:23:01 -0700 From: "Malgorzata Kukiello" To: devel@edk2.groups.io Cc: Malgorzata Kukiello , Michael D Kinney , Liming Gao , Zhiguang Liu , Oleksiy Yakovlev , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 1/2] MdePkg/UefiSpec: separate page access bitmask from SP and CRYPTO caps Date: Thu, 24 Sep 2020 12:21:32 +0200 Message-Id: <20200924102132.18248-3-jacek.kukiello@intel.com> In-Reply-To: <20200924102132.18248-1-jacek.kukiello@intel.com> References: <20200924102132.18248-1-jacek.kukiello@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jacek.kukiello@intel.com X-Gm-Message-State: G5rxYkFZpNzOrZ1bRYzBIyYJx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1600951990; bh=D1jzreQfuy4SFiIZNaRrZvdWDBAYkYh16AwcRKAPOQs=; h=Cc:Date:From:Reply-To:Subject:To; b=ARI+ocNMp7DTWWw1poZgp6NK4hm4bBwrV5ubIJnnmABAzN0BTnl4HxWWInjd5xx8QHR QEWqh/4ULb7vC7H17uydPoQCTBOockY52pEa7+NUTd43hSXAxoOfC9mSpV/8Mm9bouRio 3Tcu9tA5f2R0sof8jm37eY6S0AYJxlljR2g= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D2982 Operating systems are capable of treating SP and CRYPTO memory capabilities and not as attributes. This means that these capabilites cannot be hidden from OSs. For this reason, the SP and CRYPTO bits should be separated from the bitmask that we use for hiding the page-access attributes.=20 Common mask for ATTRIBUTES was introduced in=20 3bd5c994c879f78e8e3d5346dc3b627f199291aa Signed-off-by: Malgorzata Kukiello Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Oleksiy Yakovlev Cc: Ard Biesheuvel (ARM address) Reviewed-by: Laszlo Ersek --- MdePkg/Include/Uefi/UefiSpec.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/Uefi/UefiSpec.h b/MdePkg/Include/Uefi/UefiSpec.h index 05b82e0be1..2b1b72d862 100644 --- a/MdePkg/Include/Uefi/UefiSpec.h +++ b/MdePkg/Include/Uefi/UefiSpec.h @@ -113,7 +113,8 @@ typedef enum { // Attributes bitmasks, grouped by type // #define EFI_CACHE_ATTRIBUTE_MASK (EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMO= RY_WT | EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_WP) -#define EFI_MEMORY_ATTRIBUTE_MASK (EFI_MEMORY_RP | EFI_MEMORY_XP | EFI_MEM= ORY_RO | EFI_MEMORY_SP | EFI_MEMORY_CPU_CRYPTO) +#define EFI_MEMORY_ACCESS_MASK (EFI_MEMORY_RP | EFI_MEMORY_XP | EFI_MEMORY= _RO) +#define EFI_MEMORY_ATTRIBUTE_MASK (EFI_MEMORY_ACCESS_MASK | EFI_MEMORY_SP = | EFI_MEMORY_CPU_CRYPTO) =20 /// /// Memory descriptor version number. --=20 2.18.0.windows.1 --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gos= podarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapi= ta zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i mo= e zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci= , prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek prz= egldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the s= ole use of the intended recipient(s). If you are not the intended recipient= , please contact the sender and delete all copies; any review or distributi= on by others is strictly prohibited. =20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65568): https://edk2.groups.io/g/devel/message/65568 Mute This Topic: https://groups.io/mt/77056343/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon Nov 25 20:37:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+65567+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+65567+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1600951990; cv=none; d=zohomail.com; s=zohoarc; b=IIFoLq9T6sokeomx9r2Z3Sx4gqLNEM0paWXu76A6OAcOdoipx6/H8M5DxgfOrFcC88imLnAHo0WOUkQ8Kmo2Ei2JROjyuh5hVNiyJmJcrvgyHl+9Y60ChyS+RchUm0m1AAb/4dp7r9o25OCbRgZ4azz7ucfYTzJywsMNTgYF830= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600951990; h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=oj068EExLNN9kiq+QT32PZoKV5o81glfys525U5EFUg=; b=l78tMj74mAZU0ceXk/Z/MYT300LMU6RHj9do59QSCd3vjQ2t/TnmRO89r4oeoAvtJpHqiytB21kDKAljBYwOfU5onyGOVZZP9bgD11rBzO9T7JvmcyXT6Sk0OoIVEMl9lydk06iL1ERis7OzokuqF2f1Efjx656CLPNdrB75dfg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+65567+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 160095199009580.7086622740087; Thu, 24 Sep 2020 05:53:10 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id zjbAYY1788612xR6kJkEq8cq; Thu, 24 Sep 2020 05:53:09 -0700 X-Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web11.13647.1600942973425380349 for ; Thu, 24 Sep 2020 03:22:53 -0700 IronPort-SDR: Q/KLEYnRf0E4twlDEq3KH7W2j1QznUyvrhvCP9NbDYj4Nbvwbr6E8s6dR//AjCUp9UsA25y3N+ EvELo4P2/SAQ== X-IronPort-AV: E=McAfee;i="6000,8403,9753"; a="179235840" X-IronPort-AV: E=Sophos;i="5.77,297,1596524400"; d="scan'208";a="179235840" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2020 03:22:52 -0700 IronPort-SDR: 5jOdf+JvKCRdFAPAxPl20ei5TkV49oNffMgdHO0EN2XrbCscYj+wI5oStPyaGi6+A0ThQWoPAX h+iySVVEvW4g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,297,1596524400"; d="scan'208";a="338996261" X-Received: from jkukiell-desk.ger.corp.intel.com ([10.102.87.26]) by orsmga008.jf.intel.com with ESMTP; 24 Sep 2020 03:22:50 -0700 From: "Malgorzata Kukiello" To: devel@edk2.groups.io Cc: Malgorzata Kukiello , Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao , Oleksiy Yakovlev , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 2/2] MdeModulePkg/Core/Dxe: expose SP and CRYPTO capabilities in UEFI memmap Date: Thu, 24 Sep 2020 12:21:31 +0200 Message-Id: <20200924102132.18248-2-jacek.kukiello@intel.com> In-Reply-To: <20200924102132.18248-1-jacek.kukiello@intel.com> References: <20200924102132.18248-1-jacek.kukiello@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jacek.kukiello@intel.com X-Gm-Message-State: fMVqGLpsuaqmHRm0ZdNxGu9Gx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1600951989; bh=zcp1dLLgT7qGDDT1hf3is5OKkIBzfrDaZeD0nX44iNE=; h=Cc:Date:From:Reply-To:Subject:To; b=MIzhPjsizg/VRMdAIBGUNPyQmhz+f2GlheBFsTRgkVreshfC5QU4ys2wchpAHtQpaYY ptDAdXYsHPFdgoeN9gXp9XCRcPduHcmxOZEa/sthLYjDoZqV5wXPAM3MY+Fj7r2Peh6Qo Iv8wTnUNshUrQx3vDliM3AcVPXr+CbH9W+Q= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" OSs are now capable of treating SP and CRYPTO memory as true capabilities and therefore these should be exposed. This requires usage of a separate ACCESS_MASK to hide all page-access permission capabilities. Change in masking and hiding of SP and CRYPTO was introduced in=20 3bd5c994c879f78e8e3d5346dc3b627f199291aa Signed-off-by: Malgorzata Kukiello Cc: Jian J Wang Cc: Hao A Wu Cc: Dandan Bi Cc: Liming Gao Cc: Oleksiy Yakovlev Cc: Ard Biesheuvel (ARM address) Reviewed-by: Laszlo Ersek --- MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index 2c2c9cd6c3..731bf08bc9 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -1924,16 +1924,16 @@ CoreGetMemoryMap ( // set attributes and change memory paging attribute accordingly. // But current EFI_MEMORY_DESCRIPTOR.Attribute is assigned by // value from Capabilities in GCD memory map. This might cause - // boot problems. Clearing all paging related capabilities can - // workaround it. Following code is supposed to be removed once - // the usage of EFI_MEMORY_DESCRIPTOR.Attribute is clarified in - // UEFI spec and adopted by both EDK-II Core and all supported - // OSs. + // boot problems. Clearing all page-access permission related + // capabilities can workaround it. Following code is supposed to + // be removed once the usage of EFI_MEMORY_DESCRIPTOR.Attribute + // is clarified in UEFI spec and adopted by both EDK-II Core and + // all supported OSs. // MemoryMapEnd =3D MemoryMap; MemoryMap =3D MemoryMapStart; while (MemoryMap < MemoryMapEnd) { - MemoryMap->Attribute &=3D ~(UINT64)EFI_MEMORY_ATTRIBUTE_MASK; + MemoryMap->Attribute &=3D ~(UINT64)EFI_MEMORY_ACCESS_MASK; MemoryMap =3D NEXT_MEMORY_DESCRIPTOR (MemoryMap, Size); } MergeMemoryMap (MemoryMapStart, &BufferSize, Size); --=20 2.18.0.windows.1 --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gos= podarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapi= ta zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i mo= e zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci= , prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek prz= egldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the s= ole use of the intended recipient(s). If you are not the intended recipient= , please contact the sender and delete all copies; any review or distributi= on by others is strictly prohibited. =20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#65567): https://edk2.groups.io/g/devel/message/65567 Mute This Topic: https://groups.io/mt/77056341/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-