From nobody Sun May 19 16:27:47 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99701+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99701+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675722074; cv=none; d=zohomail.com; s=zohoarc; b=XWOumcWoJ/A4Zgb4TGqquoUvSudGRFIYY7ToPOSOtjJNRoBpD2oYji7TpRd6lcp0u3Ie57a3q702eCCo/OwaHss03llHmiZcal8uxpP1R6PDsPhkTrYdN9eNoeTFLaok0uwB6KIdewguz7rgS580ML1CCJC0r4LUkUxyZwVWihE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675722074; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=yPWNV6coL680CAoa5Erc+qpf81p9Qzev7ek7ZT6bNVc=; b=nMuGhauBz/ouyiWXcQNaaWSt10TvSUkIz2qF3iyNM7QlQEtU0RQARdwToRh2oC5EwcDDn2zxsIDTifkWgyJBsFtUTt+q1wyVtKkcEI77JvhJ8IHfoe7+KNolLtfQP/cJascVLSXBJM4khrVXdBS02C4c3aXrYoLI+94aPNMlImU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99701+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675722074785839.1980230633977; Mon, 6 Feb 2023 14:21:14 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id d4zmYY1788612xiex4ADztj1; Mon, 06 Feb 2023 14:21:14 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web10.68439.1675722073652144547 for ; Mon, 06 Feb 2023 14:21:14 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id D5552B81619; Mon, 6 Feb 2023 22:21:11 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5C6B9C4339B; Mon, 6 Feb 2023 22:21:08 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v3 1/5] MdePkg: Add Memory Attribute Protocol definition Date: Mon, 6 Feb 2023 23:20:56 +0100 Message-Id: <20230206222100.411169-2-ardb@kernel.org> In-Reply-To: <20230206222100.411169-1-ardb@kernel.org> References: <20230206222100.411169-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: Y5RvyP8x2RWyiHBkVdmDKsdSx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675722074; bh=KvBR1MerjixedvgzXjgCkPt/mHPwffpjglQkyODhl1k=; h=Cc:Date:From:Reply-To:Subject:To; b=iaUPAyN8txcsmfzWI8xHsfowafgc5EXJQg3qAOAX+pkHXmc9A1FNlW/3u0abGSMq9Im SWT4zapgLCNT2WiyJqk+RmZetCi2Rme6i1kVGhurZRv86NsFtmgLsfcbOOr70NUCVMZVR omLk6NEEFGrnOzHDMlPzD5K6LHlhZkst/cs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675722076442100002 Content-Type: text/plain; charset="utf-8" Add the Memory Attribute Protocol definition, which was adopted and included in version 2.10 of the UEFI specification. Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3519 Signed-off-by: Ard Biesheuvel Reviewed-by: Liming Gao --- MdePkg/Include/Protocol/MemoryAttribute.h | 142 ++++++++++++++++++++ MdePkg/MdePkg.dec | 3 + 2 files changed, 145 insertions(+) diff --git a/MdePkg/Include/Protocol/MemoryAttribute.h b/MdePkg/Include/Pro= tocol/MemoryAttribute.h new file mode 100644 index 000000000000..ff930fb21aa6 --- /dev/null +++ b/MdePkg/Include/Protocol/MemoryAttribute.h @@ -0,0 +1,142 @@ +/** @file + + EFI Memory Attribute Protocol provides retrieval and update service + for memory attributes in EFI environment. + + Copyright (c) 2021, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Google LLC. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __EFI_MEMORY_ATTRIBUTE_H__ +#define __EFI_MEMORY_ATTRIBUTE_H__ + +#define EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID \ + { \ + 0xf4560cf6, 0x40ec, 0x4b4a, { 0xa1, 0x92, 0xbf, 0x1d, 0x57, 0xd0, 0xb1= , 0x89 } \ + } + +typedef struct _EFI_MEMORY_ATTRIBUTE_PROTOCOL EFI_MEMORY_ATTRIBUTE_PROTOCO= L; + +/** + This function set given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to set for the memo= ry + region. + + @retval EFI_SUCCESS The attributes were set for the memory reg= ion. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be set together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_SET_MEMORY_ATTRIBUTES)( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ); + +/** + This function clears given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to clear for the me= mory + region. + + @retval EFI_SUCCESS The attributes were cleared for the memory= region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be cleared together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_CLEAR_MEMORY_ATTRIBUTES)( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ); + +/** + This function retrieves the attributes of the memory region specified by + BaseAddress and Length. If different attributes are got from different p= art + of the memory region, EFI_NO_MAPPING will be returned. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes Pointer to attributes returned. + + @retval EFI_SUCCESS The attributes got for the memory region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes is NULL. + @retval EFI_NO_MAPPING Attributes are not consistent cross the me= mory + region. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_GET_MEMORY_ATTRIBUTES)( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + OUT UINT64 *Attributes + ); + +/// +/// EFI Memory Attribute Protocol provides services to retrieve or update +/// attribute of memory in the EFI environment. +/// +struct _EFI_MEMORY_ATTRIBUTE_PROTOCOL { + EFI_GET_MEMORY_ATTRIBUTES GetMemoryAttributes; + EFI_SET_MEMORY_ATTRIBUTES SetMemoryAttributes; + EFI_CLEAR_MEMORY_ATTRIBUTES ClearMemoryAttributes; +}; + +extern EFI_GUID gEfiMemoryAttributeProtocolGuid; + +#endif diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 3d08f20d15b0..a8658403c8fd 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -1915,6 +1915,9 @@ [Protocols] ## Include/Protocol/RedfishDiscover.h gEfiRedfishDiscoverProtocolGuid =3D { 0x5db12509, 0x4550, 0x4347, {= 0x96, 0xb3, 0x73, 0xc0, 0xff, 0x6e, 0x86, 0x9f }} =20 + ## Include/Protocol/MemoryAttribute.h + gEfiMemoryAttributeProtocolGuid =3D { 0xf4560cf6, 0x40ec, 0x4b4a, { 0xa1= , 0x92, 0xbf, 0x1d, 0x57, 0xd0, 0xb1, 0x89 }} + # # Protocols defined in Shell2.0 # --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99701): https://edk2.groups.io/g/devel/message/99701 Mute This Topic: https://groups.io/mt/96795071/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 16:27:47 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99702+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99702+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675722077; cv=none; d=zohomail.com; s=zohoarc; b=QqI/OYHjLWa00YiyfqLS03QolPLOtfdeIt9lC4e4TEOmDH8sHq0ISZnTul4UgAtuZvSJ3J5OzDf6cjhDZ8fioCp/kQyRUk3BCUIIkXbsYtcH82mVAnOjXE/men/zQFUcj8wIKE/VrTA+d0/0teY7AZYYQ9zbPL3F2/xFiZwBLvM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675722077; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=2ULRj+beRbosl/nZdOP9qnQGmo9zKCzBPI7AY90BcyE=; b=X8mSvBrFu/igEuVjspNZd1yUIByPUieocMS44V28t0om7Z7ulOSRGoa0pYTJcaYgrP8U5Ega3tk4IY5ujMMHWz6o6Q4C2m2kMn/syjnn9qQmrJ2UDj3wGMUqCJmm5zsfmJQ1RAj18ZFsBmNgZJsw7VE5kGQ9U5HGgvrV+9weqaM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99702+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675722077086829.9918775576505; Mon, 6 Feb 2023 14:21:17 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 9vTtYY1788612xp7sZf9C1GT; Mon, 06 Feb 2023 14:21:16 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web10.68444.1675722075988001796 for ; Mon, 06 Feb 2023 14:21:16 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 721D2B81630; Mon, 6 Feb 2023 22:21:14 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB469C4339C; Mon, 6 Feb 2023 22:21:10 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v3 2/5] ArmPkg/CpuDxe ARM: Fix page-to-section attribute conversion Date: Mon, 6 Feb 2023 23:20:57 +0100 Message-Id: <20230206222100.411169-3-ardb@kernel.org> In-Reply-To: <20230206222100.411169-1-ardb@kernel.org> References: <20230206222100.411169-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: nJhCPwdaS0lxALazwLmB3FNux1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675722076; bh=5xCLcZu85p7IlwGV5EUGKXKXdd7+eBf0m447Pbe71M4=; h=Cc:Date:From:Reply-To:Subject:To; b=Hj69nSZDA/Csf151M/VCvU8+WbDrlRbc+y0WYCq9rsJLj3snpSSXG0TfiuWq3iNAezb xLzTqcwNFd5c3EuyMtmHqPAjg4IOOKFWXukbhi+3IJXt2Kdl0w2KZVaP2ClPS3cvvmAaa wIrkZxYxk19rB2f2sp21d48D02DWSn2fUow= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675722078410100006 Content-Type: text/plain; charset="utf-8" The section-to-page attribute conversion takes the shareability and execute-never attributes into account, whereas the page-to-section counterpart does not. The result is that GetMemoryRegionPage () -which takes a section attribute argument (via *RegionAttributes) that is ostensibly based on the first page in the range, but differs from the actual page attributes when converted back- may return with a RegionLength of zero. This is incorrect, and confuses code that scans a region by calling GetMemoryRegion () in sequence. So fix the conversion, and ASSERT () on a non-zero region length. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 3 +++ ArmPkg/Include/Chipset/ArmV7Mmu.h | 2 ++ 2 files changed, 5 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mm= u.c index 2daf47ba6fe5..e7acd84b8af9 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -480,6 +480,8 @@ GetMemoryRegion ( =20 PageAttributes =3D PageTable[PageTableIndex] & TT_DESCRIPTOR_PAGE_A= TTRIBUTE_MASK; *RegionAttributes =3D TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (P= ageAttributes, 0) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_S (PageAttributes= ) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_XN (PageAttribute= s) | TT_DESCRIPTOR_CONVERT_TO_SECTION_AP (PageAttribute= s); } =20 @@ -494,6 +496,7 @@ GetMemoryRegion ( =20 // Scan the page table to find the end of the region. Status =3D GetMemoryRegionPage (PageTable, BaseAddress, RegionLength= , RegionAttributes); + ASSERT (*RegionLength > 0); =20 // If we have found the end of the region (Status =3D=3D EFI_SUCCESS= ) then we exit the for-loop if (Status =3D=3D EFI_SUCCESS) { diff --git a/ArmPkg/Include/Chipset/ArmV7Mmu.h b/ArmPkg/Include/Chipset/Arm= V7Mmu.h index db99527d6efa..4f51041e29ed 100644 --- a/ArmPkg/Include/Chipset/ArmV7Mmu.h +++ b/ArmPkg/Include/Chipset/ArmV7Mmu.h @@ -144,6 +144,8 @@ (((((D= esc) & (0x3 << 12)) >> 6) | (Desc & (0x3 << 2))))) =20 #define TT_DESCRIPTOR_CONVERT_TO_SECTION_AP(Desc) ((((Desc) & TT_DESCRIPT= OR_PAGE_AP_MASK) << 6) & TT_DESCRIPTOR_SECTION_AP_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_S(Desc) ((((Desc) & TT_DESCRIPT= OR_PAGE_S_MASK) << 6) & TT_DESCRIPTOR_SECTION_S_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_XN(Desc) ((((Desc) & TT_DESCRIPT= OR_PAGE_XN_MASK) << 4) & TT_DESCRIPTOR_SECTION_XN_MASK) =20 #define TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY(Desc, IsLargePage) = (IsLargePage? \ (((Des= c) & TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_MASK) & TT_DESCRIPTOR_SECTION_CAC= HE_POLICY_MASK): \ --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99702): https://edk2.groups.io/g/devel/message/99702 Mute This Topic: https://groups.io/mt/96795073/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 16:27:47 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99703+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99703+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675722080; cv=none; d=zohomail.com; s=zohoarc; b=hD8naXcqXlAxMonS/lrVXfVXiRGlnz1rU/A3ykDI8W5/97ycZsl1JOk/kN0PcvTv3MbtrykOr3rRVR9ywSrKPfUcAeIWmBvAJdYQSi365tp8+NFfQUcPQay28vtFhgbSIf5cgw0L3QhsFayLtmxWF8+A4L1+d/U+MsnZ0nuF8Tg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675722080; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=7ejazRBbyU7k6F9ZjdPlmcYl20vYNhg9hBHUPDnWq3M=; b=erm6KUzacXWxTscNW7zLNFqp0h1HrSuV9DcIWranUi3T7ISIxM7ADC4xRWwalTw4sMwEY0XqEOehJVpQiXeE5sSqTDQHk9rfe52h4xZwySq4H0QzQE2yhY7FQJaF+2aia0InApI8e4GD9uEdUYNLJGOGm9w27JSSMQSi5KvRZjM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99703+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675722080118476.38717700472466; Mon, 6 Feb 2023 14:21:20 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id O10rYY1788612xVY0QBd1lbj; Mon, 06 Feb 2023 14:21:19 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web11.68653.1675722078763380361 for ; Mon, 06 Feb 2023 14:21:19 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 01516B81633; Mon, 6 Feb 2023 22:21:17 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 87624C433EF; Mon, 6 Feb 2023 22:21:13 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v3 3/5] ArmPkg/CpuDxe: Expose unified region-to-EFI attribute conversion Date: Mon, 6 Feb 2023 23:20:58 +0100 Message-Id: <20230206222100.411169-4-ardb@kernel.org> In-Reply-To: <20230206222100.411169-1-ardb@kernel.org> References: <20230206222100.411169-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: SK5PvMTz6WkWFcSxA1yDZfhZx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675722079; bh=YkuxeVuZXJp925QSp8S6pRwGiyQdvkovBm6TZcobXWI=; h=Cc:Date:From:Reply-To:Subject:To; b=Hbj7G8zB5gJJ87QgT2HqM8LnJCS+NPGxK9v8ZYGzEgA7sdn3hJZzmB7ldS1jG/YIfSe J/MYX2hIvsr0JxRGeCjvtWuKGu4CQ6zmcE4NIvd0VvYHNI6YTLkaF3MvSryawoWnUQDK2 66BAwJT3XTuOt+qjdbOYSv0xwKnTKhzS8CE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675722080427100010 Content-Type: text/plain; charset="utf-8" In preparation for introducing an implementation of the EFI memory attributes protocol that is shared between ARM and AArch64, unify the existing code that converts a page table descriptor into a EFI_MEMORY_xxx bitfield, so it can be called from the generic code. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 8 ++++++++ ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 13 +++++++++++++ ArmPkg/Drivers/CpuDxe/CpuDxe.h | 5 +++++ 3 files changed, 26 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c b/ArmPkg/Drivers/CpuDxe/AA= rch64/Mmu.c index 8bb33046e707..a4bde2034fa0 100644 --- a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c @@ -79,6 +79,14 @@ PageAttributeToGcdAttribute ( return GcdAttributes; } =20 +UINT64 +RegionAttributeToGcdAttribute ( + IN UINTN PageAttributes + ) +{ + return PageAttributeToGcdAttribute (PageAttributes); +} + STATIC UINT64 GetFirstPageAttribute ( diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mm= u.c index e7acd84b8af9..a3a7fde9a872 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -13,6 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include "CpuDxe.h" =20 +STATIC EFI_STATUS SectionToGcdAttributes ( IN UINT32 SectionAttributes, @@ -77,6 +78,18 @@ SectionToGcdAttributes ( return EFI_SUCCESS; } =20 +UINT64 +RegionAttributeToGcdAttribute ( + IN UINTN PageAttributes + ) +{ + UINT64 Result; + + SectionToGcdAttributes (PageAttributes, &Result); + return Result; +} + +STATIC EFI_STATUS PageToGcdAttributes ( IN UINT32 PageAttributes, diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.h b/ArmPkg/Drivers/CpuDxe/CpuDxe.h index ff672390ce51..5a9f1ef1f969 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.h +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.h @@ -126,4 +126,9 @@ SetGcdMemorySpaceAttributes ( IN UINT64 Attributes ); =20 +UINT64 +RegionAttributeToGcdAttribute ( + IN UINTN PageAttributes + ); + #endif // CPU_DXE_H_ --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99703): https://edk2.groups.io/g/devel/message/99703 Mute This Topic: https://groups.io/mt/96795077/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 16:27:47 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99704+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99704+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675722080; cv=none; d=zohomail.com; s=zohoarc; b=mscOBPbPin825X/5gXgtFCBT0b3QHAmrUiVMrMO6mMREEjRD672dpHCX7OtZ1SyTFbzPnktMe1fEpR/bRbpeQJZiUNf0tMio/YZMvWsaKIljYP0FmbqYCMpwuwPbexMY8yYSVRA8vLkM8i5EisDadMvHbXCRL4DNRltsgALpT5g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675722080; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=0Q8mjhi49VgRYT8Ud76WJiwYVSexP4Be+LI5nVGFQHw=; b=VST1l5i2Z5RhHt8++0eP8OWb8TERBYEF7ChwAbRUi9lgcQX+TVDrx5EOEAI+yyI4E4dwaJ4WHd69HKteMCjvCIvqk1JGzs5QJFM/sCCBFIpnxPbcIHTKUbhQE1QnlxbdOsIQuhx009x13pSOJ3I7EeD0KDomCu1H7hIY5wUnxig= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99704+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167572208064599.05151291685956; Mon, 6 Feb 2023 14:21:20 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 4EJsYY1788612x0b1gSZnXts; Mon, 06 Feb 2023 14:21:20 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.68447.1675722079360355261 for ; Mon, 06 Feb 2023 14:21:19 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id D72A960F73; Mon, 6 Feb 2023 22:21:18 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2347EC4339C; Mon, 6 Feb 2023 22:21:15 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v3 4/5] ArmPkg/CpuDxe: Implement EFI memory attributes protocol Date: Mon, 6 Feb 2023 23:20:59 +0100 Message-Id: <20230206222100.411169-5-ardb@kernel.org> In-Reply-To: <20230206222100.411169-1-ardb@kernel.org> References: <20230206222100.411169-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: E3d2KogJbWTXTwetcitnqcMMx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675722080; bh=WJ4At0ghKD5lOx4V1jYQpM8PkYR1LBk4e7xlUKuhFcE=; h=Cc:Date:From:Reply-To:Subject:To; b=dG98BJwGZhR7TEYkGvfJ2BfPNPmy7C8slCI5sfAOF/JpSem0DYfYwfQTAxYYs85yBH8 /+gz4SW7gOyiU54gVL5dbrtLtee6Cckx0O/BeKZG0RBGphFqQhGk9/nDnAqxfbTE0QNvh /vTiv2QAYsYlCZzhxo6e3CGjXlpyQEy46SY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675722082498100013 Content-Type: text/plain; charset="utf-8" Expose the protocol introduced in v2.10 that permits the caller to manage mapping permissions in the page tables. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/CpuDxe.c | 2 + ArmPkg/Drivers/CpuDxe/CpuDxe.h | 3 + ArmPkg/Drivers/CpuDxe/CpuDxe.inf | 2 + ArmPkg/Drivers/CpuDxe/MemoryAttribute.c | 252 ++++++++++++++++++++ 4 files changed, 259 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.c b/ArmPkg/Drivers/CpuDxe/CpuDxe.c index e6742f0a25fc..d04958e79e52 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.c +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.c @@ -244,6 +244,8 @@ CpuDxeInitialize ( &mCpuHandle, &gEfiCpuArchProtocolGuid, &mCpu, + &gEfiMemoryAttributeProtocolGuid, + &mMemoryAttribute, NULL ); =20 diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.h b/ArmPkg/Drivers/CpuDxe/CpuDxe.h index 5a9f1ef1f969..6cb5cd3d2e70 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.h +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.h @@ -30,9 +30,12 @@ #include #include #include +#include =20 extern BOOLEAN mIsFlushingGCD; =20 +extern EFI_MEMORY_ATTRIBUTE_PROTOCOL mMemoryAttribute; + /** This function registers and enables the handler specified by InterruptHa= ndler for a processor interrupt or exception type specified by InterruptType. If InterruptHand= ler is NULL, then the diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf b/ArmPkg/Drivers/CpuDxe/CpuDx= e.inf index 10792b393fc8..e732e21cb94a 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.inf @@ -23,6 +23,7 @@ [Sources.Common] CpuDxe.h CpuMmuCommon.c Exception.c + MemoryAttribute.c =20 [Sources.ARM] Arm/Mmu.c @@ -53,6 +54,7 @@ [LibraryClasses] =20 [Protocols] gEfiCpuArchProtocolGuid + gEfiMemoryAttributeProtocolGuid =20 [Guids] gEfiDebugImageInfoTableGuid diff --git a/ArmPkg/Drivers/CpuDxe/MemoryAttribute.c b/ArmPkg/Drivers/CpuDx= e/MemoryAttribute.c new file mode 100644 index 000000000000..379e90bd9d1d --- /dev/null +++ b/ArmPkg/Drivers/CpuDxe/MemoryAttribute.c @@ -0,0 +1,252 @@ +/** @file + + Copyright (c) 2023, Google LLC. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CpuDxe.h" + +/** + This function retrieves the attributes of the memory region specified by + BaseAddress and Length. If different attributes are got from different p= art + of the memory region, EFI_NO_MAPPING will be returned. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes Pointer to attributes returned. + + @retval EFI_SUCCESS The attributes got for the memory region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes is NULL. + @retval EFI_NO_MAPPING Attributes are not consistent cross the me= mory + region. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + +**/ +STATIC +EFI_STATUS +GetMemoryAttributes ( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + OUT UINT64 *Attributes + ) +{ + UINTN RegionAddress; + UINTN RegionLength; + UINTN RegionAttributes; + UINTN Union; + UINTN Intersection; + EFI_STATUS Status; + + if ((Length =3D=3D 0) || (Attributes =3D=3D NULL)) { + return EFI_INVALID_PARAMETER; + } + + DEBUG ((DEBUG_VERBOSE, + "%a: BaseAddress =3D=3D 0x%lx, Length =3D=3D 0x%lx\n", + __FUNCTION__, + BaseAddress, + Length + )); + + Union =3D 0; + Intersection =3D MAX_UINTN; + + for (RegionAddress =3D (UINTN)BaseAddress; + RegionAddress < (UINTN)(BaseAddress + Length); + RegionAddress +=3D RegionLength) { + + Status =3D GetMemoryRegion (&RegionAddress, + &RegionLength, + &RegionAttributes + ); + + DEBUG ((DEBUG_VERBOSE, + "%a: RegionAddress =3D=3D 0x%lx, RegionLength =3D=3D 0x%lx, Re= gionAttributes =3D=3D 0x%lx\n", + __FUNCTION__, + (UINT64)RegionAddress, + (UINT64)RegionLength, + (UINT64)RegionAttributes + )); + + if (EFI_ERROR (Status)) { + return EFI_NO_MAPPING; + } + + Union |=3D RegionAttributes; + Intersection &=3D RegionAttributes; + } + + DEBUG ((DEBUG_VERBOSE, + "%a: Union =3D=3D %lx, Intersection =3D=3D %lx\n", + __FUNCTION__, + (UINT64)Union, + (UINT64)Intersection + )); + + if (Union !=3D Intersection) { + return EFI_NO_MAPPING; + } + + *Attributes =3D RegionAttributeToGcdAttribute (Union) & (EFI_MEMORY_RO |= EFI_MEMORY_XP); + return EFI_SUCCESS; +} + +/** + This function set given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to set for the memo= ry + region. + + @retval EFI_SUCCESS The attributes were set for the memory reg= ion. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be set together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +STATIC +EFI_STATUS +SetMemoryAttributes ( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ) +{ + EFI_STATUS Status; + + DEBUG ((DEBUG_INFO, + "%a: BaseAddress =3D=3D 0x%lx, Length =3D=3D 0x%lx, Attributes = =3D=3D 0x%lx\n", + __FUNCTION__, + (UINTN)BaseAddress, + (UINTN)Length, + (UINTN)Attributes + )); + + if ((Length =3D=3D 0) || + ((Attributes & ~(EFI_MEMORY_RO | EFI_MEMORY_RP | EFI_MEMORY_XP)) != =3D 0)) { + return EFI_INVALID_PARAMETER; + } + + if ((Attributes & EFI_MEMORY_RP) !=3D 0) { + return EFI_UNSUPPORTED; + } + + if ((Attributes & EFI_MEMORY_RO) !=3D 0) { + Status =3D ArmSetMemoryRegionReadOnly (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + if ((Attributes & EFI_MEMORY_XP) !=3D 0) { + Status =3D ArmSetMemoryRegionNoExec (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + return EFI_SUCCESS; +} + +/** + This function clears given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to clear for the me= mory + region. + + @retval EFI_SUCCESS The attributes were cleared for the memory= region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be cleared together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +STATIC +EFI_STATUS +ClearMemoryAttributes ( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ) +{ + EFI_STATUS Status; + + DEBUG ((DEBUG_INFO, + "%a: BaseAddress =3D=3D 0x%lx, Length =3D=3D 0x%lx, Attributes = =3D=3D 0x%lx\n", + __FUNCTION__, + (UINTN)BaseAddress, + (UINTN)Length, + (UINTN)Attributes + )); + + if ((Length =3D=3D 0) || + ((Attributes & ~(EFI_MEMORY_RO | EFI_MEMORY_RP | EFI_MEMORY_XP)) != =3D 0)) { + return EFI_INVALID_PARAMETER; + } + + if ((Attributes & EFI_MEMORY_RO) !=3D 0) { + Status =3D ArmClearMemoryRegionReadOnly (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + if ((Attributes & EFI_MEMORY_XP) !=3D 0) { + Status =3D ArmClearMemoryRegionNoExec (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + return EFI_SUCCESS; +} + +EFI_MEMORY_ATTRIBUTE_PROTOCOL mMemoryAttribute =3D { + GetMemoryAttributes, + SetMemoryAttributes, + ClearMemoryAttributes +}; --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99704): https://edk2.groups.io/g/devel/message/99704 Mute This Topic: https://groups.io/mt/96795078/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 19 16:27:47 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99705+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99705+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675722082; cv=none; d=zohomail.com; s=zohoarc; b=h8T8P28jQTu33scYA6YvPqZ/LWwi7TBpRvgbHuvgRfdyv21tBpxtEHaVJ/x6pemVrZSBmIfHpTlQuVdSWGlSdyO5/7l7iUEzXXq1BOktB0gzjGY1h7HffGpyDB/NcJcGYdb8zfXIVvxXXvTQfk8MauL0rbzw/vghNYetWKcvKdA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675722082; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=yAGxb2nMNO7WACPZh29nDwo/wz3UXS09RWSibsrhApc=; b=F7XjV4/TMu4Db/6nfXpE0phpxS1TAGTkDwejtu+N3tnihs/VBqyCg4wxxXy3HdEWIIQwZ0TTifoeAkCsFc5/3DpwlGhoZug1OaJmoulv2hyHOXB701tV80+28C6LS8R9rIiZIPNMRyXzGdfo2HdwUkMNu+x71AFDoO0vruUbCV0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99705+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675722082681615.3840021241421; Mon, 6 Feb 2023 14:21:22 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id m6A9YY1788612x8AjkWrJeTL; Mon, 06 Feb 2023 14:21:22 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.68453.1675722081932082835 for ; Mon, 06 Feb 2023 14:21:22 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 729A261047; Mon, 6 Feb 2023 22:21:21 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id B106FC433A1; Mon, 6 Feb 2023 22:21:18 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [NOT FOR MERGE v3 5/5] MdeModulePkg/DxeCore: add DEBUG code for memory attribute handling Date: Mon, 6 Feb 2023 23:21:00 +0100 Message-Id: <20230206222100.411169-6-ardb@kernel.org> In-Reply-To: <20230206222100.411169-1-ardb@kernel.org> References: <20230206222100.411169-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: mRsOrkFfQYDEHrw4RFaw4GIgx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675722082; bh=Vm/T+t/cqU8JsuiXFiy25GO4HaBBcKaUT9AsjUYyu8g=; h=Cc:Date:From:Reply-To:Subject:To; b=sv/qVI1n5kJyb6GiataFtUgbg6ky4pAQk8aStSr1pYrNgPWym8fqkXledvhJDPRdiLO BlZ7C9SPJ7IZJPLg+LHdgsEEVESow1ZKFhtlJGgspuJbkugz2kJBKKLKMXUGd4elqmPGY cr1JZhPw6wsfVuMgXPVTKy5LDoXFZcBxhp8= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675722084456100018 Content-Type: text/plain; charset="utf-8" NOT FOR MERGE Add some DEBUG code to double check that the memory attributes have been modified as expected by the code that manages read-only and/or non-exec permissions for page allocations and loaded images. --- MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 79 +++++++++++++++++++- 2 files changed, 77 insertions(+), 3 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index 35d5bf0dee6f..87caff8289ee 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -154,6 +154,7 @@ [Protocols] gEfiHiiPackageListProtocolGuid ## SOMETIMES_PRODUCES gEfiSmmBase2ProtocolGuid ## SOMETIMES_CONSUMES gEdkiiPeCoffImageEmulatorProtocolGuid ## SOMETIMES_CONSUMES + gEfiMemoryAttributeProtocolGuid ## SOMETIMES_CONSUMES =20 # Arch Protocols gEfiBdsArchProtocolGuid ## CONSUMES diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/C= ore/Dxe/Misc/MemoryProtection.c index b89ab046fa73..18b5a1d2b69d 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -37,6 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include =20 #include +#include #include =20 #include "DxeMain.h" @@ -66,6 +67,8 @@ extern LIST_ENTRY mGcdMemorySpaceMap; =20 STATIC LIST_ENTRY mProtectedImageRecordList; =20 +EFI_MEMORY_ATTRIBUTE_PROTOCOL *mMemoryAttribute; + /** Sort code section in image record, based upon CodeSegmentBase from low t= o high. =20 @@ -226,6 +229,33 @@ SetUefiImageMemoryAttributes ( =20 ASSERT (gCpu !=3D NULL); gCpu->SetMemoryAttributes (gCpu, BaseAddress, Length, FinalAttributes); + + DEBUG_CODE_BEGIN (); + + UINT64 OldAttributes; + EFI_STATUS Status; + + if (mMemoryAttribute !=3D NULL) { + Status =3D mMemoryAttribute->GetMemoryAttributes (mMemoryAttribute, + BaseAddress, + Length, + &OldAttributes + ); + ASSERT_EFI_ERROR (Status); + + FinalAttributes &=3D EFI_MEMORY_ATTRIBUTE_MASK; + if (FinalAttributes !=3D OldAttributes) { + DEBUG ((DEBUG_WARN, + "%a: Expected 0x%llx for new attributes, actual 0x%llx\n", + __FUNCTION__, + FinalAttributes, + OldAttributes + )); + ASSERT (FALSE); + } + } + + DEBUG_CODE_END (); } =20 /** @@ -995,6 +1025,16 @@ MemoryProtectionCpuArchProtocolNotify ( goto Done; } =20 + DEBUG_CODE_BEGIN (); + // + // Grab a reference to the EFI memory attributes table if it exists + // + CoreLocateProtocol (&gEfiMemoryAttributeProtocolGuid, + NULL, + (VOID **)&mMemoryAttribute + ); + DEBUG_CODE_END (); + // // Apply the memory protection policy on non-BScode/RTcode regions. // @@ -1246,8 +1286,9 @@ ApplyMemoryProtectionPolicy ( IN UINT64 Length ) { - UINT64 OldAttributes; - UINT64 NewAttributes; + UINT64 OldAttributes; + UINT64 NewAttributes; + EFI_STATUS Status; =20 // // The policy configured in PcdDxeNxMemoryProtectionPolicy @@ -1313,5 +1354,37 @@ ApplyMemoryProtectionPolicy ( return EFI_SUCCESS; } =20 - return gCpu->SetMemoryAttributes (gCpu, Memory, Length, NewAttributes); + Status =3D gCpu->SetMemoryAttributes (gCpu, Memory, Length, NewAttribute= s); + if (EFI_ERROR (Status)) { + return Status; + } + + DEBUG_CODE_BEGIN (); + + // + // If available, use the EFI memory attribute protocol to double + // check that the entire region has the expected attributes. + // + if (mMemoryAttribute !=3D NULL) { + Status =3D mMemoryAttribute->GetMemoryAttributes (mMemoryAttribute, + Memory, + Length, + &OldAttributes + ); + ASSERT_EFI_ERROR (Status); + + if (OldAttributes !=3D NewAttributes) { + DEBUG ((DEBUG_WARN, + "%a: Expected 0x%llx for new attributes, actual 0x%llx\n", + __FUNCTION__, + NewAttributes, + OldAttributes + )); + ASSERT (FALSE); + } + } + + DEBUG_CODE_END (); + + return EFI_SUCCESS; } --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99705): https://edk2.groups.io/g/devel/message/99705 Mute This Topic: https://groups.io/mt/96795082/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-