From nobody Tue May  7 03:56:32 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+90540+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+90540+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1655328433; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MQv5iOXTA05fMIUjptBxYFMXMI1CUbFVPS5VCk3PxaZAhMXTNuTQHvs1J4PHk8TOfMMxqoZkSRajvhpoLyj6D/tRDe7lJhDFzmPmES0BzgLl8Z3rG6rQoyyYYEuyXBeFeApijfI9MLzB83Dz9qSmUzezYyREd6OFGQEZ3FFt8Sg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1655328433;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=GIAbjGm3EXiGWrN0vIE2Y5T4eRkmcEtQAUOFkypv5+4=;
	b=J8FDM5SY0kjcLAuZyB8KdhEsjVnIsiVLVIt5a2iMDX1Yx8wA16K6wY9Wa9/GWRlSSPdIsAggr25AleYKpbVOtO4/11LyyZUOVaJGY9YqO7WSyButyDxAYZK3i312jchKafIrmyNK4d1kGFWvUSe9Kcpj+q+ibUwBETevXLwmPXo=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+90540+1787277+3901457@groups.io;
	dmarc=fail header.from=<taylor.d.beebe@gmail.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1655328433938779.4678165429525;
 Wed, 15 Jun 2022 14:27:13 -0700 (PDT)
Return-Path: <bounce+27952+90540+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id gHQYYY1788612xV3MCuJNKSw;
 Wed, 15 Jun 2022 14:27:13 -0700
X-Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com
 [209.85.216.49])
 by mx.groups.io with SMTP id smtpd.web08.10404.1655328203110502196
 for <devel@edk2.groups.io>;
 Wed, 15 Jun 2022 14:23:23 -0700
X-Received: by mail-pj1-f49.google.com with SMTP id
 v17-20020a17090a899100b001ead067eaf9so3391751pjn.0
        for <devel@edk2.groups.io>; Wed, 15 Jun 2022 14:23:23 -0700 (PDT)
X-Gm-Message-State: mr2wuPs04225Y4a2cJJkQtpYx1787277AA=
X-Google-Smtp-Source: 
 AGRyM1tMHaGqndu4p83Q3TMG8drxEuhmvrdQicQIwXQ1QszHKg3E8xUmcNc3B2QB+v1Os2UxTtxAAQ==
X-Received: by 2002:a17:902:ea93:b0:168:bc83:9ae3 with SMTP id
 x19-20020a170902ea9300b00168bc839ae3mr1256253plb.123.1655328202200;
        Wed, 15 Jun 2022 14:23:22 -0700 (PDT)
X-Received: from localhost.localdomain ([50.47.81.182])
        by smtp.googlemail.com with ESMTPSA id
 ep11-20020a17090ae64b00b001eab4d6de9esm7746518pjb.3.2022.06.15.14.23.21
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 15 Jun 2022 14:23:21 -0700 (PDT)
From: Taylor Beebe <taylor.d.beebe@gmail.com>
To: devel@edk2.groups.io
Cc: Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>
Subject: [edk2-devel] [PATCH v1 1/1] UefiCpuPkg: CpuDxe: Set RW and P
 Attributes on Split Pages
Date: Wed, 15 Jun 2022 14:23:07 -0700
Message-Id: <20220615212307.1007-2-taylor.d.beebe@gmail.com>
In-Reply-To: <20220615212307.1007-1-taylor.d.beebe@gmail.com>
References: <20220615212307.1007-1-taylor.d.beebe@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1655328433;
 bh=RT7rHncOH5clb4fo6sAWEHq5nA5louMRBfrn4KIwyOQ=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=WuoPgQElJL+gpvwDNh4VKIkT28a8rnXAbrgGYKAb6XXUNrmw+VZE4iNfrtwPbKk+uM3
 V3D2mmi7R4ZlUnbx7dI0oMmu6GsejwdmD7jOVR3kB7hZ/6eDs9/Url8rpf9HQKBYNnvlR
 +h7nlGtWthVdUGJlUKyRpeaQDrCWbvgqH1w=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1655328435658100003
Content-Type: text/plain; charset="utf-8"

From: Taylor Beebe <t@taylorbeebe.com>

A memory range can be submitted for attribute changes which is large
enough to not require a page split during the attribute update. Consider
the following scenario:

1. An attribute update removed the RW attribute on a range large enough
to not require a page split.
2. Later, an attributes update is called to re-add the RW attribute for
a subsection of that larger page which requires a split
3. The attribute update logic performs a page split, so now the parent
and child pages have matching attributes
4. Then, the attribute update logic changes the child page to have the
RW attribute.
5. The child page would then correctly have the RW attribute added but
the parent page would still have the RW attribute removed which will
cause an improper access violation.

The page being split should have loose attributes to accommodate the
above case. The split page should always have the attributes set so
the lowest level page frame determines the access rights as detailed
in 4.10.2.2 of the Intel 64 and IA-32 Architectures Software
Developer Manual. Setting the User/Supervisor attribute shouldn't
be necessary.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Taylor Beebe <t@taylorbeebe.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
---
 UefiCpuPkg/CpuDxe/CpuPageTable.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/CpuDxe/CpuPageTable.c b/UefiCpuPkg/CpuDxe/CpuPageTa=
ble.c
index f7a4d92e921a..288d9996f6c3 100644
--- a/UefiCpuPkg/CpuDxe/CpuPageTable.c
+++ b/UefiCpuPkg/CpuDxe/CpuPageTable.c
@@ -38,6 +38,8 @@
 #define IA32_PG_NX      BIT63
=20
 #define PAGE_ATTRIBUTE_BITS  (IA32_PG_D | IA32_PG_A | IA32_PG_U | IA32_PG_=
RW | IA32_PG_P)
+#define PAGE_ATTRIBUTE_BITS_POST_SPLIT (IA32_PG_RW | IA32_PG_P)
+
 //
 // Bits 1, 2, 5, 6 are reserved in the IA32 PAE PDPTE
 // X64 PAE PDPTE does not have such restriction
@@ -583,7 +585,7 @@ SplitPage (
         NewPageEntry[Index] =3D (BaseAddress + SIZE_4KB * Index) | Address=
EncMask | ((*PageEntry) & PAGE_PROGATE_BITS);
       }
=20
-      (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*P=
ageEntry) & PAGE_ATTRIBUTE_BITS);
+      (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | AddressEncMask | PAGE=
_ATTRIBUTE_BITS_POST_SPLIT;
       return RETURN_SUCCESS;
     } else {
       return RETURN_UNSUPPORTED;
@@ -606,7 +608,7 @@ SplitPage (
         NewPageEntry[Index] =3D (BaseAddress + SIZE_2MB * Index) | Address=
EncMask | IA32_PG_PS | ((*PageEntry) & PAGE_PROGATE_BITS);
       }
=20
-      (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | AddressEncMask | ((*P=
ageEntry) & PAGE_ATTRIBUTE_BITS);
+      (*PageEntry) =3D (UINT64)(UINTN)NewPageEntry | AddressEncMask | PAGE=
_ATTRIBUTE_BITS_POST_SPLIT;
       return RETURN_SUCCESS;
     } else {
       return RETURN_UNSUPPORTED;
--=20
2.32.0.windows.2



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90540): https://edk2.groups.io/g/devel/message/90540
Mute This Topic: https://groups.io/mt/91786433/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-