From nobody Sat Feb  7 08:43:51 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+100089+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+100089+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=kernel.org
ARC-Seal: i=1; a=rsa-sha256; t=1676301515; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Dt8eciHlDG8tgfV68G/T6Mil6B02H3zmhHSFrrBsta5tGu6nG2rWtI5S2RsNwAYcriDPlLMhpF7QMoH0qags/lvfhgmD5NQygIvPddYX5jUjnQ44wwfJ1wYEQuI8PcxUMJCC6/0RcrJxkpjshg5A8owmbRyBdOjiKvMyG5kIzbU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1676301515;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=Hi+WdmfeF0pDQUKolWrq8O9u6BjsAd4mASwm9fYmjuI=;
	b=S6AZ3BlmLEYwTCjXaBTM6XvpVA09u+K9gkHqnmDZGJwQsi7fSCH2rgnfhBD1ZzQK75HN4AKyA1AXvKvdps7DlnNHIxDecHPIB6VLyNcNNaLy4cG47GQlxayB/ZV402itYil6EQ7vv2tnCDJIW+wxw2LGof0mOROlqk32ggajm/M=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+100089+1787277+3901457@groups.io;
	dmarc=fail header.from=<ardb@kernel.org> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1676301515810250.76003725188332;
 Mon, 13 Feb 2023 07:18:35 -0800 (PST)
Return-Path: <bounce+27952+100089+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id mb8nYY1788612xNrYyf7iKzd;
 Mon, 13 Feb 2023 07:18:35 -0800
X-Received: from dfw.source.kernel.org (dfw.source.kernel.org
 [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web10.16804.1676301514769873645
 for <devel@edk2.groups.io>;
 Mon, 13 Feb 2023 07:18:34 -0800
X-Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 4610961176;
	Mon, 13 Feb 2023 15:18:34 +0000 (UTC)
X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 14EB3C4339B;
	Mon, 13 Feb 2023 15:18:30 +0000 (UTC)
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Taylor Beebe <t@taylorbeebe.com>,
	Matthew Garrett <mjg59@srcf.ucam.org>,
	Peter Jones <pjones@redhat.com>,
	Kees Cook <keescook@chromium.org>
Subject: [edk2-devel] [RFC 02/13] ArmPkg/ArmMmuLib: Introduce region types for
 RO/XP WB cached memory
Date: Mon, 13 Feb 2023 16:17:59 +0100
Message-Id: <20230213151810.2301480-3-ardb@kernel.org>
In-Reply-To: <20230213151810.2301480-1-ardb@kernel.org>
References: <20230213151810.2301480-1-ardb@kernel.org>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,ardb@kernel.org
X-Gm-Message-State: mpCr0OFJfUCAuLz0SypOH49Mx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1676301515;
 bh=o+Nnnz5+gs5bV4N7yXEOb5MZAAnhrio2O5YX2R8iK80=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=nZzaoXi2AU9VkLmCy7Studk2eil3InqeBY71c513+Gl5MKHEk1I8AdJDbBk/pYLAIKK
 cmY5bAcmd/0Z1MnrEQudvkFvQ1ZV0wrBsfqddU1RQNsKmSVUW4xDqW/CQO6i+yzwletaL
 sFI53vVOtGGjUdfwKdaNWKyRQcUoTn3NAdE=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1676301517513100007
Content-Type: text/plain; charset="utf-8"

To prepare for the enablement of booting EFI with the SCTLR.WXN control
enabled, which makes all writeable memory regions non-executable by
default, introduce a memory type that we will use to describe the flash
region that carries the SEC and PEIM modules that execute in place. Even
if these are implicitly read-only due to the ROM nature, they need to be
mapped with read-only attributes in the page tables to be able to
execute from them.

Also add the XP counterpart which will be used for all normal DRAM right
at the outset.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ArmPkg/Include/Library/ArmLib.h                  |  6 ++++
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 29 ++++++++++++++++----
 ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c     | 16 +++++++++++
 3 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/ArmPkg/Include/Library/ArmLib.h b/ArmPkg/Include/Library/ArmLi=
b.h
index a53f60d98852..fb1ae57b3522 100644
--- a/ArmPkg/Include/Library/ArmLib.h
+++ b/ArmPkg/Include/Library/ArmLib.h
@@ -35,6 +35,12 @@ typedef enum {
   // Do NOT use below two attributes if you are not sure.
   ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_NONSHAREABLE,
=20
+  // Special region types for memory that must be mapped with read-only or
+  // non-execute permissions from the very start, e.g., to support the use
+  // of the WXN virtual memory control.
+  ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_RO,
+  ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_XP,
+
   ARM_MEMORY_REGION_ATTRIBUTE_WRITE_THROUGH,
   ARM_MEMORY_REGION_ATTRIBUTE_DEVICE,
 } ARM_MEMORY_REGION_ATTRIBUTES;
diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr=
ary/ArmMmuLib/AArch64/ArmMmuLibCore.c
index ee4c5c995ce8..9cdaa8b32c62 100644
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
@@ -37,12 +37,33 @@ ArmMemoryAttributeToPageAttribute (
   IN ARM_MEMORY_REGION_ATTRIBUTES  Attributes
   )
 {
+  UINT64  Permissions =3D 0;
+
+  switch (Attributes) {
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_RO:
+      Permissions =3D TT_AP_NO_RO;
+      break;
+
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_XP:
+    case ARM_MEMORY_REGION_ATTRIBUTE_DEVICE:
+      if (ArmReadCurrentEL () =3D=3D AARCH64_EL2) {
+        Permissions =3D TT_XN_MASK;
+      } else {
+        Permissions =3D TT_UXN_MASK | TT_PXN_MASK;
+      }
+      break;
+    default:
+      break;
+  }
+
   switch (Attributes) {
     case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_NONSHAREABLE:
       return TT_ATTR_INDX_MEMORY_WRITE_BACK;
=20
     case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK:
-      return TT_ATTR_INDX_MEMORY_WRITE_BACK | TT_SH_INNER_SHAREABLE;
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_RO:
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_XP:
+      return TT_ATTR_INDX_MEMORY_WRITE_BACK | TT_SH_INNER_SHAREABLE | Perm=
issions;
=20
     case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_THROUGH:
       return TT_ATTR_INDX_MEMORY_WRITE_THROUGH | TT_SH_INNER_SHAREABLE;
@@ -54,11 +75,7 @@ ArmMemoryAttributeToPageAttribute (
     default:
       ASSERT (0);
     case ARM_MEMORY_REGION_ATTRIBUTE_DEVICE:
-      if (ArmReadCurrentEL () =3D=3D AARCH64_EL2) {
-        return TT_ATTR_INDX_DEVICE_MEMORY | TT_XN_MASK;
-      } else {
-        return TT_ATTR_INDX_DEVICE_MEMORY | TT_UXN_MASK | TT_PXN_MASK;
-      }
+      return TT_ATTR_INDX_DEVICE_MEMORY | Permissions;
   }
 }
=20
diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c b/ArmPkg/Library/=
ArmMmuLib/Arm/ArmMmuLibCore.c
index 154298357460..00c5f42cd91a 100644
--- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
+++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
@@ -106,6 +106,14 @@ PopulateLevel2PageTable (
       PageAttributes  =3D TT_DESCRIPTOR_PAGE_WRITE_BACK;
       PageAttributes &=3D ~TT_DESCRIPTOR_PAGE_S_SHARED;
       break;
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_RO:
+      PageAttributes  =3D TT_DESCRIPTOR_PAGE_WRITE_BACK;
+      PageAttributes |=3D TT_DESCRIPTOR_PAGE_AP_NO_RO;
+      break;
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_XP:
+      PageAttributes  =3D TT_DESCRIPTOR_PAGE_WRITE_BACK;
+      PageAttributes |=3D TT_DESCRIPTOR_PAGE_XN_MASK;
+      break;
     case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_THROUGH:
       PageAttributes =3D TT_DESCRIPTOR_PAGE_WRITE_THROUGH;
       break;
@@ -240,6 +248,14 @@ FillTranslationTable (
       Attributes  =3D TT_DESCRIPTOR_SECTION_WRITE_BACK;
       Attributes &=3D ~TT_DESCRIPTOR_SECTION_S_SHARED;
       break;
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_RO:
+      Attributes  =3D TT_DESCRIPTOR_SECTION_WRITE_BACK;
+      Attributes |=3D TT_DESCRIPTOR_SECTION_AP_NO_RO;
+      break;
+    case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_XP:
+      Attributes  =3D TT_DESCRIPTOR_SECTION_WRITE_BACK;
+      Attributes |=3D TT_DESCRIPTOR_SECTION_XN_MASK;
+      break;
     case ARM_MEMORY_REGION_ATTRIBUTE_WRITE_THROUGH:
       Attributes =3D TT_DESCRIPTOR_SECTION_WRITE_THROUGH;
       break;
--=20
2.39.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#100089): https://edk2.groups.io/g/devel/message/100089
Mute This Topic: https://groups.io/mt/96937475/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-