From nobody Sun Feb  8 06:56:35 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+100100+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+100100+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=kernel.org
ARC-Seal: i=1; a=rsa-sha256; t=1676301551; cv=none;
	d=zohomail.com; s=zohoarc;
	b=bDwnlg+6U+Z0UUYY9KPs78oMIqPbxMPMSOMnv4XdxQDp56B5uI343ub3BHPU128ouAsmh2dSmmvVQPE2+KUjav0A4MFh1hsTwpmEk8MNwmh/movnnbxbzqSQqs+VKmAcQZ/OnaKMyCd1rCst5Revt6yYahgPagE7HrVkPNGKBhE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676301551;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=GZD0QGSYoHuB786yoSyyiTrvt+NiKM8CLtVPt1HejgM=;
	b=Tbuqx0jTqkqDfm/QIcVIsHYgWCZVXh89lNL6Y/X2rPEuYTK3KiCMyWyiBuHzcQomtmkT5bGBNcBwM3lbE2mKnJ+UJugz7gUyWGDmQyCSc9BlegV7L3udDHOu0AmhDtpitNJGKjE32b3nbMdnv5sQMjW3icQA44mjvmO2qtpw01s=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+100100+1787277+3901457@groups.io;
	dmarc=fail header.from=<ardb@kernel.org> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1676301551213413.09538691634066;
 Mon, 13 Feb 2023 07:19:11 -0800 (PST)
Return-Path: <bounce+27952+100100+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id zlDTYY1788612xsjBOM1jR2Z;
 Mon, 13 Feb 2023 07:19:10 -0800
X-Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
 by mx.groups.io with SMTP id smtpd.web10.16827.1676301549959972321
 for <devel@edk2.groups.io>;
 Mon, 13 Feb 2023 07:19:10 -0800
X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ams.source.kernel.org (Postfix) with ESMTPS id 76A01B810D6;
	Mon, 13 Feb 2023 15:19:08 +0000 (UTC)
X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 98F3EC4339B;
	Mon, 13 Feb 2023 15:19:04 +0000 (UTC)
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Taylor Beebe <t@taylorbeebe.com>,
	Matthew Garrett <mjg59@srcf.ucam.org>,
	Peter Jones <pjones@redhat.com>,
	Kees Cook <keescook@chromium.org>
Subject: [edk2-devel] [RFC 13/13] ArmVirtPkg/ArmVirtQemu: Enable hardware
 enforced W^X memory permissions
Date: Mon, 13 Feb 2023 16:18:10 +0100
Message-Id: <20230213151810.2301480-14-ardb@kernel.org>
In-Reply-To: <20230213151810.2301480-1-ardb@kernel.org>
References: <20230213151810.2301480-1-ardb@kernel.org>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,ardb@kernel.org
X-Gm-Message-State: cm6YlsV6Ry7CrCMaoNL4MOMix1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1676301550;
 bh=ns0+6masIwITZbbJB6VQaw+w7Z5QAgpHcZ427mDNHf4=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=b8ZKXxU5dqo81uDh2h2x7BWYsRWgiqR75Uiq3VyTPr+B+UWw/YeNBqN1/9m4lwzTbBE
 DuWX0VxKyfHhfBfV38jz7EDa32/OgnbxL5aRnv/7puIiOLqQuHaYW3JgbzovKSxmstIJc
 l2rpqMyPDe4kW41lpPFbkWMikfqWEQksjDY=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1676301551802100005
Content-Type: text/plain; charset="utf-8"

Enable the WXN system control bit straight out of reset when running in
EL1 with the initial ID map from flash. This setting will be inherited
by the page table code after it sets up the permanent boot time page
tables, resulting in all memory mappings that are not explicitly mapped
as read-only to be non-executable.

Note that this requires runtime drivers to be built with position
independent codegen, to ensure that all absolute symbol references are
moved into a separate section in the binary. Otherwise, unmapping the
pages that are subject to relocation fixups at runtime (during the
invocation of SetVirtualAddressMap()) could result in code mappings
losing their executable permissions.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ArmVirtPkg/ArmVirt.dsc.inc                                        | 1 +
 ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 5b18184be263..928dd6330edb 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -31,6 +31,7 @@ [BuildOptions.common.EDKII.DXE_CORE,BuildOptions.common.E=
DKII.DXE_DRIVER,BuildOp
=20
 [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
   GCC:*_*_ARM_DLINK_FLAGS =3D -z common-page-size=3D0x1000
+  GCC:*_*_AARCH64_CC_FLAGS =3D -fpie
   GCC:*_*_AARCH64_DLINK_FLAGS =3D -z common-page-size=3D0x10000
=20
 [LibraryClasses.common]
diff --git a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelpe=
r.S b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S
index 5ac7c732f6ec..51c089a45ffc 100644
--- a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S
+++ b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S
@@ -38,7 +38,7 @@
  .set    SCTLR_EL1_ITD,       0x1 << 7
  .set    SCTLR_EL1_RES1,      (0x1 << 11) | (0x1 << 20) | (0x1 << 22) | (0=
x1 << 28) | (0x1 << 29)
  .set    sctlrval, SCTLR_ELx_M | SCTLR_ELx_C | SCTLR_ELx_SA | SCTLR_EL1_IT=
D | SCTLR_EL1_SED
- .set    sctlrval, sctlrval | SCTLR_ELx_I | SCTLR_EL1_SPAN | SCTLR_EL1_RES1
+ .set    sctlrval, sctlrval | SCTLR_ELx_I | SCTLR_EL1_SPAN | SCTLR_EL1_RES=
1 | SCTLR_EL1_WXN
=20
=20
 ASM_FUNC(ArmPlatformPeiBootAction)
--=20
2.39.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#100100): https://edk2.groups.io/g/devel/message/100100
Mute This Topic: https://groups.io/mt/96937498/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-