From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99886+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99886+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951193; cv=none; d=zohomail.com; s=zohoarc; b=Qn1IUIsbiTAxCRlmff+dfkVy/aR9QshRiNcIcizp5WruTbx1gZg+fpd4Sb0a8hk733ltcMieFFrRPKtLVSz6PI5nEDwIz8fP1lCC1M3kPnebNqTJdg1rhosAwumfmaPFFmvqyQqpqhZ6mp1G9+2RknIZsdgua6t8mgjbAIXXny0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951193; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=9NTy8lah7y0/cJYnyitx564qBWwynV+lu17SYsI+ogg=; b=Bbt2kUMFowDrqggdf8TKC5nAVsETlmf7tOaGK8ruha9Lacd7Thely+Kju1B3awuzYiG4mjWuGnpLa84J+bg1z3V6fiunvWXyXsJan0G2GOSftPipH3msNsII7aWq5tCEnFRaXbegg6iRggaMz2izTtWWzTaeM3GAaCobLO2fk5c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99886+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951193309615.283884977029; Thu, 9 Feb 2023 05:59:53 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id nmutYY1788612xQtmIJcI4LU; Thu, 09 Feb 2023 05:59:52 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.15541.1675951191602752252 for ; Thu, 09 Feb 2023 05:59:51 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 22C9461A9F; Thu, 9 Feb 2023 13:59:51 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 61C22C4339B; Thu, 9 Feb 2023 13:59:48 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 01/11] ArmPkg/ArmMmuLib ARM: Remove half baked large page support Date: Thu, 9 Feb 2023 14:59:26 +0100 Message-Id: <20230209135936.789983-2-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: GvpZXksbYC2zdJUoBkuelDv0x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951192; bh=e4YMzPiUiP/ulQgve9CwFRTz/hUPYWIbpXttV7fOSbI=; h=Cc:Date:From:Reply-To:Subject:To; b=jvOfNuprmZK3DFWvCHgS0xgXxwOtZycqA4g88xAr8I+XurmVb5WfEvjXmzdz5oEqTJ6 fasKDm9E9ekaD299Vu9d0fDFEWdqa3ieTKdMHlucVvGUTBXjlQNNw2d3vr5tpSSbLyORu 2ItqQHD41RTEOxvHY7b9dxxn0GD8BXeJn4E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951193849100005 Content-Type: text/plain; charset="utf-8" Large page support on 32-bit ARM is essentially a glorified contiguous bit where 16 consecutive entries describing a contiguous range with the same attributes are presented in a way that permits the TLB to cache its translation with a single entry. This was never wired up completely, and does not add a lot of value in EFI, where the page granularity is 4k and we expect to be able to set RO and XP permissions on individual pages. Given that large page support complicates the handling of the XN bit at the page level (which is in a different place depending on whether the page is small or large), let's just rip it out. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 8 ++--- ArmPkg/Include/Chipset/ArmV7Mmu.h | 38 ++++++-------------- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c | 7 ++-- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c | 2 +- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 2 +- 5 files changed, 19 insertions(+), 38 deletions(-) diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mm= u.c index 2daf47ba6fe5..ea856f5cdd26 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -165,7 +165,7 @@ SyncCacheConfigPage ( =20 // Convert SectionAttributes into PageAttributes NextPageAttributes =3D - TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY (*NextSectionAttributes, 0)= | + TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY (*NextSectionAttributes) | TT_DESCRIPTOR_CONVERT_TO_PAGE_AP (*NextSectionAttributes); =20 // obtain page table base @@ -212,7 +212,7 @@ SyncCacheConfigPage ( =20 // Convert back PageAttributes into SectionAttributes *NextSectionAttributes =3D - TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (NextPageAttributes, 0) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (NextPageAttributes) | TT_DESCRIPTOR_CONVERT_TO_SECTION_AP (NextPageAttributes); =20 return EFI_SUCCESS; @@ -399,7 +399,7 @@ GetMemoryRegionPage ( UINT32 PageDescriptor; =20 // Convert the section attributes into page attributes - PageAttributes =3D ConvertSectionAttributesToPageAttributes (*RegionAttr= ibutes, 0); + PageAttributes =3D ConvertSectionAttributesToPageAttributes (*RegionAttr= ibutes); =20 // Calculate index into first level translation table for start of modif= ication TableIndex =3D ((*BaseAddress) & TT_DESCRIPTOR_PAGE_INDEX_MASK) >> TT_D= ESCRIPTOR_PAGE_BASE_SHIFT; @@ -479,7 +479,7 @@ GetMemoryRegion ( ASSERT (PageTableIndex < TRANSLATION_TABLE_PAGE_COUNT); =20 PageAttributes =3D PageTable[PageTableIndex] & TT_DESCRIPTOR_PAGE_A= TTRIBUTE_MASK; - *RegionAttributes =3D TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (P= ageAttributes, 0) | + *RegionAttributes =3D TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (P= ageAttributes) | TT_DESCRIPTOR_CONVERT_TO_SECTION_AP (PageAttribute= s); } =20 diff --git a/ArmPkg/Include/Chipset/ArmV7Mmu.h b/ArmPkg/Include/Chipset/Arm= V7Mmu.h index db99527d6efa..7501ebfdf97f 100644 --- a/ArmPkg/Include/Chipset/ArmV7Mmu.h +++ b/ArmPkg/Include/Chipset/ArmV7Mmu.h @@ -98,9 +98,8 @@ #define TT_DESCRIPTOR_PAGE_AP_RO_NO ((1UL << 9) | (1UL << 4)) #define TT_DESCRIPTOR_PAGE_AP_RO_RO ((1UL << 9) | (3UL << 4)) =20 -#define TT_DESCRIPTOR_SECTION_XN_MASK (0x1UL << 4) -#define TT_DESCRIPTOR_PAGE_XN_MASK (0x1UL << 0) -#define TT_DESCRIPTOR_LARGEPAGE_XN_MASK (0x1UL << 15) +#define TT_DESCRIPTOR_SECTION_XN_MASK (0x1UL << 4) +#define TT_DESCRIPTOR_PAGE_XN_MASK (0x1UL << 0) =20 #define TT_DESCRIPTOR_SECTION_CACHE_POLICY_MASK ((3UL <= < 12) | (1UL << 3) | (1UL << 2)) #define TT_DESCRIPTOR_SECTION_CACHEABLE_MASK (1UL <<= 3) @@ -124,30 +123,14 @@ #define TT_DESCRIPTOR_PAGE_CACHE_POLICY_WRITE_BACK_ALLOC ((1UL << 6= ) | (1UL << 3) | (1UL << 2)) #define TT_DESCRIPTOR_PAGE_CACHE_POLICY_NON_SHAREABLE_DEVICE ((2UL << 6= ) | (0UL << 3) | (0UL << 2)) =20 -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_MASK ((3UL= << 12) | (1UL << 3) | (1UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_STRONGLY_ORDERED ((0UL= << 12) | (0UL << 3) | (0UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_SHAREABLE_DEVICE ((0UL= << 12) | (0UL << 3) | (1UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_WRITE_THROUGH_NO_ALLOC ((0UL= << 12) | (1UL << 3) | (0UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_WRITE_BACK_NO_ALLOC ((0UL= << 12) | (1UL << 3) | (1UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_NON_CACHEABLE ((1UL= << 12) | (0UL << 3) | (0UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_WRITE_BACK_ALLOC ((1UL= << 12) | (1UL << 3) | (1UL << 2)) -#define TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_NON_SHAREABLE_DEVICE ((2UL= << 12) | (0UL << 3) | (0UL << 2)) +#define TT_DESCRIPTOR_CONVERT_TO_PAGE_AP(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_AP_MASK) >> 6) & TT_DESCRIPTOR_PAGE_AP_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_PAGE_NG(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_NG_MASK) >> 6) & TT_DESCRIPTOR_PAGE_NG_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_PAGE_S(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_S_MASK) >> 6) & TT_DESCRIPTOR_PAGE_S_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_PAGE_XN(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_XN_MASK) >> 4) & TT_DESCRIPTOR_PAGE_XN_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY(Desc) ((((Desc) & (0x3= << 12)) >> 6) | (Desc & (0x3 << 2))) =20 -#define TT_DESCRIPTOR_CONVERT_TO_PAGE_AP(Desc) (((= (Desc) & TT_DESCRIPTOR_SECTION_AP_MASK) >> 6) & TT_DESCRIPTOR_PAGE_AP_MASK) -#define TT_DESCRIPTOR_CONVERT_TO_PAGE_NG(Desc) (((= (Desc) & TT_DESCRIPTOR_SECTION_NG_MASK) >> 6) & TT_DESCRIPTOR_PAGE_NG_MASK) -#define TT_DESCRIPTOR_CONVERT_TO_PAGE_S(Desc) (((= (Desc) & TT_DESCRIPTOR_SECTION_S_MASK) >> 6) & TT_DESCRIPTOR_PAGE_S_MASK) -#define TT_DESCRIPTOR_CONVERT_TO_PAGE_XN(Desc, IsLargePage) ((I= sLargePage)?\ - ((((De= sc) & TT_DESCRIPTOR_SECTION_XN_MASK) << 11) & TT_DESCRIPTOR_LARGEPAGE_XN_MA= SK): \ - ((((De= sc) & TT_DESCRIPTOR_SECTION_XN_MASK) >> 4) & TT_DESCRIPTOR_PAGE_XN_MASK)) -#define TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY(Desc, IsLargePage) (Is= LargePage? \ - (((Des= c) & TT_DESCRIPTOR_SECTION_CACHE_POLICY_MASK) & TT_DESCRIPTOR_LARGEPAGE_CAC= HE_POLICY_MASK): \ - (((((D= esc) & (0x3 << 12)) >> 6) | (Desc & (0x3 << 2))))) - -#define TT_DESCRIPTOR_CONVERT_TO_SECTION_AP(Desc) ((((Desc) & TT_DESCRIPT= OR_PAGE_AP_MASK) << 6) & TT_DESCRIPTOR_SECTION_AP_MASK) - -#define TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY(Desc, IsLargePage) = (IsLargePage? \ - (((Des= c) & TT_DESCRIPTOR_LARGEPAGE_CACHE_POLICY_MASK) & TT_DESCRIPTOR_SECTION_CAC= HE_POLICY_MASK): \ - (((((D= esc) & (0x3 << 6)) << 6) | (Desc & (0x3 << 2))))) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_AP(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_AP_MASK) << 6) & TT_DESCRIPTOR_SECTION_AP_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY(Desc) ((((Desc) & (= 0x3 << 6)) << 6) | (Desc & (0x3 << 2))) =20 #define TT_DESCRIPTOR_SECTION_ATTRIBUTE_MASK (TT_DESCRIPTOR_SECTION_NS_MA= SK | TT_DESCRIPTOR_SECTION_NG_MASK | \ TT_DESCRIPTOR= _SECTION_S_MASK | TT_DESCRIPTOR_SECTION_AP_MASK | \ @@ -230,8 +213,7 @@ typedef UINT32 ARM_PAGE_TABLE_ENTRY; =20 UINT32 ConvertSectionAttributesToPageAttributes ( - IN UINT32 SectionAttributes, - IN BOOLEAN IsLargePage + IN UINT32 SectionAttributes ); =20 #endif // ARMV7_MMU_H_ diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c b/ArmPkg/Libra= ry/ArmMmuLib/Arm/ArmMmuLibConvert.c index bee8ad7028d3..6e2f08a7ce15 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c @@ -15,16 +15,15 @@ =20 UINT32 ConvertSectionAttributesToPageAttributes ( - IN UINT32 SectionAttributes, - IN BOOLEAN IsLargePage + IN UINT32 SectionAttributes ) { UINT32 PageAttributes; =20 PageAttributes =3D 0; - PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY (SectionA= ttributes, IsLargePage); + PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY (SectionA= ttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_AP (SectionAttributes); - PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_XN (SectionAttributes,= IsLargePage); + PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_XN (SectionAttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_NG (SectionAttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_S (SectionAttributes); =20 diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c b/ArmPkg/Library/= ArmMmuLib/Arm/ArmMmuLibCore.c index 9e304ea05e63..28cc9b2fe058 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c @@ -145,7 +145,7 @@ PopulateLevel2PageTable ( ); =20 // Translate the Section Descriptor into Page Descriptor - SectionDescriptor =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE | ConvertSectionA= ttributesToPageAttributes (*SectionEntry, FALSE); + SectionDescriptor =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE | ConvertSectionA= ttributesToPageAttributes (*SectionEntry); =20 BaseSectionAddress =3D TT_DESCRIPTOR_SECTION_BASE_ADDRESS (*SectionE= ntry); =20 diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index b402197ade99..9ca00c976d5f 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -53,7 +53,7 @@ ConvertSectionToPages ( =20 // Get section attributes and convert to page attributes SectionDescriptor =3D FirstLevelTable[FirstLevelIdx]; - PageDescriptor =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE | ConvertSectionAttri= butesToPageAttributes (SectionDescriptor, FALSE); + PageDescriptor =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE | ConvertSectionAttri= butesToPageAttributes (SectionDescriptor); =20 // Allocate a page table for the 4KB entries (we use up a full page even= though we only need 1KB) PageTable =3D (volatile ARM_PAGE_TABLE_ENTRY *)AllocatePages (1); --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99886): https://edk2.groups.io/g/devel/message/99886 Mute This Topic: https://groups.io/mt/96853152/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99887+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99887+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951195; cv=none; d=zohomail.com; s=zohoarc; b=VMMTAJcHplrb5Lob+4Jgj3wK6qeajts/NoF+TTMy0wfelkZIWsvAyebRjoqDRqKI8a4QufWRNy7YqfGM+8+oDEbbaj9lM/UVu+PBYXVDBwaZThUK6nE3gnMuN0QljaYD3wnhuLYB0CaBpEIbBHdHUiFbYIiehj49A7I6/JRnT0U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951195; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=34CjQ1sxDgxlpyiNxTkZ8feJkhyKkBEQYlfvIiWqJvU=; b=lPRSFg4x3g3OvswneFXV01ylEfV+iZx22PnsAqUdpowQXulJWzY3G/92+OvGRcbbLl+zFEqOfFLdLRv0da0h3KI2trIPyHN2H4TnA9h/ShG+o9M22cvgoKfpbXS0bUEck+PTyv/MFcZaPAhLey46qYuZT2uz+zqVXrvJj8C5+xI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99887+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951195027555.2926006339238; Thu, 9 Feb 2023 05:59:55 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id n31yYY1788612xoNXLCrDZFK; Thu, 09 Feb 2023 05:59:54 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.15542.1675951194221228490 for ; Thu, 09 Feb 2023 05:59:54 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id B7E1D61AA3; Thu, 9 Feb 2023 13:59:53 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 016EEC433A0; Thu, 9 Feb 2023 13:59:50 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 02/11] ArmPkg/ArmMmuLib ARM: Split off XN page descriptor bit from type field Date: Thu, 9 Feb 2023 14:59:27 +0100 Message-Id: <20230209135936.789983-3-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: 8bNruuDh7TygDLLc2RqgiOH3x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951194; bh=fZjNjYf131Y0LV+hjbOe5ZtTByCvxSeG+zWqadVLbzk=; h=Cc:Date:From:Reply-To:Subject:To; b=NjyksDbB9NmJd+34OZzht6zHnved+hJqMES2GHRfzUrB3O2MYHX3oZBNuCOiRxN8uhH NyHuG0a5A4Rglf2h6JzNEOTSC488bawBtlLCHd3eqHiDXpSWjzkvtHGelHSfQP1xAaonK sLk3lsHtmbRNltUCRjpcodmdbcn8/EX716E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951196022100001 Content-Type: text/plain; charset="utf-8" With large page support out of the picture, we can treat bits 1 and 0 of the page descriptor as individual valid and XN bits, instead of treating XN as a page type. Doing so aligns the handling of the attribute with the section descriptor layout, as well as the XN handling on AArch64, and this is beneficial for maintainability. Signed-off-by: Ard Biesheuvel --- ArmPkg/Include/Chipset/ArmV7Mmu.h | 8 +++----- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 12 ++++++------ 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/ArmPkg/Include/Chipset/ArmV7Mmu.h b/ArmPkg/Include/Chipset/Arm= V7Mmu.h index 7501ebfdf97f..6a2584ceb303 100644 --- a/ArmPkg/Include/Chipset/ArmV7Mmu.h +++ b/ArmPkg/Include/Chipset/ArmV7Mmu.h @@ -54,11 +54,9 @@ #define TT_DESCRIPTOR_SECTION_TYPE_IS_PAGE_TABLE(Desc) (((Desc) & 3UL) = =3D=3D TT_DESCRIPTOR_SECTION_TYPE_PAGE_TABLE) =20 // Translation table descriptor types -#define TT_DESCRIPTOR_PAGE_TYPE_MASK (3UL << 0) -#define TT_DESCRIPTOR_PAGE_TYPE_FAULT (0UL << 0) -#define TT_DESCRIPTOR_PAGE_TYPE_PAGE (2UL << 0) -#define TT_DESCRIPTOR_PAGE_TYPE_PAGE_XN (3UL << 0) -#define TT_DESCRIPTOR_PAGE_TYPE_LARGEPAGE (1UL << 0) +#define TT_DESCRIPTOR_PAGE_TYPE_MASK (1UL << 1) +#define TT_DESCRIPTOR_PAGE_TYPE_FAULT (0UL << 1) +#define TT_DESCRIPTOR_PAGE_TYPE_PAGE (1UL << 1) =20 // Section descriptor definitions #define TT_DESCRIPTOR_SECTION_SIZE (0x00100000) diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 9ca00c976d5f..12d0f4c30f8e 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -104,12 +104,8 @@ UpdatePageEntries ( =20 // EntryMask: bitmask of values to change (1 =3D change this value, 0 = =3D leave alone) // EntryValue: values at bit positions specified by EntryMask - EntryMask =3D TT_DESCRIPTOR_PAGE_TYPE_MASK | TT_DESCRIPTOR_PAGE_AP_MASK; - if ((Attributes & EFI_MEMORY_XP) !=3D 0) { - EntryValue =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE_XN; - } else { - EntryValue =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE; - } + EntryMask =3D TT_DESCRIPTOR_PAGE_TYPE_MASK | TT_DESCRIPTOR_PAGE_AP_MASK = | TT_DESCRIPTOR_PAGE_XN_MASK; + EntryValue =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE; =20 // Although the PI spec is unclear on this, the GCD guarantees that only // one Attribute bit is set at a time, so the order of the conditionals = below @@ -148,6 +144,10 @@ UpdatePageEntries ( EntryValue |=3D TT_DESCRIPTOR_PAGE_AP_RW_RW; } =20 + if ((Attributes & EFI_MEMORY_XP) !=3D 0) { + EntryValue |=3D TT_DESCRIPTOR_PAGE_XN_MASK; + } + // Obtain page table base FirstLevelTable =3D (ARM_FIRST_LEVEL_DESCRIPTOR *)ArmGetTTBR0BaseAddress= (); =20 --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99887): https://edk2.groups.io/g/devel/message/99887 Mute This Topic: https://groups.io/mt/96853153/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99888+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99888+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951200; cv=none; d=zohomail.com; s=zohoarc; b=XyEoJ5bdiWS1u216947rOBPdUmskbZVz5N7lIvMc/SnMuW1fU/idKSDUJdyK0Grg0Wtor4VDjBRO3vrxzZt/8zCj2Lg3WwGn2OgtfdprBjl71QxlJWl8vTxYz85OiUAoaF+moV8aE4HhsV2F9LyR0tY1yjADBul5/CV37QvWXOE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951200; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=0l2sBl92/io1AwOmmXyPfv09qe5OcyhXBuOj+rr7wBQ=; b=OyqS9Ix2Wk7EhywX7L8CibKKxWsAMOKgAKjEYMAqsLcYUgJ0Ki2U/8pClVsqo0RrUxyoFq3znRTqF+7oSxzKICyRLl2P/NYP9iSAENX8tjgEKnbdP9x7i890wZnT3KzSk5bMrYk2dlQ2G49KP0UMcjuGfT0K4Inu1i8AnvVLB3Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99888+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951200286533.1714084569212; Thu, 9 Feb 2023 06:00:00 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id eUHhYY1788612xGl2TFCjprX; Thu, 09 Feb 2023 06:00:00 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web11.15545.1675951199107516298 for ; Thu, 09 Feb 2023 05:59:59 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 131D4B82081; Thu, 9 Feb 2023 13:59:57 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9447AC4339C; Thu, 9 Feb 2023 13:59:53 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 03/11] ArmPkg/CpuDxe ARM: Fix page-to-section attribute conversion Date: Thu, 9 Feb 2023 14:59:28 +0100 Message-Id: <20230209135936.789983-4-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: IF8taE6vBdYygHuKn4kmOUlRx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951200; bh=ZMCk0ChIVIX5UTw1QFjouJ+z149OJVrjcxLfWKH+/I0=; h=Cc:Date:From:Reply-To:Subject:To; b=TV+0JoE1P1Y5Ji0HMG9BQ7eb1h0cC3PEtpqK445roDaFSP41YNDe1awwgK9nO61BhQO 3k7QVx2hSadnU+pXBIROvWYTweOH4HJZG8nP5Ih8PkEhxDGys3wkKvLkCtYrg/PMmZpCU 9pledOX3LbyPrPCEB+ojf2S7q+4XJNuexh0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951202015100001 Content-Type: text/plain; charset="utf-8" The section-to-page attribute conversion takes the shareability and execute-never attributes into account, whereas the page-to-section counterpart does not. The result is that GetMemoryRegionPage () -which takes a section attribute argument (via *RegionAttributes) that is ostensibly based on the first page in the range, but differs from the actual page attributes when converted back- may return with a RegionLength of zero. This is incorrect, and confuses code that scans a region by calling GetMemoryRegion () in sequence. So fix the conversion, and ASSERT () on a non-zero region length. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 3 +++ ArmPkg/Include/Chipset/ArmV7Mmu.h | 2 ++ 2 files changed, 5 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mm= u.c index ea856f5cdd26..8eb1f71395f5 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -480,6 +480,8 @@ GetMemoryRegion ( =20 PageAttributes =3D PageTable[PageTableIndex] & TT_DESCRIPTOR_PAGE_A= TTRIBUTE_MASK; *RegionAttributes =3D TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (P= ageAttributes) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_S (PageAttributes= ) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_XN (PageAttribute= s) | TT_DESCRIPTOR_CONVERT_TO_SECTION_AP (PageAttribute= s); } =20 @@ -494,6 +496,7 @@ GetMemoryRegion ( =20 // Scan the page table to find the end of the region. Status =3D GetMemoryRegionPage (PageTable, BaseAddress, RegionLength= , RegionAttributes); + ASSERT (*RegionLength > 0); =20 // If we have found the end of the region (Status =3D=3D EFI_SUCCESS= ) then we exit the for-loop if (Status =3D=3D EFI_SUCCESS) { diff --git a/ArmPkg/Include/Chipset/ArmV7Mmu.h b/ArmPkg/Include/Chipset/Arm= V7Mmu.h index 6a2584ceb303..e0219747df86 100644 --- a/ArmPkg/Include/Chipset/ArmV7Mmu.h +++ b/ArmPkg/Include/Chipset/ArmV7Mmu.h @@ -128,6 +128,8 @@ #define TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY(Desc) ((((Desc) & (0x3= << 12)) >> 6) | (Desc & (0x3 << 2))) =20 #define TT_DESCRIPTOR_CONVERT_TO_SECTION_AP(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_AP_MASK) << 6) & TT_DESCRIPTOR_SECTION_AP_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_S(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_S_MASK) << 6) & TT_DESCRIPTOR_SECTION_S_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_XN(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_XN_MASK) << 4) & TT_DESCRIPTOR_SECTION_XN_MASK) #define TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY(Desc) ((((Desc) & (= 0x3 << 6)) << 6) | (Desc & (0x3 << 2))) =20 #define TT_DESCRIPTOR_SECTION_ATTRIBUTE_MASK (TT_DESCRIPTOR_SECTION_NS_MA= SK | TT_DESCRIPTOR_SECTION_NG_MASK | \ --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99888): https://edk2.groups.io/g/devel/message/99888 Mute This Topic: https://groups.io/mt/96853154/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99889+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99889+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951200; cv=none; d=zohomail.com; s=zohoarc; b=SgTqFuDb9hPpv1C+nns11BinrBaryOfW8ZxD0zn7fIw1+gbJVpZZTBXcQg/VoDNzOnlMpSV+xpE9Yy0e9jU77fkqleJgpclSQOo3Uuskvypy22kDQeZvaMlLAmlDffgJYOnbnJ2ClS+y9pYsHwZXA1QWanw99ugHqLEARGb6o84= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951200; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=x4gk7Fp3ZGIIw4bFc6K/w9N8SiI9mUd/Mk2Bwe1LpAM=; b=b3fuUerrCa6JXYNKZ4/R+3JXDXtaXBmIWKnxUDLHeQKFd7vgMNJsE/R4yu7i0cjkqwwRlFDDhixxTP2DIs6c7xk3+6N/EbpTbth78z9TNw1dSXHMvK9bLcB8fY2r9aK/zRUGs1gz8XMRi640UV7SnDk0RhVnqrWAA3igmaGuwvg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99889+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951200909706.1264728879137; Thu, 9 Feb 2023 06:00:00 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id djbUYY1788612xyxabblXIYY; Thu, 09 Feb 2023 06:00:00 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.15546.1675951199711367897 for ; Thu, 09 Feb 2023 05:59:59 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1C27161A8D; Thu, 9 Feb 2023 13:59:59 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 33982C4339B; Thu, 9 Feb 2023 13:59:56 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 04/11] ArmPkg/ArmMmuLib ARM: Isolate the access flag from AP mask Date: Thu, 9 Feb 2023 14:59:29 +0100 Message-Id: <20230209135936.789983-5-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: 8MwMyH7po0mCAWPXd6bwWCSQx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951200; bh=UhuhRtmCHaseez1cU45cqMQsBuWp41CmgE4z4Wei578=; h=Cc:Date:From:Reply-To:Subject:To; b=gO6rEYdBXBuhgxqyMpGntboegraYL+zdl7lYLF5DCZ6jrDbZmamuezYZw3+uIeJ/yZY JQGVNM4WbBOMBRceiHonjta7AGBQTSM5F8FLOuezPQI/fv6PMAMTEDw9Kjd1LUjSCRLgp B+bqn/JFQ1iGGZzRyC1YLXAOA37n68erElA= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951202035100003 Content-Type: text/plain; charset="utf-8" Split the ARM permission fields in the short descriptors into an access flag and AP[2:1] as per the recommendation in the ARM ARM. This makes the access flag available separately, which allows us to implement EFI_MEMORY_RP memory analogous to how it will be implemented for AArch64. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 47 ++++++++++---------- ArmPkg/Include/Chipset/ArmV7Mmu.h | 40 +++++++++++------ ArmPkg/Library/ArmLib/Arm/ArmV7Support.S | 2 + ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c | 1 + ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 12 ++++- 5 files changed, 63 insertions(+), 39 deletions(-) diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mm= u.c index 8eb1f71395f5..07faab8216ec 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -50,30 +50,27 @@ SectionToGcdAttributes ( =20 // determine protection attributes switch (SectionAttributes & TT_DESCRIPTOR_SECTION_AP_MASK) { - case TT_DESCRIPTOR_SECTION_AP_NO_NO: // no read, no write - // *GcdAttributes |=3D EFI_MEMORY_RO | EFI_MEMORY_RP; - break; - - case TT_DESCRIPTOR_SECTION_AP_RW_NO: + case TT_DESCRIPTOR_SECTION_AP_NO_RW: case TT_DESCRIPTOR_SECTION_AP_RW_RW: // normal read/write access, do not add additional attributes break; =20 // read only cases map to write-protect - case TT_DESCRIPTOR_SECTION_AP_RO_NO: + case TT_DESCRIPTOR_SECTION_AP_NO_RO: case TT_DESCRIPTOR_SECTION_AP_RO_RO: *GcdAttributes |=3D EFI_MEMORY_RO; break; - - default: - return EFI_UNSUPPORTED; } =20 // now process eXectue Never attribute - if ((SectionAttributes & TT_DESCRIPTOR_SECTION_XN_MASK) !=3D 0 ) { + if ((SectionAttributes & TT_DESCRIPTOR_SECTION_XN_MASK) !=3D 0) { *GcdAttributes |=3D EFI_MEMORY_XP; } =20 + if ((SectionAttributes & TT_DESCRIPTOR_SECTION_AF) =3D=3D 0) { + *GcdAttributes |=3D EFI_MEMORY_RP; + } + return EFI_SUCCESS; } =20 @@ -114,30 +111,27 @@ PageToGcdAttributes ( =20 // determine protection attributes switch (PageAttributes & TT_DESCRIPTOR_PAGE_AP_MASK) { - case TT_DESCRIPTOR_PAGE_AP_NO_NO: // no read, no write - // *GcdAttributes |=3D EFI_MEMORY_RO | EFI_MEMORY_RP; - break; - - case TT_DESCRIPTOR_PAGE_AP_RW_NO: + case TT_DESCRIPTOR_PAGE_AP_NO_RW: case TT_DESCRIPTOR_PAGE_AP_RW_RW: // normal read/write access, do not add additional attributes break; =20 // read only cases map to write-protect - case TT_DESCRIPTOR_PAGE_AP_RO_NO: + case TT_DESCRIPTOR_PAGE_AP_NO_RO: case TT_DESCRIPTOR_PAGE_AP_RO_RO: *GcdAttributes |=3D EFI_MEMORY_RO; break; - - default: - return EFI_UNSUPPORTED; } =20 // now process eXectue Never attribute - if ((PageAttributes & TT_DESCRIPTOR_PAGE_XN_MASK) !=3D 0 ) { + if ((PageAttributes & TT_DESCRIPTOR_PAGE_XN_MASK) !=3D 0) { *GcdAttributes |=3D EFI_MEMORY_XP; } =20 + if ((PageAttributes & TT_DESCRIPTOR_PAGE_AF) =3D=3D 0) { + *GcdAttributes |=3D EFI_MEMORY_RP; + } + return EFI_SUCCESS; } =20 @@ -166,6 +160,7 @@ SyncCacheConfigPage ( // Convert SectionAttributes into PageAttributes NextPageAttributes =3D TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY (*NextSectionAttributes) | + TT_DESCRIPTOR_CONVERT_TO_PAGE_AF (*NextSectionAttributes) | TT_DESCRIPTOR_CONVERT_TO_PAGE_AP (*NextSectionAttributes); =20 // obtain page table base @@ -174,7 +169,7 @@ SyncCacheConfigPage ( for (i =3D 0; i < TRANSLATION_TABLE_PAGE_COUNT; i++) { if ((SecondLevelTable[i] & TT_DESCRIPTOR_PAGE_TYPE_MASK) =3D=3D TT_DES= CRIPTOR_PAGE_TYPE_PAGE) { // extract attributes (cacheability and permissions) - PageAttributes =3D SecondLevelTable[i] & (TT_DESCRIPTOR_PAGE_CACHE_P= OLICY_MASK | TT_DESCRIPTOR_PAGE_AP_MASK); + PageAttributes =3D SecondLevelTable[i] & (TT_DESCRIPTOR_PAGE_CACHE_P= OLICY_MASK | TT_DESCRIPTOR_PAGE_AP_MASK | TT_DESCRIPTOR_PAGE_AF); =20 if (NextPageAttributes =3D=3D 0) { // start on a new region @@ -213,6 +208,7 @@ SyncCacheConfigPage ( // Convert back PageAttributes into SectionAttributes *NextSectionAttributes =3D TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (NextPageAttributes) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_AF (NextPageAttributes) | TT_DESCRIPTOR_CONVERT_TO_SECTION_AP (NextPageAttributes); =20 return EFI_SUCCESS; @@ -256,14 +252,14 @@ SyncCacheConfig ( FirstLevelTable =3D (ARM_FIRST_LEVEL_DESCRIPTOR *)(ArmGetTTBR0BaseAddres= s ()); =20 // Get the first region - NextSectionAttributes =3D FirstLevelTable[0] & (TT_DESCRIPTOR_SECTION_CA= CHE_POLICY_MASK | TT_DESCRIPTOR_SECTION_AP_MASK); + NextSectionAttributes =3D FirstLevelTable[0] & (TT_DESCRIPTOR_SECTION_CA= CHE_POLICY_MASK | TT_DESCRIPTOR_SECTION_AP_MASK | TT_DESCRIPTOR_SECTION_AF); =20 // iterate through each 1MB descriptor NextRegionBase =3D NextRegionLength =3D 0; for (i =3D 0; i < TRANSLATION_TABLE_SECTION_COUNT; i++) { if ((FirstLevelTable[i] & TT_DESCRIPTOR_SECTION_TYPE_MASK) =3D=3D TT_D= ESCRIPTOR_SECTION_TYPE_SECTION) { // extract attributes (cacheability and permissions) - SectionAttributes =3D FirstLevelTable[i] & (TT_DESCRIPTOR_SECTION_CA= CHE_POLICY_MASK | TT_DESCRIPTOR_SECTION_AP_MASK); + SectionAttributes =3D FirstLevelTable[i] & (TT_DESCRIPTOR_SECTION_CA= CHE_POLICY_MASK | TT_DESCRIPTOR_SECTION_AP_MASK | TT_DESCRIPTOR_SECTION_AF); =20 if (NextSectionAttributes =3D=3D 0) { // start on a new region @@ -383,6 +379,10 @@ EfiAttributeToArmAttribute ( ArmAttributes |=3D TT_DESCRIPTOR_SECTION_XN_MASK; } =20 + if ((EfiAttributes & EFI_MEMORY_RP) =3D=3D 0) { + ArmAttributes |=3D TT_DESCRIPTOR_SECTION_AF; + } + return ArmAttributes; } =20 @@ -482,6 +482,7 @@ GetMemoryRegion ( *RegionAttributes =3D TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY (P= ageAttributes) | TT_DESCRIPTOR_CONVERT_TO_SECTION_S (PageAttributes= ) | TT_DESCRIPTOR_CONVERT_TO_SECTION_XN (PageAttribute= s) | + TT_DESCRIPTOR_CONVERT_TO_SECTION_AF (PageAttribute= s) | TT_DESCRIPTOR_CONVERT_TO_SECTION_AP (PageAttribute= s); } =20 diff --git a/ArmPkg/Include/Chipset/ArmV7Mmu.h b/ArmPkg/Include/Chipset/Arm= V7Mmu.h index e0219747df86..da4f3160f8ff 100644 --- a/ArmPkg/Include/Chipset/ArmV7Mmu.h +++ b/ArmPkg/Include/Chipset/ArmV7Mmu.h @@ -80,21 +80,21 @@ #define TT_DESCRIPTOR_PAGE_S_NOT_SHARED (0UL << 10) #define TT_DESCRIPTOR_PAGE_S_SHARED (1UL << 10) =20 -#define TT_DESCRIPTOR_SECTION_AP_MASK ((1UL << 15) | (3UL << 10)) -#define TT_DESCRIPTOR_SECTION_AP_NO_NO ((0UL << 15) | (0UL << 10)) -#define TT_DESCRIPTOR_SECTION_AP_RW_NO ((0UL << 15) | (1UL << 10)) -#define TT_DESCRIPTOR_SECTION_AP_RW_RO ((0UL << 15) | (2UL << 10)) -#define TT_DESCRIPTOR_SECTION_AP_RW_RW ((0UL << 15) | (3UL << 10)) -#define TT_DESCRIPTOR_SECTION_AP_RO_NO ((1UL << 15) | (1UL << 10)) -#define TT_DESCRIPTOR_SECTION_AP_RO_RO ((1UL << 15) | (3UL << 10)) +#define TT_DESCRIPTOR_SECTION_AP_MASK ((1UL << 15) | (1UL << 11)) +#define TT_DESCRIPTOR_SECTION_AP_NO_RW ((0UL << 15) | (0UL << 11)) +#define TT_DESCRIPTOR_SECTION_AP_RW_RW ((0UL << 15) | (1UL << 11)) +#define TT_DESCRIPTOR_SECTION_AP_NO_RO ((1UL << 15) | (0UL << 11)) +#define TT_DESCRIPTOR_SECTION_AP_RO_RO ((1UL << 15) | (1UL << 11)) =20 -#define TT_DESCRIPTOR_PAGE_AP_MASK ((1UL << 9) | (3UL << 4)) -#define TT_DESCRIPTOR_PAGE_AP_NO_NO ((0UL << 9) | (0UL << 4)) -#define TT_DESCRIPTOR_PAGE_AP_RW_NO ((0UL << 9) | (1UL << 4)) -#define TT_DESCRIPTOR_PAGE_AP_RW_RO ((0UL << 9) | (2UL << 4)) -#define TT_DESCRIPTOR_PAGE_AP_RW_RW ((0UL << 9) | (3UL << 4)) -#define TT_DESCRIPTOR_PAGE_AP_RO_NO ((1UL << 9) | (1UL << 4)) -#define TT_DESCRIPTOR_PAGE_AP_RO_RO ((1UL << 9) | (3UL << 4)) +#define TT_DESCRIPTOR_SECTION_AF (1UL << 10) + +#define TT_DESCRIPTOR_PAGE_AP_MASK ((1UL << 9) | (1UL << 5)) +#define TT_DESCRIPTOR_PAGE_AP_NO_RW ((0UL << 9) | (0UL << 5)) +#define TT_DESCRIPTOR_PAGE_AP_RW_RW ((0UL << 9) | (1UL << 5)) +#define TT_DESCRIPTOR_PAGE_AP_NO_RO ((1UL << 9) | (0UL << 5)) +#define TT_DESCRIPTOR_PAGE_AP_RO_RO ((1UL << 9) | (1UL << 5)) + +#define TT_DESCRIPTOR_PAGE_AF (1UL << 4) =20 #define TT_DESCRIPTOR_SECTION_XN_MASK (0x1UL << 4) #define TT_DESCRIPTOR_PAGE_XN_MASK (0x1UL << 0) @@ -124,20 +124,24 @@ #define TT_DESCRIPTOR_CONVERT_TO_PAGE_AP(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_AP_MASK) >> 6) & TT_DESCRIPTOR_PAGE_AP_MASK) #define TT_DESCRIPTOR_CONVERT_TO_PAGE_NG(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_NG_MASK) >> 6) & TT_DESCRIPTOR_PAGE_NG_MASK) #define TT_DESCRIPTOR_CONVERT_TO_PAGE_S(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_S_MASK) >> 6) & TT_DESCRIPTOR_PAGE_S_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_PAGE_AF(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_AF) >> 6) & TT_DESCRIPTOR_PAGE_AF) #define TT_DESCRIPTOR_CONVERT_TO_PAGE_XN(Desc) ((((Desc) & TT_D= ESCRIPTOR_SECTION_XN_MASK) >> 4) & TT_DESCRIPTOR_PAGE_XN_MASK) #define TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY(Desc) ((((Desc) & (0x3= << 12)) >> 6) | (Desc & (0x3 << 2))) =20 #define TT_DESCRIPTOR_CONVERT_TO_SECTION_AP(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_AP_MASK) << 6) & TT_DESCRIPTOR_SECTION_AP_MASK) #define TT_DESCRIPTOR_CONVERT_TO_SECTION_S(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_S_MASK) << 6) & TT_DESCRIPTOR_SECTION_S_MASK) +#define TT_DESCRIPTOR_CONVERT_TO_SECTION_AF(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_AF) << 6) & TT_DESCRIPTOR_SECTION_AF) #define TT_DESCRIPTOR_CONVERT_TO_SECTION_XN(Desc) ((((Desc) & T= T_DESCRIPTOR_PAGE_XN_MASK) << 4) & TT_DESCRIPTOR_SECTION_XN_MASK) #define TT_DESCRIPTOR_CONVERT_TO_SECTION_CACHE_POLICY(Desc) ((((Desc) & (= 0x3 << 6)) << 6) | (Desc & (0x3 << 2))) =20 #define TT_DESCRIPTOR_SECTION_ATTRIBUTE_MASK (TT_DESCRIPTOR_SECTION_NS_MA= SK | TT_DESCRIPTOR_SECTION_NG_MASK | \ TT_DESCRIPTOR= _SECTION_S_MASK | TT_DESCRIPTOR_SECTION_AP_MASK | \ + TT_DESCRIPTOR= _SECTION_AF | \ TT_DESCRIPTOR= _SECTION_XN_MASK | TT_DESCRIPTOR_SECTION_CACHE_POLICY_MASK) =20 #define TT_DESCRIPTOR_PAGE_ATTRIBUTE_MASK (TT_DESCRIPTOR_PAGE_NG_MASK | T= T_DESCRIPTOR_PAGE_S_MASK | \ TT_DESCRIPTOR= _PAGE_AP_MASK | TT_DESCRIPTOR_PAGE_XN_MASK | \ + TT_DESCRIPTOR= _PAGE_AF | \ TT_DESCRIPTOR= _PAGE_CACHE_POLICY_MASK) =20 #define TT_DESCRIPTOR_SECTION_DOMAIN_MASK (0x0FUL << 5) @@ -159,6 +163,7 @@ TT_DESCRIPTOR_= SECTION_S_SHARED | \ TT_DESCRIPTOR_= SECTION_DOMAIN(0) | \ TT_DESCRIPTOR_= SECTION_AP_RW_RW | \ + TT_DESCRIPTOR_= SECTION_AF | \ TT_DESCRIPTOR_= SECTION_CACHE_POLICY_WRITE_BACK_ALLOC) #define TT_DESCRIPTOR_SECTION_WRITE_THROUGH(NonSecure) (TT_DESCRIPTOR_SEC= TION_TYPE_SECTION = | \ ((NonSecure) ?= TT_DESCRIPTOR_SECTION_NS : 0) | \ @@ -166,6 +171,7 @@ TT_DESCRIPTOR_= SECTION_S_SHARED | \ TT_DESCRIPTOR_= SECTION_DOMAIN(0) | \ TT_DESCRIPTOR_= SECTION_AP_RW_RW | \ + TT_DESCRIPTOR_= SECTION_AF | \ TT_DESCRIPTOR_= SECTION_CACHE_POLICY_WRITE_THROUGH_NO_ALLOC) #define TT_DESCRIPTOR_SECTION_DEVICE(NonSecure) (TT_DESCRIPTOR_SEC= TION_TYPE_SECTION = | \ ((NonSecure) ?= TT_DESCRIPTOR_SECTION_NS : 0) | \ @@ -174,6 +180,7 @@ TT_DESCRIPTOR_= SECTION_DOMAIN(0) | \ TT_DESCRIPTOR_= SECTION_AP_RW_RW | \ TT_DESCRIPTOR_= SECTION_XN_MASK | \ + TT_DESCRIPTOR_= SECTION_AF | \ TT_DESCRIPTOR_= SECTION_CACHE_POLICY_SHAREABLE_DEVICE) #define TT_DESCRIPTOR_SECTION_UNCACHED(NonSecure) (TT_DESCRIPTOR_SEC= TION_TYPE_SECTION = | \ ((NonSecure) ? = TT_DESCRIPTOR_SECTION_NS : 0) | \ @@ -181,28 +188,33 @@ TT_DESCRIPTOR_S= ECTION_S_NOT_SHARED | \ TT_DESCRIPTOR_S= ECTION_DOMAIN(0) | \ TT_DESCRIPTOR_S= ECTION_AP_RW_RW | \ + TT_DESCRIPTOR_= SECTION_AF | \ TT_DESCRIPTOR_S= ECTION_CACHE_POLICY_NON_CACHEABLE) =20 #define TT_DESCRIPTOR_PAGE_WRITE_BACK (TT_DESCRIPTOR_PAGE_TYPE_PAGE = | \ TT_DESCRIPTOR_PAGE= _NG_GLOBAL | \ TT_DESCRIPTOR_PAGE= _S_SHARED | \ TT_DESCRIPTOR_PAGE= _AP_RW_RW | \ + TT_DESCRIPTOR_PAGE= _AF | \ TT_DESCRIPTOR_PAGE= _CACHE_POLICY_WRITE_BACK_ALLOC) #define TT_DESCRIPTOR_PAGE_WRITE_THROUGH (TT_DESCRIPTOR_PAGE_TYPE_PAGE = | \ TT_DESCRIPTOR_PAGE= _NG_GLOBAL | \ TT_DESCRIPTOR_PAGE= _S_SHARED | \ TT_DESCRIPTOR_PAGE= _AP_RW_RW | \ + TT_DESCRIPTOR_PAGE= _AF | \ TT_DESCRIPTOR_PAGE= _CACHE_POLICY_WRITE_THROUGH_NO_ALLOC) #define TT_DESCRIPTOR_PAGE_DEVICE (TT_DESCRIPTOR_PAGE_TYPE_PAGE = | \ TT_DESCRIPTOR_PAGE= _NG_GLOBAL | \ TT_DESCRIPTOR_PAGE= _S_NOT_SHARED | \ TT_DESCRIPTOR_PAGE= _AP_RW_RW | \ + TT_DESCRIPTOR_PAGE= _AF | \ TT_DESCRIPTOR_PAGE= _XN_MASK | \ TT_DESCRIPTOR_PAGE= _CACHE_POLICY_SHAREABLE_DEVICE) #define TT_DESCRIPTOR_PAGE_UNCACHED (TT_DESCRIPTOR_PAGE_TYPE_PAGE = | \ TT_DESCRIPTOR_PAGE= _NG_GLOBAL | \ TT_DESCRIPTOR_PAGE= _S_NOT_SHARED | \ TT_DESCRIPTOR_PAGE= _AP_RW_RW | \ + TT_DESCRIPTOR_PAGE= _AF | \ TT_DESCRIPTOR_PAGE= _CACHE_POLICY_NON_CACHEABLE) =20 // First Level Descriptors diff --git a/ArmPkg/Library/ArmLib/Arm/ArmV7Support.S b/ArmPkg/Library/ArmL= ib/Arm/ArmV7Support.S index 4925f6628e1e..1f396adffc11 100644 --- a/ArmPkg/Library/ArmLib/Arm/ArmV7Support.S +++ b/ArmPkg/Library/ArmLib/Arm/ArmV7Support.S @@ -16,6 +16,7 @@ .set CTRL_C_BIT, (1 << 2) .set CTRL_B_BIT, (1 << 7) .set CTRL_I_BIT, (1 << 12) +.set CTRL_AFE_BIT,(1 << 29) =20 =20 ASM_FUNC(ArmInvalidateDataCacheEntryByMVA) @@ -64,6 +65,7 @@ ASM_FUNC(ArmInvalidateInstructionCache) ASM_FUNC(ArmEnableMmu) mrc p15,0,R0,c1,c0,0 orr R0,R0,#1 + orr R0,R0,#CTRL_AFE_BIT mcr p15,0,R0,c1,c0,0 dsb isb diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c b/ArmPkg/Libra= ry/ArmMmuLib/Arm/ArmMmuLibConvert.c index 6e2f08a7ce15..52dbfd714029 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibConvert.c @@ -23,6 +23,7 @@ ConvertSectionAttributesToPageAttributes ( PageAttributes =3D 0; PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_CACHE_POLICY (SectionA= ttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_AP (SectionAttributes); + PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_AF (SectionAttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_XN (SectionAttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_NG (SectionAttributes); PageAttributes |=3D TT_DESCRIPTOR_CONVERT_TO_PAGE_S (SectionAttributes); diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 12d0f4c30f8e..484c67476619 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -104,7 +104,7 @@ UpdatePageEntries ( =20 // EntryMask: bitmask of values to change (1 =3D change this value, 0 = =3D leave alone) // EntryValue: values at bit positions specified by EntryMask - EntryMask =3D TT_DESCRIPTOR_PAGE_TYPE_MASK | TT_DESCRIPTOR_PAGE_AP_MASK = | TT_DESCRIPTOR_PAGE_XN_MASK; + EntryMask =3D TT_DESCRIPTOR_PAGE_TYPE_MASK | TT_DESCRIPTOR_PAGE_AP_MASK = | TT_DESCRIPTOR_PAGE_XN_MASK | TT_DESCRIPTOR_PAGE_AF; EntryValue =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE; =20 // Although the PI spec is unclear on this, the GCD guarantees that only @@ -138,6 +138,10 @@ UpdatePageEntries ( return EFI_UNSUPPORTED; } =20 + if ((Attributes & EFI_MEMORY_RP) =3D=3D 0) { + EntryValue |=3D TT_DESCRIPTOR_PAGE_AF; + } + if ((Attributes & EFI_MEMORY_RO) !=3D 0) { EntryValue |=3D TT_DESCRIPTOR_PAGE_AP_RO_RO; } else { @@ -237,7 +241,7 @@ UpdateSectionEntries ( =20 // Make sure we handle a section range that is unmapped EntryMask =3D TT_DESCRIPTOR_SECTION_TYPE_MASK | TT_DESCRIPTOR_SECTION_XN= _MASK | - TT_DESCRIPTOR_SECTION_AP_MASK; + TT_DESCRIPTOR_SECTION_AP_MASK | TT_DESCRIPTOR_SECTION_AF; EntryValue =3D TT_DESCRIPTOR_SECTION_TYPE_SECTION; =20 // Although the PI spec is unclear on this, the GCD guarantees that only @@ -281,6 +285,10 @@ UpdateSectionEntries ( EntryValue |=3D TT_DESCRIPTOR_SECTION_XN_MASK; } =20 + if ((Attributes & EFI_MEMORY_RP) =3D=3D 0) { + EntryValue |=3D TT_DESCRIPTOR_SECTION_AF; + } + // obtain page table base FirstLevelTable =3D (ARM_FIRST_LEVEL_DESCRIPTOR *)ArmGetTTBR0BaseAddress= (); =20 --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99889): https://edk2.groups.io/g/devel/message/99889 Mute This Topic: https://groups.io/mt/96853155/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99891+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99891+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951206; cv=none; d=zohomail.com; s=zohoarc; b=KorzcODDBcQY6sZpsK7dkPiHYcME2RiDC9jyjcOvdEW9Eesj9OdNPB0W9aY4FAo7l7x+vgh90HDBvTlkTWEZbAospGfjB0CW1Bedwzpl/IID8vI4jzywSusLYyJSi/AQ7xfXcOiCp8MaZtfkne2/Kr7CrOqT4mPI9qCeeQRkuCM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951206; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=kemRtWOZQ8sYKodM/Syrqa5mcBHD+G1E6eXcWSzchoU=; b=LMHQDYNCyuhix7uOt9NDrzJW/YPB2speI6TDXh/PRPqnCmVvMJhhyKoHldaiMPttBSPyWcPJz3BSXTwYkdyHrV2OIKhX5Zr2uPG7hxnxw5Y3tDDIqL+cB7MXIVt6Sn1kM+efWvMwBJ1Kop9416hwEy9bjd8EVESZpwhCVWm8wVQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99891+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167595120604878.67493974225124; Thu, 9 Feb 2023 06:00:06 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 3mb8YY1788612xQrMjqMsMqj; Thu, 09 Feb 2023 06:00:05 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web11.15548.1675951204128486673 for ; Thu, 09 Feb 2023 06:00:04 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 7530CB82147; Thu, 9 Feb 2023 14:00:02 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id EFB3EC4339C; Thu, 9 Feb 2023 13:59:58 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 05/11] ArmPkg/ArmMmuLib ARM: Clear individual permission bits Date: Thu, 9 Feb 2023 14:59:30 +0100 Message-Id: <20230209135936.789983-6-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: vy2HSoUyUfRM1fCZ8t4wv60Dx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951205; bh=uJH90ucDz/Id3E2CD0ZakuOitsJNux0uf/Rxrhb4RHQ=; h=Cc:Date:From:Reply-To:Subject:To; b=iYmDDYQnTgqIp7LjFZCu9RlbVtKtUia6sS/Nd8EYMKpjuvP2iMbM+XcfdMqBtiNyECe ec+ggZlPjdp2cUOz6kfxXarkLaNSs9ng2jTbcZaM5cqjbqEGZB8PtCWjfzSroOEAGvU2d kPyRL9hu6lD/3ZHKCjN1c0sNUbTPurjbZ/E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951208202100007 Content-Type: text/plain; charset="utf-8" Currently, the MMU code that is supposed to clear the RO or XP attributes from a region just clears both unconditionally. This approximates the desired behavior to some extent, but it does mean that setting the RO bit first on a code region, and then clearing the XP bit results both RO and XP being cleared, and we end up with writable code, and avoiding that is the point of all these protections. Once we introduce RP support, this will only get worse, so let's fix this up, by reshuffling the attribute update code to take the entry mask from the caller, and use the mask to preserve other attributes when clearing RO or XP. Signed-off-by: Ard Biesheuvel --- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 94 +++++++++++++++++--- 1 file changed, 81 insertions(+), 13 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 484c67476619..23f613f5dbb0 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -81,12 +81,12 @@ UpdatePageEntries ( IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, IN UINT64 Attributes, + IN UINT32 EntryMask, OUT BOOLEAN *FlushTlbs OPTIONAL ) { EFI_STATUS Status; UINT32 EntryValue; - UINT32 EntryMask; UINT32 FirstLevelIdx; UINT32 Offset; UINT32 NumPageEntries; @@ -104,7 +104,6 @@ UpdatePageEntries ( =20 // EntryMask: bitmask of values to change (1 =3D change this value, 0 = =3D leave alone) // EntryValue: values at bit positions specified by EntryMask - EntryMask =3D TT_DESCRIPTOR_PAGE_TYPE_MASK | TT_DESCRIPTOR_PAGE_AP_MASK = | TT_DESCRIPTOR_PAGE_XN_MASK | TT_DESCRIPTOR_PAGE_AF; EntryValue =3D TT_DESCRIPTOR_PAGE_TYPE_PAGE; =20 // Although the PI spec is unclear on this, the GCD guarantees that only @@ -220,11 +219,11 @@ EFI_STATUS UpdateSectionEntries ( IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, - IN UINT64 Attributes + IN UINT64 Attributes, + IN UINT32 EntryMask ) { EFI_STATUS Status; - UINT32 EntryMask; UINT32 EntryValue; UINT32 FirstLevelIdx; UINT32 NumSections; @@ -240,8 +239,6 @@ UpdateSectionEntries ( // EntryValue: values at bit positions specified by EntryMask =20 // Make sure we handle a section range that is unmapped - EntryMask =3D TT_DESCRIPTOR_SECTION_TYPE_MASK | TT_DESCRIPTOR_SECTION_XN= _MASK | - TT_DESCRIPTOR_SECTION_AP_MASK | TT_DESCRIPTOR_SECTION_AF; EntryValue =3D TT_DESCRIPTOR_SECTION_TYPE_SECTION; =20 // Although the PI spec is unclear on this, the GCD guarantees that only @@ -310,6 +307,7 @@ UpdateSectionEntries ( (FirstLevelIdx + i) << TT_DESCRIPTOR_SECTION_BASE_SHIFT, TT_DESCRIPTOR_SECTION_SIZE, Attributes, + ConvertSectionAttributesToPageAttributes (EntryMask), NULL ); } else { @@ -340,11 +338,26 @@ UpdateSectionEntries ( return Status; } =20 +/** + Update the permission or memory type attributes on a range of memory. + + @param BaseAddress The start of the region. + @param Length The size of the region. + @param Attributes A mask of EFI_MEMORY_xx constants. + @param SectionMask A mask of short descriptor section attribu= tes + describing which descriptor bits to update. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +STATIC EFI_STATUS -ArmSetMemoryAttributes ( +SetMemoryAttributes ( IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length, - IN UINT64 Attributes + IN UINT64 Attributes, + IN UINT32 SectionMask ) { EFI_STATUS Status; @@ -375,7 +388,12 @@ ArmSetMemoryAttributes ( Attributes )); =20 - Status =3D UpdateSectionEntries (BaseAddress, ChunkLength, Attribute= s); + Status =3D UpdateSectionEntries ( + BaseAddress, + ChunkLength, + Attributes, + SectionMask + ); =20 FlushTlbs =3D TRUE; } else { @@ -401,6 +419,7 @@ ArmSetMemoryAttributes ( BaseAddress, ChunkLength, Attributes, + ConvertSectionAttributesToPageAttributes (SectionMask), &FlushTlbs ); } @@ -420,13 +439,47 @@ ArmSetMemoryAttributes ( return Status; } =20 +/** + Update the permission or memory type attributes on a range of memory. + + @param BaseAddress The start of the region. + @param Length The size of the region. + @param Attributes A mask of EFI_MEMORY_xx constants. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +ArmSetMemoryAttributes ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ) +{ + return SetMemoryAttributes ( + BaseAddress, + Length, + Attributes, + TT_DESCRIPTOR_SECTION_TYPE_MASK | + TT_DESCRIPTOR_SECTION_XN_MASK | + TT_DESCRIPTOR_SECTION_AP_MASK | + TT_DESCRIPTOR_SECTION_AF + ); +} + EFI_STATUS ArmSetMemoryRegionNoExec ( IN EFI_PHYSICAL_ADDRESS BaseAddress, IN UINT64 Length ) { - return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_XP); + return SetMemoryAttributes ( + BaseAddress, + Length, + EFI_MEMORY_XP, + TT_DESCRIPTOR_SECTION_XN_MASK + ); } =20 EFI_STATUS @@ -435,7 +488,12 @@ ArmClearMemoryRegionNoExec ( IN UINT64 Length ) { - return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX); + return SetMemoryAttributes ( + BaseAddress, + Length, + 0, + TT_DESCRIPTOR_SECTION_XN_MASK + ); } =20 EFI_STATUS @@ -444,7 +502,12 @@ ArmSetMemoryRegionReadOnly ( IN UINT64 Length ) { - return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO); + return SetMemoryAttributes ( + BaseAddress, + Length, + EFI_MEMORY_RO, + TT_DESCRIPTOR_SECTION_AP_MASK + ); } =20 EFI_STATUS @@ -453,5 +516,10 @@ ArmClearMemoryRegionReadOnly ( IN UINT64 Length ) { - return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX); + return SetMemoryAttributes ( + BaseAddress, + Length, + 0, + TT_DESCRIPTOR_SECTION_AP_MASK + ); } --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99891): https://edk2.groups.io/g/devel/message/99891 Mute This Topic: https://groups.io/mt/96853175/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99890+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99890+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951205; cv=none; d=zohomail.com; s=zohoarc; b=i9+c6USSILQc61u8qGgNpQTAHtN7m2DPrG+GsJOsee5i3fy5ExWIqDqO4RdnoR7oNF/py8yc/o3xohrs4R+7CSl2YXgIPUy+s24i+G+tcVO1D9Q2BJ9eLbKQDYssYEmcNV0hshfP3z0Z0wqh5ZOFXFnSHPMPqyPhV4r5svxp+TE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951205; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=+TlvgIGN7yi7ue8c+rjdXLoun5qDG/KGllc+5e/hFQI=; b=ca7Bwv/iWGpUqmRDK4glTjYCKcIY8hRUZBYakp0CjiuQtBRRb2sKXEDoUMmyKsVsiWUIBOerG7CIvax/IemT+nlP8SahKTnCYHvV47RpyNzoxZFiAduS9/8uPfBZBL0aNbQmydzrpfP9P5Gse7rSmvlWYwZY9BR0V30SpTbIA3I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99890+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951205434649.7678007028841; Thu, 9 Feb 2023 06:00:05 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ZoLMYY1788612xxmxKUlaEJZ; Thu, 09 Feb 2023 06:00:05 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.15534.1675951204481484573 for ; Thu, 09 Feb 2023 06:00:04 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id F0C9861AAC; Thu, 9 Feb 2023 14:00:03 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 913D4C4339B; Thu, 9 Feb 2023 14:00:01 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 06/11] ArmPkg/ArmMmuLib: Implement EFI_MEMORY_RP using access flag Date: Thu, 9 Feb 2023 14:59:31 +0100 Message-Id: <20230209135936.789983-7-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: HMqEDPvmBq25YtjTf9HHzAY4x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951205; bh=FjMcdRWv5HLR18OkJmF4zbkCiXQKV3vtlQAFxfWpqiI=; h=Cc:Date:From:Reply-To:Subject:To; b=m1MrqW47UB/qRM2oTVUmNzHpiUA6zC/28F0piXywQGK2ct1QGw0iFCvkBw77AIJ9uIv D76fl4K+4BD2qFuOxwfIk2nbRX+WPSKXdwNnaioBi40tdJXyy3J1PPokX/nQoBPJ+gXth klORuW1N3Ze1zEPmE4XJ+iunk+Lfdu1KMWQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951206265100002 Content-Type: text/plain; charset="utf-8" Implement support for read-protected memory by wiring it up to the access flag in the page table descriptor. The resulting mapping is implicitly non-writable and non-executable as well, but this is good enough for implementing this attribute, as we never rely on write or execute permissions without read permissions. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 8 ++- ArmPkg/Include/Library/ArmMmuLib.h | 34 ++++++++++++ ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 58 +++++++++++++++++++- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 48 ++++++++++++++++ 4 files changed, 144 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c b/ArmPkg/Drivers/CpuDxe/AA= rch64/Mmu.c index 8bb33046e707..8bda11f08a30 100644 --- a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c @@ -64,6 +64,10 @@ PageAttributeToGcdAttribute ( } =20 // Determine protection attributes + if ((PageAttributes & TT_AF) =3D=3D 0) { + GcdAttributes |=3D EFI_MEMORY_RP; + } + if (((PageAttributes & TT_AP_MASK) =3D=3D TT_AP_NO_RO) || ((PageAttributes & TT_AP_MASK) =3D=3D TT_AP_RO_RO)) { @@ -301,7 +305,9 @@ EfiAttributeToArmAttribute ( } =20 // Set the access flag to match the block attributes - ArmAttributes |=3D TT_AF; + if ((EfiAttributes & EFI_MEMORY_RP) =3D=3D 0) { + ArmAttributes |=3D TT_AF; + } =20 // Determine protection attributes if ((EfiAttributes & EFI_MEMORY_RO) !=3D 0) { diff --git a/ArmPkg/Include/Library/ArmMmuLib.h b/ArmPkg/Include/Library/Ar= mMmuLib.h index b745e2230e7e..4cf59a1e376b 100644 --- a/ArmPkg/Include/Library/ArmMmuLib.h +++ b/ArmPkg/Include/Library/ArmMmuLib.h @@ -21,6 +21,40 @@ ArmConfigureMmu ( OUT UINTN *TranslationTableSize OPTIONAL ); =20 +/** + Convert a region of memory to read-protected, by clearing the access fla= g. + + @param BaseAddress The start of the region. + @param Length The size of the region. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +EFIAPI +ArmSetMemoryRegionNoAccess ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length + ); + +/** + Convert a region of memory to read-enabled, by setting the access flag. + + @param BaseAddress The start of the region. + @param Length The size of the region. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +EFIAPI +ArmClearMemoryRegionNoAccess ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length + ); + EFI_STATUS EFIAPI ArmSetMemoryRegionNoExec ( diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr= ary/ArmMmuLib/AArch64/ArmMmuLibCore.c index 764c7d362e2e..6d21a2e41dd1 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -438,7 +438,11 @@ GcdAttributeToPageAttribute ( PageAttributes |=3D TT_AP_NO_RO; } =20 - return PageAttributes | TT_AF; + if ((GcdAttributes & EFI_MEMORY_RP) =3D=3D 0) { + PageAttributes |=3D TT_AF; + } + + return PageAttributes; } =20 EFI_STATUS @@ -459,9 +463,9 @@ ArmSetMemoryAttributes ( // No memory type was set in Attributes, so we are going to update the // permissions only. // - PageAttributes &=3D TT_AP_MASK | TT_UXN_MASK | TT_PXN_MASK; + PageAttributes &=3D TT_AP_MASK | TT_UXN_MASK | TT_PXN_MASK | TT_AF; PageAttributeMask =3D ~(TT_ADDRESS_MASK_BLOCK_ENTRY | TT_AP_MASK | - TT_PXN_MASK | TT_XN_MASK); + TT_PXN_MASK | TT_XN_MASK | TT_AF); } =20 return UpdateRegionMapping ( @@ -534,6 +538,54 @@ ArmClearMemoryRegionNoExec ( ); } =20 +/** + Convert a region of memory to read-protected, by clearing the access fla= g. + + @param BaseAddress The start of the region. + @param Length The size of the region. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +ArmSetMemoryRegionNoAccess ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length + ) +{ + return SetMemoryRegionAttribute ( + BaseAddress, + Length, + 0, + ~(TT_ADDRESS_MASK_BLOCK_ENTRY | TT_AF) + ); +} + +/** + Convert a region of memory to read-enabled, by setting the access flag. + + @param BaseAddress The start of the region. + @param Length The size of the region. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +ArmClearMemoryRegionNoAccess ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length + ) +{ + return SetMemoryRegionAttribute ( + BaseAddress, + Length, + TT_AF, + ~TT_ADDRESS_MASK_BLOCK_ENTRY + ); +} + EFI_STATUS ArmSetMemoryRegionReadOnly ( IN EFI_PHYSICAL_ADDRESS BaseAddress, diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 23f613f5dbb0..247cf87bf3d3 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -523,3 +523,51 @@ ArmClearMemoryRegionReadOnly ( TT_DESCRIPTOR_SECTION_AP_MASK ); } + +/** + Convert a region of memory to read-protected, by clearing the access fla= g. + + @param BaseAddress The start of the region. + @param Length The size of the region. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +ArmSetMemoryRegionNoAccess ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length + ) +{ + return SetMemoryAttributes ( + BaseAddress, + Length, + EFI_MEMORY_RP, + TT_DESCRIPTOR_SECTION_AF + ); +} + +/** + Convert a region of memory to read-enabled, by setting the access flag. + + @param BaseAddress The start of the region. + @param Length The size of the region. + + @retval EFI_SUCCESS The attributes were set successfully. + @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory. + +**/ +EFI_STATUS +ArmClearMemoryRegionNoAccess ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length + ) +{ + return SetMemoryAttributes ( + BaseAddress, + Length, + 0, + TT_DESCRIPTOR_SECTION_AF + ); +} --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99890): https://edk2.groups.io/g/devel/message/99890 Mute This Topic: https://groups.io/mt/96853174/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99892+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99892+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951208; cv=none; d=zohomail.com; s=zohoarc; b=bvL2c4rQe7nyri1Qz8aBiOKWSxeXcs8d8gr78cYqtTB4B1K45g3WmSRmhZWdGm2N6KW93mGWQAKVyTqz4OkqwVa9MEeV6/ZA3zZpVosp7o0Own30Ubq9/zX395vLY4yj6Yp73/4M90e9vHI3aglApLXkucN7/gcwQNI3hKJui3Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951208; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Xxe3udUSUvf8WNz3lvhtprDZrTVO1X8avqZhU+i4wSY=; b=mqnEmNg0IeFTKlcXdqU+CqrJhNArwTBgu3LljcC0hngvooYsNsPyH5eowQ25oPH2lQzP/hhsPHeALeDTJADWx4TdLDzcoVHvkp0RSY/PkZTg8EODxTMMUoM3Vzjn91q7qOfAwnqLrmp0T8BfbJjlX9cEd06i1K+Wy/7K0s+2WBk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99892+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951208350699.6464234955323; Thu, 9 Feb 2023 06:00:08 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id JhPLYY1788612xJojPVyVm8u; Thu, 09 Feb 2023 06:00:08 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.15552.1675951207482353772 for ; Thu, 09 Feb 2023 06:00:07 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id F21CA61A9F; Thu, 9 Feb 2023 14:00:06 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 39D18C433EF; Thu, 9 Feb 2023 14:00:04 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 07/11] ArmVirtPkg: Enable stack guard Date: Thu, 9 Feb 2023 14:59:32 +0100 Message-Id: <20230209135936.789983-8-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: 9P8CReLv3zKhE0DRdR3w2nzRx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951208; bh=Pzg9QBl3y5rDYm+SqQoAfVbQzCPkZRG2O53DqaMo5Wo=; h=Cc:Date:From:Reply-To:Subject:To; b=Y7p688ng5I8wifwHEsQsQ/S6QWyq5tDJlSnn0Y0VaGlajy5MxOKRmmoYZLZC4DgT/Oy l/ZjWM/oRN5fALx1NKq4vSOvAQtabptZuUItjD6yjYL+S6pJYe920mWBu1LrXafEhExkW m5dj7hseFpD8BcEZQ6GoinrIJLH0dIXk9Pk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951210108100009 Content-Type: text/plain; charset="utf-8" Enable the stack guard in ArmVirtPkg builds, so that stack overflows are caught as they occur, rather than when they happen to hit a read-only memory region. Signed-off-by: Ard Biesheuvel --- ArmVirtPkg/ArmVirt.dsc.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 74d98e6314c4..5b18184be263 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -363,6 +363,8 @@ [PcdsFixedAtBuild.common] # gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC0000000= 00007FD5 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE + [Components.common] # # Ramdisk support --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99892): https://edk2.groups.io/g/devel/message/99892 Mute This Topic: https://groups.io/mt/96853178/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99893+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99893+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951213; cv=none; d=zohomail.com; s=zohoarc; b=TzT/9z/sNUCeWpp8ffAsJ7QHGCgARuz4lSHPTPUdTgZCPYpku/8wnxQLCagG+ndEv6mnAZXNde3VD9HTJ4q3AgXANU0TfrWTEiBng5Pno6ksTfeHL5vt95dMty6xIkqFRKy7NG0o4db3vnVGxpttC28shjZNMLF+uRZ+HGT9YYY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951213; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=3dYO84A+cW/VjPKntLhTMRNGcZBkxjDDXF8rQgUivps=; b=mUc7rsL8XP6M5JBlnjwAh/XGXTQQv2jdUn5H5l1AN/IpgtEELcbtInuIlNqyOtrKRu/5Oi7tLZFviJFWrjmkjIJyBU/a/A3I8Coujwo5hmZWeAnorPIYdC4YN0RImWg1okmcgdFNmn5RUlvtH4JHLqBXyWS49qCESp3SQHbEWko= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99893+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167595121312129.85275403765195; Thu, 9 Feb 2023 06:00:13 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id kE6zYY1788612xxUzQ1nzXQS; Thu, 09 Feb 2023 06:00:12 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web11.15553.1675951211850480313 for ; Thu, 09 Feb 2023 06:00:12 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4BC13B82081; Thu, 9 Feb 2023 14:00:10 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id CC8F1C433A4; Thu, 9 Feb 2023 14:00:06 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 08/11] ArmPkg/ArmMmuLib: Avoid splitting block entries if possible Date: Thu, 9 Feb 2023 14:59:33 +0100 Message-Id: <20230209135936.789983-9-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: 4tE7JF3Vca3KAmRN9aXF4hgRx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951212; bh=/MFWahVlfuPjLEjPN5hznPCqQmzQogbrLHrxwmTbAOU=; h=Cc:Date:From:Reply-To:Subject:To; b=SUDrzxVKooyRuN+aTtWwFI4R/P+1bLJajBUmF2ni4w9Avp2xIVVrn9RoJVky+f0OE2u BRvcCgROIZ0iZFHntWtcp9B2lD2OChu7fcJq8Gc4Wdvgv2GznmvyG/i7+EmdXYsJ/nZy1 dL7hnNkFSLeOhWGmX+Tja2MAj1Ba173rtiE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951214154100001 Content-Type: text/plain; charset="utf-8" Currently, the ARM MMU page table logic will break down any block entry that overlaps with the region being mapped, even if the block entry in question is using the same attributes as the new region. This means that creating a non-executable mapping inside a region that is already mapped non-executable at a coarser granularity may trigger a call to AllocatePages (), which may recurse back into the page table code to update the attributes on the newly allocated page tables. Let's avoid this, by preserving the block entry if it already covers the region being mapped with the correct attributes. Signed-off-by: Ard Biesheuvel --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 10 ++++++++++ ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 11 +++++++++++ 2 files changed, 21 insertions(+) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr= ary/ArmMmuLib/AArch64/ArmMmuLibCore.c index 6d21a2e41dd1..1ce200c43c72 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -251,6 +251,16 @@ UpdateRegionMappingRecursive ( ASSERT (Level < 3); =20 if (!IsTableEntry (*Entry, Level)) { + // + // If the region we are trying to map is already covered by a block + // entry with the right attributes, don't bother splitting it up. + // + if (IsBlockEntry (*Entry, Level) && + ((*Entry & TT_ATTRIBUTES_MASK & ~AttributeClearMask) =3D=3D At= tributeSetMask)) + { + continue; + } + // // No table entry exists yet, so we need to allocate a page table // for the next level. diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 247cf87bf3d3..299d38ad07e8 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -170,6 +170,17 @@ UpdatePageEntries ( =20 // Does this descriptor need to be converted from section entry to 4K = pages? if (!TT_DESCRIPTOR_SECTION_TYPE_IS_PAGE_TABLE (Descriptor)) { + // + // If the section mapping covers the requested region with the expec= ted + // attributes, splitting it is unnecessary, and should be avoided as= it + // may result in unbounded recursion when using a strict NX policy. + // + if ((EntryValue & ~TT_DESCRIPTOR_PAGE_TYPE_MASK & EntryMask) =3D=3D + (ConvertSectionAttributesToPageAttributes (Descriptor) & EntryMa= sk)) + { + continue; + } + Status =3D ConvertSectionToPages (FirstLevelIdx << TT_DESCRIPTOR_SEC= TION_BASE_SHIFT); if (EFI_ERROR (Status)) { // Exit for loop --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99893): https://edk2.groups.io/g/devel/message/99893 Mute This Topic: https://groups.io/mt/96853180/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99894+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99894+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951216; cv=none; d=zohomail.com; s=zohoarc; b=OgRJntLIIU1TJWg7KDKP3bUnkEzZLKVH4P4VXTghR9nqp7KNKJDbZzgy1c4h3Q/2lcGXdVDpBMsozhTjXprIPnTLwaogKj5PNYHssw8ECwDXxPGwGtYG75ztSBKfN2mIEFSGrGfFkhMZSVGyceBQ3OclPwMZZ0ff8fx53Byee6w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951216; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=K/DKhoEpxJts6TUNIfQXLxj6jCCW6fd92Xrkd8psiXg=; b=AJy1BqKUegCVD5V+G6zVhnO7K8oPC0+ZePCeSVJTLTBByNdVwrmRjev2iaWCmGnGG6zwaoRDyKUinr9JM6TpOdAA/jHaJhvbKdQDdPZqnTEqu0LB2QnUglyMJ3l2WxbW7sRHsxx1AdxuewRzLsmqMquU+rLnyNrkLvLfWjJc6yk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99894+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951216247708.7537055973161; Thu, 9 Feb 2023 06:00:16 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id DL9lYY1788612xq3UuCN53Mt; Thu, 09 Feb 2023 06:00:15 -0800 X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web10.15549.1675951214822055810 for ; Thu, 09 Feb 2023 06:00:15 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id DD7A0B82147; Thu, 9 Feb 2023 14:00:12 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6A6D9C4339E; Thu, 9 Feb 2023 14:00:09 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 09/11] ArmPkg/CpuDxe: Expose unified region-to-EFI attribute conversion Date: Thu, 9 Feb 2023 14:59:34 +0100 Message-Id: <20230209135936.789983-10-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: zLcjPDuSfyVOORyiD2ygTEZ8x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951215; bh=YUO5WhVggnM8jgVxZPVdc163vOfi5bx7BLdvxWcV058=; h=Cc:Date:From:Reply-To:Subject:To; b=G01qRiN+8MGqftKr2p7UCnnbKAaAyo21cdlwgqW4VAimgOwOWHYeXGzQ2oeICTSryfD UzrjceagXfcwRkLFPaQazF2sX8QxpLtJDlP1jsxMLnDfCFGNI+y4j1AEDeJmEV8KtOZdc H+lloImk0kEopqGsGtmCS1VDiWFam5z0rhQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951218285100001 Content-Type: text/plain; charset="utf-8" In preparation for introducing an implementation of the EFI memory attributes protocol that is shared between ARM and AArch64, unify the existing code that converts a page table descriptor into a EFI_MEMORY_xxx bitfield, so it can be called from the generic code. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 17 +++++++++ ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 38 ++++++++++++++++++++ ArmPkg/Drivers/CpuDxe/CpuDxe.h | 14 ++++++++ 3 files changed, 69 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c b/ArmPkg/Drivers/CpuDxe/AA= rch64/Mmu.c index 8bda11f08a30..4a416743fb8a 100644 --- a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c @@ -83,6 +83,23 @@ PageAttributeToGcdAttribute ( return GcdAttributes; } =20 +/** + Convert a arch specific set of page attributes into a mask + of EFI_MEMORY_xx constants. + + @param PageAttributes The set of page attributes. + + @retval The mask of EFI_MEMORY_xx constants. + +**/ +UINT64 +RegionAttributeToGcdAttribute ( + IN UINTN PageAttributes + ) +{ + return PageAttributeToGcdAttribute (PageAttributes); +} + STATIC UINT64 GetFirstPageAttribute ( diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mm= u.c index 07faab8216ec..8e0dd5d2aaca 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -13,6 +13,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include "CpuDxe.h" =20 +/** + Convert a set of ARM short descriptor section attributes into a mask + of EFI_MEMORY_xx constants. + + @param SectionAttributes The set of page attributes. + @param GcdAttributes Pointer to the return value. + +**/ +STATIC EFI_STATUS SectionToGcdAttributes ( IN UINT32 SectionAttributes, @@ -74,6 +83,35 @@ SectionToGcdAttributes ( return EFI_SUCCESS; } =20 +/** + Convert a arch specific set of page attributes into a mask + of EFI_MEMORY_xx constants. + + @param PageAttributes The set of page attributes. + + @retval The mask of EFI_MEMORY_xx constants. + +**/ +UINT64 +RegionAttributeToGcdAttribute ( + IN UINTN PageAttributes + ) +{ + UINT64 Result; + + SectionToGcdAttributes (PageAttributes, &Result); + return Result; +} + +/** + Convert a set of ARM short descriptor page attributes into a mask + of EFI_MEMORY_xx constants. + + @param PageAttributes The set of page attributes. + @param GcdAttributes Pointer to the return value. + +**/ +STATIC EFI_STATUS PageToGcdAttributes ( IN UINT32 PageAttributes, diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.h b/ArmPkg/Drivers/CpuDxe/CpuDxe.h index ff672390ce51..8cb105dcc841 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.h +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.h @@ -126,4 +126,18 @@ SetGcdMemorySpaceAttributes ( IN UINT64 Attributes ); =20 +/** + Convert a arch specific set of page attributes into a mask + of EFI_MEMORY_xx constants. + + @param PageAttributes The set of page attributes. + + @retval The mask of EFI_MEMORY_xx constants. + +**/ +UINT64 +RegionAttributeToGcdAttribute ( + IN UINTN PageAttributes + ); + #endif // CPU_DXE_H_ --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99894): https://edk2.groups.io/g/devel/message/99894 Mute This Topic: https://groups.io/mt/96853182/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99895+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99895+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951216; cv=none; d=zohomail.com; s=zohoarc; b=JEkk9cMmV6f+Mq5O1kIQsOUOexTocUH4trSWmadYiWiP/KTKaKCGzXdmn4mfAighYDpWDKcyZOEs2Z90sCfSb7UeRwwNhQPyTMMsUr9v73WBblDQQAwIGe/i0voxNGu/L+o0026OZutGlz9JVmkY1w49+xJ0AVjuab5/8wANH4o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951216; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=2cYFbJlCGHpiRXXNX9EAnNeV+B8pKzvHle7A+fFnn48=; b=Brx3yOlkmo2IK6Ay2gedV5I4nL5nKHWQ9wkLai4Rg530MTG3yprVsHy2w5r0zFZRv90D7ZHEsLOd+xMulRa8X57NoymIdxg7ASR9KlKqz0iRBMCgLrqG9P5dDJXK+GLx547ITdKjX58z4V+vflSNmbXcEXqFosozoDxuUH1pRRg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99895+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951216713489.0442886536091; Thu, 9 Feb 2023 06:00:16 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id LLvWYY1788612xGukLNIeAvx; Thu, 09 Feb 2023 06:00:16 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.15556.1675951215300569180 for ; Thu, 09 Feb 2023 06:00:15 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id C619561A8D; Thu, 9 Feb 2023 14:00:14 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0A081C4339B; Thu, 9 Feb 2023 14:00:11 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 10/11] MdePkg: Add Memory Attribute Protocol definition Date: Thu, 9 Feb 2023 14:59:35 +0100 Message-Id: <20230209135936.789983-11-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: DlmQV2ebGWgXH7Mqr9wFXteWx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951216; bh=YWPYTIqxtiB48/rN8I5LJWpxloRIw+tzn4yJjt65dYw=; h=Cc:Date:From:Reply-To:Subject:To; b=Fh2hYgKi0QW67mcIRYB5LKMZDSkkdsYCqwOfa8GOVBBcslcdEDv1pc6RTPMTA9Ff2nV n4zeftZ9duqWesawr5vZpRHgT6qn35C25zcoDIuf3c+/i739uIfC/S1x9Ruz+6S16zTt/ GTb29PP2VzLBh+nuGHjrCBITW9YxUzpu58E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951218340100004 Content-Type: text/plain; charset="utf-8" Add the Memory Attribute Protocol definition, which was adopted and included in version 2.10 of the UEFI specification. Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3519 Signed-off-by: Ard Biesheuvel Reviewed-by: Liming Gao --- MdePkg/Include/Protocol/MemoryAttribute.h | 142 ++++++++++++++++++++ MdePkg/MdePkg.dec | 3 + 2 files changed, 145 insertions(+) diff --git a/MdePkg/Include/Protocol/MemoryAttribute.h b/MdePkg/Include/Pro= tocol/MemoryAttribute.h new file mode 100644 index 000000000000..5c6b7badb589 --- /dev/null +++ b/MdePkg/Include/Protocol/MemoryAttribute.h @@ -0,0 +1,142 @@ +/** @file + + EFI Memory Attribute Protocol provides retrieval and update service + for memory attributes in EFI environment. + + Copyright (c) 2021, Intel Corporation. All rights reserved.
+ Copyright (c) 2023, Google LLC. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef EFI_MEMORY_ATTRIBUTE_H_ +#define EFI_MEMORY_ATTRIBUTE_H_ + +#define EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID \ + { \ + 0xf4560cf6, 0x40ec, 0x4b4a, { 0xa1, 0x92, 0xbf, 0x1d, 0x57, 0xd0, 0xb1= , 0x89 } \ + } + +typedef struct _EFI_MEMORY_ATTRIBUTE_PROTOCOL EFI_MEMORY_ATTRIBUTE_PROTOCO= L; + +/** + This function set given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to set for the memo= ry + region. + + @retval EFI_SUCCESS The attributes were set for the memory reg= ion. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be set together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_SET_MEMORY_ATTRIBUTES)( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ); + +/** + This function clears given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to clear for the me= mory + region. + + @retval EFI_SUCCESS The attributes were cleared for the memory= region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be cleared together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_CLEAR_MEMORY_ATTRIBUTES)( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ); + +/** + This function retrieves the attributes of the memory region specified by + BaseAddress and Length. If different attributes are got from different p= art + of the memory region, EFI_NO_MAPPING will be returned. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes Pointer to attributes returned. + + @retval EFI_SUCCESS The attributes got for the memory region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes is NULL. + @retval EFI_NO_MAPPING Attributes are not consistent cross the me= mory + region. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_GET_MEMORY_ATTRIBUTES)( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + OUT UINT64 *Attributes + ); + +/// +/// EFI Memory Attribute Protocol provides services to retrieve or update +/// attribute of memory in the EFI environment. +/// +struct _EFI_MEMORY_ATTRIBUTE_PROTOCOL { + EFI_GET_MEMORY_ATTRIBUTES GetMemoryAttributes; + EFI_SET_MEMORY_ATTRIBUTES SetMemoryAttributes; + EFI_CLEAR_MEMORY_ATTRIBUTES ClearMemoryAttributes; +}; + +extern EFI_GUID gEfiMemoryAttributeProtocolGuid; + +#endif diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 3d08f20d15b0..a8658403c8fd 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -1915,6 +1915,9 @@ [Protocols] ## Include/Protocol/RedfishDiscover.h gEfiRedfishDiscoverProtocolGuid =3D { 0x5db12509, 0x4550, 0x4347, {= 0x96, 0xb3, 0x73, 0xc0, 0xff, 0x6e, 0x86, 0x9f }} =20 + ## Include/Protocol/MemoryAttribute.h + gEfiMemoryAttributeProtocolGuid =3D { 0xf4560cf6, 0x40ec, 0x4b4a, { 0xa1= , 0x92, 0xbf, 0x1d, 0x57, 0xd0, 0xb1, 0x89 }} + # # Protocols defined in Shell2.0 # --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99895): https://edk2.groups.io/g/devel/message/99895 Mute This Topic: https://groups.io/mt/96853183/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 01:01:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+99896+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99896+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=kernel.org ARC-Seal: i=1; a=rsa-sha256; t=1675951218; cv=none; d=zohomail.com; s=zohoarc; b=SvFo+vsNLGYRg1OKmqJTFn2gweiT9DFmYPYX4LguakV8CoO5iaMZkZn9J5Mx4/KPihlQ+Dy4Z3pjPXVgioQ3d/OA6ZXvfesiDlIvDAOFlVIV/Ym8LEFUm5+zDgQpxLKX7g1uqNwLJ0Z3YnsmdP3Qj9ORl/TAgvtECENaK4NXJxU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675951218; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ObyEMhrJvv7K083NtfQzrvfyGfMHvjeAXPELsdv90c4=; b=COeawRSQw8MBcrmlpUgYvJL18b/UnL1tFNMO+PPZL84dIVdTIpLfLnmzQvprwbb161uqVuEDin/+ttLUuQ7yZ/UJ0MvsqNFou/bqA2+2XNICf4xdIly8sTPSJUTlID/RqiZglat8gdkNU1OcU9UpOeJ3xXBY6SP9CirQ0eeaoWM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+99896+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1675951218969360.9676643037586; Thu, 9 Feb 2023 06:00:18 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id cygLYY1788612x41Kj4ODbTy; Thu, 09 Feb 2023 06:00:18 -0800 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.15557.1675951217861514467 for ; Thu, 09 Feb 2023 06:00:18 -0800 X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 655A661AA3; Thu, 9 Feb 2023 14:00:17 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9FEB0C4339E; Thu, 9 Feb 2023 14:00:14 +0000 (UTC) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [edk2-devel] [PATCH v4 11/11] ArmPkg/CpuDxe: Implement EFI memory attributes protocol Date: Thu, 9 Feb 2023 14:59:36 +0100 Message-Id: <20230209135936.789983-12-ardb@kernel.org> In-Reply-To: <20230209135936.789983-1-ardb@kernel.org> References: <20230209135936.789983-1-ardb@kernel.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ardb@kernel.org X-Gm-Message-State: bxUAbasbFRFqVtd9lgXMihQyx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1675951218; bh=ALxHC/2RB3big+q+liSTilzq2uIRc5p7o3UsGLN/STo=; h=Cc:Date:From:Reply-To:Subject:To; b=I3JZ8vkgR6Esb1zn99wJRvVxpF5PtTYbk26aO7q3d6wChLBVMO07aDb1r9lPnA2AH+x lEMcX+r0I+7bpZY7rFBKTBDKrcDN4kftHzaLIw1swAoqDdiHRrhEdLS02/su351935161 aYf+9bHNjMAqKiTJ/OeECjvnB7ymKsMm2Q8= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1675951220352100009 Content-Type: text/plain; charset="utf-8" Expose the protocol introduced in v2.10 that permits the caller to manage mapping permissions in the page tables. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/CpuDxe.c | 2 + ArmPkg/Drivers/CpuDxe/CpuDxe.h | 3 + ArmPkg/Drivers/CpuDxe/CpuDxe.inf | 2 + ArmPkg/Drivers/CpuDxe/MemoryAttribute.c | 271 ++++++++++++++++++++ 4 files changed, 278 insertions(+) diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.c b/ArmPkg/Drivers/CpuDxe/CpuDxe.c index e6742f0a25fc..d04958e79e52 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.c +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.c @@ -244,6 +244,8 @@ CpuDxeInitialize ( &mCpuHandle, &gEfiCpuArchProtocolGuid, &mCpu, + &gEfiMemoryAttributeProtocolGuid, + &mMemoryAttribute, NULL ); =20 diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.h b/ArmPkg/Drivers/CpuDxe/CpuDxe.h index 8cb105dcc841..ce2981361aca 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.h +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.h @@ -30,9 +30,12 @@ #include #include #include +#include =20 extern BOOLEAN mIsFlushingGCD; =20 +extern EFI_MEMORY_ATTRIBUTE_PROTOCOL mMemoryAttribute; + /** This function registers and enables the handler specified by InterruptHa= ndler for a processor interrupt or exception type specified by InterruptType. If InterruptHand= ler is NULL, then the diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf b/ArmPkg/Drivers/CpuDxe/CpuDx= e.inf index 10792b393fc8..e732e21cb94a 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.inf @@ -23,6 +23,7 @@ [Sources.Common] CpuDxe.h CpuMmuCommon.c Exception.c + MemoryAttribute.c =20 [Sources.ARM] Arm/Mmu.c @@ -53,6 +54,7 @@ [LibraryClasses] =20 [Protocols] gEfiCpuArchProtocolGuid + gEfiMemoryAttributeProtocolGuid =20 [Guids] gEfiDebugImageInfoTableGuid diff --git a/ArmPkg/Drivers/CpuDxe/MemoryAttribute.c b/ArmPkg/Drivers/CpuDx= e/MemoryAttribute.c new file mode 100644 index 000000000000..b47464c0269e --- /dev/null +++ b/ArmPkg/Drivers/CpuDxe/MemoryAttribute.c @@ -0,0 +1,271 @@ +/** @file + + Copyright (c) 2023, Google LLC. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CpuDxe.h" + +/** + This function retrieves the attributes of the memory region specified by + BaseAddress and Length. If different attributes are got from different p= art + of the memory region, EFI_NO_MAPPING will be returned. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes Pointer to attributes returned. + + @retval EFI_SUCCESS The attributes got for the memory region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes is NULL. + @retval EFI_NO_MAPPING Attributes are not consistent cross the me= mory + region. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + +**/ +STATIC +EFI_STATUS +GetMemoryAttributes ( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + OUT UINT64 *Attributes + ) +{ + UINTN RegionAddress; + UINTN RegionLength; + UINTN RegionAttributes; + UINTN Union; + UINTN Intersection; + EFI_STATUS Status; + + if ((Length =3D=3D 0) || (Attributes =3D=3D NULL)) { + return EFI_INVALID_PARAMETER; + } + + DEBUG (( + DEBUG_VERBOSE, + "%a: BaseAddress =3D=3D 0x%lx, Length =3D=3D 0x%lx\n", + __FUNCTION__, + BaseAddress, + Length + )); + + Union =3D 0; + Intersection =3D MAX_UINTN; + + for (RegionAddress =3D (UINTN)BaseAddress; + RegionAddress < (UINTN)(BaseAddress + Length); + RegionAddress +=3D RegionLength) + { + Status =3D GetMemoryRegion ( + &RegionAddress, + &RegionLength, + &RegionAttributes + ); + + DEBUG (( + DEBUG_VERBOSE, + "%a: RegionAddress =3D=3D 0x%lx, RegionLength =3D=3D 0x%lx, RegionAt= tributes =3D=3D 0x%lx\n", + __FUNCTION__, + (UINT64)RegionAddress, + (UINT64)RegionLength, + (UINT64)RegionAttributes + )); + + if (EFI_ERROR (Status)) { + return EFI_NO_MAPPING; + } + + Union |=3D RegionAttributes; + Intersection &=3D RegionAttributes; + } + + DEBUG (( + DEBUG_VERBOSE, + "%a: Union =3D=3D %lx, Intersection =3D=3D %lx\n", + __FUNCTION__, + (UINT64)Union, + (UINT64)Intersection + )); + + if (Union !=3D Intersection) { + return EFI_NO_MAPPING; + } + + *Attributes =3D RegionAttributeToGcdAttribute (Union); + *Attributes &=3D EFI_MEMORY_RP | EFI_MEMORY_RO | EFI_MEMORY_XP; + return EFI_SUCCESS; +} + +/** + This function set given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to set for the memo= ry + region. + + @retval EFI_SUCCESS The attributes were set for the memory reg= ion. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be set together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +STATIC +EFI_STATUS +SetMemoryAttributes ( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ) +{ + EFI_STATUS Status; + + DEBUG (( + DEBUG_INFO, + "%a: BaseAddress =3D=3D 0x%lx, Length =3D=3D 0x%lx, Attributes =3D=3D = 0x%lx\n", + __FUNCTION__, + (UINTN)BaseAddress, + (UINTN)Length, + (UINTN)Attributes + )); + + if ((Length =3D=3D 0) || + ((Attributes & ~(EFI_MEMORY_RO | EFI_MEMORY_RP | EFI_MEMORY_XP)) != =3D 0)) + { + return EFI_INVALID_PARAMETER; + } + + if ((Attributes & EFI_MEMORY_RP) !=3D 0) { + Status =3D ArmSetMemoryRegionNoAccess (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + if ((Attributes & EFI_MEMORY_RO) !=3D 0) { + Status =3D ArmSetMemoryRegionReadOnly (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + if ((Attributes & EFI_MEMORY_XP) !=3D 0) { + Status =3D ArmSetMemoryRegionNoExec (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + return EFI_SUCCESS; +} + +/** + This function clears given attributes of the memory region specified by + BaseAddress and Length. + + The valid Attributes is EFI_MEMORY_RP, EFI_MEMORY_XP, and EFI_MEMORY_RO. + + @param This The EFI_MEMORY_ATTRIBUTE_PROTOCOL instance. + @param BaseAddress The physical address that is the start address= of + a memory region. + @param Length The size in bytes of the memory region. + @param Attributes The bit mask of attributes to clear for the me= mory + region. + + @retval EFI_SUCCESS The attributes were cleared for the memory= region. + @retval EFI_INVALID_PARAMETER Length is zero. + Attributes specified an illegal combinatio= n of + attributes that cannot be cleared together. + @retval EFI_UNSUPPORTED The processor does not support one or more + bytes of the memory resource range specifi= ed + by BaseAddress and Length. + The bit mask of attributes is not supporte= d for + the memory resource range specified by + BaseAddress and Length. + @retval EFI_OUT_OF_RESOURCES Requested attributes cannot be applied due= to + lack of system resources. + @retval EFI_ACCESS_DENIED Attributes for the requested memory region= are + controlled by system firmware and cannot be + updated via the protocol. + +**/ +STATIC +EFI_STATUS +ClearMemoryAttributes ( + IN EFI_MEMORY_ATTRIBUTE_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 Attributes + ) +{ + EFI_STATUS Status; + + DEBUG (( + DEBUG_INFO, + "%a: BaseAddress =3D=3D 0x%lx, Length =3D=3D 0x%lx, Attributes =3D=3D = 0x%lx\n", + __FUNCTION__, + (UINTN)BaseAddress, + (UINTN)Length, + (UINTN)Attributes + )); + + if ((Length =3D=3D 0) || + ((Attributes & ~(EFI_MEMORY_RO | EFI_MEMORY_RP | EFI_MEMORY_XP)) != =3D 0)) + { + return EFI_INVALID_PARAMETER; + } + + if ((Attributes & EFI_MEMORY_RP) !=3D 0) { + Status =3D ArmClearMemoryRegionNoAccess (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + if ((Attributes & EFI_MEMORY_RO) !=3D 0) { + Status =3D ArmClearMemoryRegionReadOnly (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + if ((Attributes & EFI_MEMORY_XP) !=3D 0) { + Status =3D ArmClearMemoryRegionNoExec (BaseAddress, Length); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + } + + return EFI_SUCCESS; +} + +EFI_MEMORY_ATTRIBUTE_PROTOCOL mMemoryAttribute =3D { + GetMemoryAttributes, + SetMemoryAttributes, + ClearMemoryAttributes +}; --=20 2.39.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99896): https://edk2.groups.io/g/devel/message/99896 Mute This Topic: https://groups.io/mt/96853185/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-