[v2] Add PPI to manage PEI phase memory attributes

[edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory attributes

Posted by Ard Biesheuvel 11 months ago

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4468

This is a followup to the RFC that I sent to the edk2-devel list on the
25th of May.

In an attempt to make some incremental progress, this v2 only covers the
NX remapping of the DXE stack in DxeIpl, using the newly introduced
memory attributes PPI.

Other use cases are deferred until we can converge on an approach that
works across architectures and platforms. In particular, this means the
following use cases:
- mapping the DXE core code and data regions RO and XP, respectively;
- mapping shadowed PEIMs read-only (including the PEI core itself);
- managing memory permissions after temporary RAM migration;
- reorganizing the X64 PEI flow with respect to page table allocation;
- managing the dispatch order of the PEIM producing the PPI in relation
  to its consumers.

The current series specifies the PPI in patch #1, and wires it up into
DxeIpl to remap the DXE stack non-executable in a generic manner
(patches #2 and #3)

Patches #4 and #5 implement the PPI for ARM and AArch64.

Patch #6 switches ARM and AArch64 over to the generic DxeIpl.

Patch #7 cleans up the ARM implementation of the UEFI memory attributes
protocol, based on the improvements made in patch #4. 

Changes since RFC (in addition to the above):
- update PPI protype to use attributes+mask instead of setmask+clearmask
- drop OVMF patch for RISC-V that has been applied in the meantime

Cc: Ray Ni <ray.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Taylor Beebe <t@taylorbeebe.com>
Cc: Oliver Smith-Denny <osd@smith-denny.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>

Ard Biesheuvel (7):
  MdeModulePkg: Define memory attribute PPI
  MdeModulePkg/DxeIpl: Merge EBC, RISCV64 and LOONGARCH code
  MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX
  ArmPkg/ArmMmuLib: Extend API to manage memory permissions better
  ArmPkg/CpuPei: Implement the memory attributes PPI
  MdeModulePkg/DxeIpl ARM AARCH64: Switch to generic handoff code
  ArmPkg/CpuDxe: Simplify memory attributes protocol implementation

 ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c                             |  2 +-
 ArmPkg/Drivers/CpuDxe/MemoryAttribute.c                          | 50 +----------
 ArmPkg/Drivers/CpuPei/CpuPei.c                                   | 76 +++++++++++++++++
 ArmPkg/Drivers/CpuPei/CpuPei.inf                                 |  4 +
 ArmPkg/Include/Library/ArmMmuLib.h                               | 36 +++++++-
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c                 | 52 +++++++++++-
 ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c                   | 88 +++++++++++++++++---
 ArmPkg/Library/OpteeLib/Optee.c                                  |  2 +-
 MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c                   | 71 ----------------
 MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c} | 31 ++++++-
 MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf                          | 24 ++----
 MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c           | 63 --------------
 MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c               | 75 -----------------
 MdeModulePkg/Include/Ppi/MemoryAttribute.h                       | 83 ++++++++++++++++++
 MdeModulePkg/MdeModulePkg.dec                                    |  3 +
 15 files changed, 366 insertions(+), 294 deletions(-)
 delete mode 100644 MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
 rename MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c} (62%)
 delete mode 100644 MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
 delete mode 100644 MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
 create mode 100644 MdeModulePkg/Include/Ppi/MemoryAttribute.h

-- 
2.39.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105649): https://edk2.groups.io/g/devel/message/105649
Mute This Topic: https://groups.io/mt/99288474/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory attributes

Posted by Michael Kubacki 10 months, 3 weeks ago

Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>

On 6/2/2023 11:17 AM, Ard Biesheuvel wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4468
> 
> 
> 
> This is a followup to the RFC that I sent to the edk2-devel list on the
> 
> 25th of May.
> 
> 
> 
> In an attempt to make some incremental progress, this v2 only covers the
> 
> NX remapping of the DXE stack in DxeIpl, using the newly introduced
> 
> memory attributes PPI.
> 
> 
> 
> Other use cases are deferred until we can converge on an approach that
> 
> works across architectures and platforms. In particular, this means the
> 
> following use cases:
> 
> - mapping the DXE core code and data regions RO and XP, respectively;
> 
> - mapping shadowed PEIMs read-only (including the PEI core itself);
> 
> - managing memory permissions after temporary RAM migration;
> 
> - reorganizing the X64 PEI flow with respect to page table allocation;
> 
> - managing the dispatch order of the PEIM producing the PPI in relation
> 
>    to its consumers.
> 
> 
> 
> The current series specifies the PPI in patch #1, and wires it up into
> 
> DxeIpl to remap the DXE stack non-executable in a generic manner
> 
> (patches #2 and #3)
> 
> 
> 
> Patches #4 and #5 implement the PPI for ARM and AArch64.
> 
> 
> 
> Patch #6 switches ARM and AArch64 over to the generic DxeIpl.
> 
> 
> 
> Patch #7 cleans up the ARM implementation of the UEFI memory attributes
> 
> protocol, based on the improvements made in patch #4.
> 
> 
> 
> Changes since RFC (in addition to the above):
> 
> - update PPI protype to use attributes+mask instead of setmask+clearmask
> 
> - drop OVMF patch for RISC-V that has been applied in the meantime
> 
> 
> 
> Cc: Ray Ni <ray.ni@intel.com>
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> 
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> 
> Cc: Taylor Beebe <t@taylorbeebe.com>
> 
> Cc: Oliver Smith-Denny <osd@smith-denny.com>
> 
> Cc: Dandan Bi <dandan.bi@intel.com>
> 
> Cc: Dun Tan <dun.tan@intel.com>
> 
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> 
> Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>
> 
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> 
> Cc: Michael Kubacki <mikuback@linux.microsoft.com>
> 
> 
> 
> Ard Biesheuvel (7):
> 
>    MdeModulePkg: Define memory attribute PPI
> 
>    MdeModulePkg/DxeIpl: Merge EBC, RISCV64 and LOONGARCH code
> 
>    MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX
> 
>    ArmPkg/ArmMmuLib: Extend API to manage memory permissions better
> 
>    ArmPkg/CpuPei: Implement the memory attributes PPI
> 
>    MdeModulePkg/DxeIpl ARM AARCH64: Switch to generic handoff code
> 
>    ArmPkg/CpuDxe: Simplify memory attributes protocol implementation
> 
> 
> 
>   ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c                             |  2 +-
> 
>   ArmPkg/Drivers/CpuDxe/MemoryAttribute.c                          | 50 +----------
> 
>   ArmPkg/Drivers/CpuPei/CpuPei.c                                   | 76 +++++++++++++++++
> 
>   ArmPkg/Drivers/CpuPei/CpuPei.inf                                 |  4 +
> 
>   ArmPkg/Include/Library/ArmMmuLib.h                               | 36 +++++++-
> 
>   ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c                 | 52 +++++++++++-
> 
>   ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c                   | 88 +++++++++++++++++---
> 
>   ArmPkg/Library/OpteeLib/Optee.c                                  |  2 +-
> 
>   MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c                   | 71 ----------------
> 
>   MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c} | 31 ++++++-
> 
>   MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf                          | 24 ++----
> 
>   MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c           | 63 --------------
> 
>   MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c               | 75 -----------------
> 
>   MdeModulePkg/Include/Ppi/MemoryAttribute.h                       | 83 ++++++++++++++++++
> 
>   MdeModulePkg/MdeModulePkg.dec                                    |  3 +
> 
>   15 files changed, 366 insertions(+), 294 deletions(-)
> 
>   delete mode 100644 MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
> 
>   rename MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c} (62%)
> 
>   delete mode 100644 MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
> 
>   delete mode 100644 MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
> 
>   create mode 100644 MdeModulePkg/Include/Ppi/MemoryAttribute.h
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105824): https://edk2.groups.io/g/devel/message/105824
Mute This Topic: https://groups.io/mt/99288474/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

回复: [edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory attributes

Posted by gaoliming via groups.io 10 months, 1 week ago

For the changes in MdeModulePkg, Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>

> -----邮件原件-----
> 发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Michael
> Kubacki
> 发送时间: 2023年6月7日 7:13
> 收件人: Ard Biesheuvel <ardb@kernel.org>; devel@edk2.groups.io
> 抄送: Ray Ni <ray.ni@intel.com>; Jiewen Yao <jiewen.yao@intel.com>; Gerd
> Hoffmann <kraxel@redhat.com>; Taylor Beebe <t@taylorbeebe.com>; Oliver
> Smith-Denny <osd@smith-denny.com>; Dandan Bi <dandan.bi@intel.com>;
> Dun Tan <dun.tan@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>;
> Kinney, Michael D <michael.d.kinney@intel.com>; Leif Lindholm
> <quic_llindhol@quicinc.com>
> 主题: Re: [edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory
> attributes
> 
> Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
> 
> On 6/2/2023 11:17 AM, Ard Biesheuvel wrote:
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4468
> >
> >
> >
> > This is a followup to the RFC that I sent to the edk2-devel list on the
> >
> > 25th of May.
> >
> >
> >
> > In an attempt to make some incremental progress, this v2 only covers the
> >
> > NX remapping of the DXE stack in DxeIpl, using the newly introduced
> >
> > memory attributes PPI.
> >
> >
> >
> > Other use cases are deferred until we can converge on an approach that
> >
> > works across architectures and platforms. In particular, this means the
> >
> > following use cases:
> >
> > - mapping the DXE core code and data regions RO and XP, respectively;
> >
> > - mapping shadowed PEIMs read-only (including the PEI core itself);
> >
> > - managing memory permissions after temporary RAM migration;
> >
> > - reorganizing the X64 PEI flow with respect to page table allocation;
> >
> > - managing the dispatch order of the PEIM producing the PPI in relation
> >
> >    to its consumers.
> >
> >
> >
> > The current series specifies the PPI in patch #1, and wires it up into
> >
> > DxeIpl to remap the DXE stack non-executable in a generic manner
> >
> > (patches #2 and #3)
> >
> >
> >
> > Patches #4 and #5 implement the PPI for ARM and AArch64.
> >
> >
> >
> > Patch #6 switches ARM and AArch64 over to the generic DxeIpl.
> >
> >
> >
> > Patch #7 cleans up the ARM implementation of the UEFI memory attributes
> >
> > protocol, based on the improvements made in patch #4.
> >
> >
> >
> > Changes since RFC (in addition to the above):
> >
> > - update PPI protype to use attributes+mask instead of setmask+clearmask
> >
> > - drop OVMF patch for RISC-V that has been applied in the meantime
> >
> >
> >
> > Cc: Ray Ni <ray.ni@intel.com>
> >
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> >
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> >
> > Cc: Taylor Beebe <t@taylorbeebe.com>
> >
> > Cc: Oliver Smith-Denny <osd@smith-denny.com>
> >
> > Cc: Dandan Bi <dandan.bi@intel.com>
> >
> > Cc: Dun Tan <dun.tan@intel.com>
> >
> > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> >
> > Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>
> >
> > Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> >
> > Cc: Michael Kubacki <mikuback@linux.microsoft.com>
> >
> >
> >
> > Ard Biesheuvel (7):
> >
> >    MdeModulePkg: Define memory attribute PPI
> >
> >    MdeModulePkg/DxeIpl: Merge EBC, RISCV64 and LOONGARCH code
> >
> >    MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack
> NX
> >
> >    ArmPkg/ArmMmuLib: Extend API to manage memory permissions
> better
> >
> >    ArmPkg/CpuPei: Implement the memory attributes PPI
> >
> >    MdeModulePkg/DxeIpl ARM AARCH64: Switch to generic handoff code
> >
> >    ArmPkg/CpuDxe: Simplify memory attributes protocol implementation
> >
> >
> >
> >   ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c
> |  2 +-
> >
> >   ArmPkg/Drivers/CpuDxe/MemoryAttribute.c
> | 50 +----------
> >
> >   ArmPkg/Drivers/CpuPei/CpuPei.c
> | 76 +++++++++++++++++
> >
> >   ArmPkg/Drivers/CpuPei/CpuPei.inf
> |  4 +
> >
> >   ArmPkg/Include/Library/ArmMmuLib.h
> | 36 +++++++-
> >
> >   ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
> | 52 +++++++++++-
> >
> >   ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
> | 88 +++++++++++++++++---
> >
> >   ArmPkg/Library/OpteeLib/Optee.c
> |  2 +-
> >
> >   MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
> | 71 ----------------
> >
> >   MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c}
> | 31 ++++++-
> >
> >   MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> | 24 ++----
> >
> >   MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
> | 63 --------------
> >
> >   MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
> | 75 -----------------
> >
> >   MdeModulePkg/Include/Ppi/MemoryAttribute.h
> | 83 ++++++++++++++++++
> >
> >   MdeModulePkg/MdeModulePkg.dec
> |  3 +
> >
> >   15 files changed, 366 insertions(+), 294 deletions(-)
> >
> >   delete mode 100644
> MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
> >
> >   rename MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c =>
> DxeHandoff.c} (62%)
> >
> >   delete mode 100644
> MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
> >
> >   delete mode 100644
> MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
> >
> >   create mode 100644 MdeModulePkg/Include/Ppi/MemoryAttribute.h
> >
> >
> >
> 
> 
> 
> 





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106319): https://edk2.groups.io/g/devel/message/106319
Mute This Topic: https://groups.io/mt/99764102/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory attributes

Posted by Ard Biesheuvel 10 months, 1 week ago

On Sun, 25 Jun 2023 at 04:59, gaoliming via groups.io
<gaoliming=byosoft.com.cn@groups.io> wrote:
>
> For the changes in MdeModulePkg, Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
>


Merged as #4573

Thanks all.

> > -----邮件原件-----
> > 发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Michael
> > Kubacki
> > 发送时间: 2023年6月7日 7:13
> > 收件人: Ard Biesheuvel <ardb@kernel.org>; devel@edk2.groups.io
> > 抄送: Ray Ni <ray.ni@intel.com>; Jiewen Yao <jiewen.yao@intel.com>; Gerd
> > Hoffmann <kraxel@redhat.com>; Taylor Beebe <t@taylorbeebe.com>; Oliver
> > Smith-Denny <osd@smith-denny.com>; Dandan Bi <dandan.bi@intel.com>;
> > Dun Tan <dun.tan@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>;
> > Kinney, Michael D <michael.d.kinney@intel.com>; Leif Lindholm
> > <quic_llindhol@quicinc.com>
> > 主题: Re: [edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory
> > attributes
> >
> > Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
> >
> > On 6/2/2023 11:17 AM, Ard Biesheuvel wrote:
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4468
> > >
> > >
> > >
> > > This is a followup to the RFC that I sent to the edk2-devel list on the
> > >
> > > 25th of May.
> > >
> > >
> > >
> > > In an attempt to make some incremental progress, this v2 only covers the
> > >
> > > NX remapping of the DXE stack in DxeIpl, using the newly introduced
> > >
> > > memory attributes PPI.
> > >
> > >
> > >
> > > Other use cases are deferred until we can converge on an approach that
> > >
> > > works across architectures and platforms. In particular, this means the
> > >
> > > following use cases:
> > >
> > > - mapping the DXE core code and data regions RO and XP, respectively;
> > >
> > > - mapping shadowed PEIMs read-only (including the PEI core itself);
> > >
> > > - managing memory permissions after temporary RAM migration;
> > >
> > > - reorganizing the X64 PEI flow with respect to page table allocation;
> > >
> > > - managing the dispatch order of the PEIM producing the PPI in relation
> > >
> > >    to its consumers.
> > >
> > >
> > >
> > > The current series specifies the PPI in patch #1, and wires it up into
> > >
> > > DxeIpl to remap the DXE stack non-executable in a generic manner
> > >
> > > (patches #2 and #3)
> > >
> > >
> > >
> > > Patches #4 and #5 implement the PPI for ARM and AArch64.
> > >
> > >
> > >
> > > Patch #6 switches ARM and AArch64 over to the generic DxeIpl.
> > >
> > >
> > >
> > > Patch #7 cleans up the ARM implementation of the UEFI memory attributes
> > >
> > > protocol, based on the improvements made in patch #4.
> > >
> > >
> > >
> > > Changes since RFC (in addition to the above):
> > >
> > > - update PPI protype to use attributes+mask instead of setmask+clearmask
> > >
> > > - drop OVMF patch for RISC-V that has been applied in the meantime
> > >
> > >
> > >
> > > Cc: Ray Ni <ray.ni@intel.com>
> > >
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > >
> > > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > >
> > > Cc: Taylor Beebe <t@taylorbeebe.com>
> > >
> > > Cc: Oliver Smith-Denny <osd@smith-denny.com>
> > >
> > > Cc: Dandan Bi <dandan.bi@intel.com>
> > >
> > > Cc: Dun Tan <dun.tan@intel.com>
> > >
> > > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > >
> > > Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>
> > >
> > > Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> > >
> > > Cc: Michael Kubacki <mikuback@linux.microsoft.com>
> > >
> > >
> > >
> > > Ard Biesheuvel (7):
> > >
> > >    MdeModulePkg: Define memory attribute PPI
> > >
> > >    MdeModulePkg/DxeIpl: Merge EBC, RISCV64 and LOONGARCH code
> > >
> > >    MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack
> > NX
> > >
> > >    ArmPkg/ArmMmuLib: Extend API to manage memory permissions
> > better
> > >
> > >    ArmPkg/CpuPei: Implement the memory attributes PPI
> > >
> > >    MdeModulePkg/DxeIpl ARM AARCH64: Switch to generic handoff code
> > >
> > >    ArmPkg/CpuDxe: Simplify memory attributes protocol implementation
> > >
> > >
> > >
> > >   ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c
> > |  2 +-
> > >
> > >   ArmPkg/Drivers/CpuDxe/MemoryAttribute.c
> > | 50 +----------
> > >
> > >   ArmPkg/Drivers/CpuPei/CpuPei.c
> > | 76 +++++++++++++++++
> > >
> > >   ArmPkg/Drivers/CpuPei/CpuPei.inf
> > |  4 +
> > >
> > >   ArmPkg/Include/Library/ArmMmuLib.h
> > | 36 +++++++-
> > >
> > >   ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
> > | 52 +++++++++++-
> > >
> > >   ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c
> > | 88 +++++++++++++++++---
> > >
> > >   ArmPkg/Library/OpteeLib/Optee.c
> > |  2 +-
> > >
> > >   MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
> > | 71 ----------------
> > >
> > >   MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c}
> > | 31 ++++++-
> > >
> > >   MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> > | 24 ++----
> > >
> > >   MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
> > | 63 --------------
> > >
> > >   MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
> > | 75 -----------------
> > >
> > >   MdeModulePkg/Include/Ppi/MemoryAttribute.h
> > | 83 ++++++++++++++++++
> > >
> > >   MdeModulePkg/MdeModulePkg.dec
> > |  3 +
> > >
> > >   15 files changed, 366 insertions(+), 294 deletions(-)
> > >
> > >   delete mode 100644
> > MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
> > >
> > >   rename MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c =>
> > DxeHandoff.c} (62%)
> > >
> > >   delete mode 100644
> > MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
> > >
> > >   delete mode 100644
> > MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
> > >
> > >   create mode 100644 MdeModulePkg/Include/Ppi/MemoryAttribute.h
> > >
> > >
> > >
> >
> >
> >
> >
>
>
>
>
>
> 
>
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106356): https://edk2.groups.io/g/devel/message/106356
Mute This Topic: https://groups.io/mt/99784153/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v2 0/7] Add PPI to manage PEI phase memory attributes

Posted by Oliver Smith-Denny 10 months, 3 weeks ago

Hi Ard,

This makes sense to me to get in as we discuss other elements
of the memory protection story.

For the patchset:

Reviewed-by: Oliver Smith-Denny <osde@linux.microsoft.com>

Thanks!

On 6/2/2023 8:17 AM, Ard Biesheuvel wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4468
> 
> 
> 
> This is a followup to the RFC that I sent to the edk2-devel list on the
> 
> 25th of May.
> 
> 
> 
> In an attempt to make some incremental progress, this v2 only covers the
> 
> NX remapping of the DXE stack in DxeIpl, using the newly introduced
> 
> memory attributes PPI.
> 
> 
> 
> Other use cases are deferred until we can converge on an approach that
> 
> works across architectures and platforms. In particular, this means the
> 
> following use cases:
> 
> - mapping the DXE core code and data regions RO and XP, respectively;
> 
> - mapping shadowed PEIMs read-only (including the PEI core itself);
> 
> - managing memory permissions after temporary RAM migration;
> 
> - reorganizing the X64 PEI flow with respect to page table allocation;
> 
> - managing the dispatch order of the PEIM producing the PPI in relation
> 
>    to its consumers.
> 
> 
> 
> The current series specifies the PPI in patch #1, and wires it up into
> 
> DxeIpl to remap the DXE stack non-executable in a generic manner
> 
> (patches #2 and #3)
> 
> 
> 
> Patches #4 and #5 implement the PPI for ARM and AArch64.
> 
> 
> 
> Patch #6 switches ARM and AArch64 over to the generic DxeIpl.
> 
> 
> 
> Patch #7 cleans up the ARM implementation of the UEFI memory attributes
> 
> protocol, based on the improvements made in patch #4.
> 
> 
> 
> Changes since RFC (in addition to the above):
> 
> - update PPI protype to use attributes+mask instead of setmask+clearmask
> 
> - drop OVMF patch for RISC-V that has been applied in the meantime
> 
> 
> 
> Cc: Ray Ni <ray.ni@intel.com>
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> 
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> 
> Cc: Taylor Beebe <t@taylorbeebe.com>
> 
> Cc: Oliver Smith-Denny <osd@smith-denny.com>
> 
> Cc: Dandan Bi <dandan.bi@intel.com>
> 
> Cc: Dun Tan <dun.tan@intel.com>
> 
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> 
> Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>
> 
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> 
> Cc: Michael Kubacki <mikuback@linux.microsoft.com>
> 
> 
> 
> Ard Biesheuvel (7):
> 
>    MdeModulePkg: Define memory attribute PPI
> 
>    MdeModulePkg/DxeIpl: Merge EBC, RISCV64 and LOONGARCH code
> 
>    MdeModulePkg/DxeIpl: Use memory attribute PPI to remap the stack NX
> 
>    ArmPkg/ArmMmuLib: Extend API to manage memory permissions better
> 
>    ArmPkg/CpuPei: Implement the memory attributes PPI
> 
>    MdeModulePkg/DxeIpl ARM AARCH64: Switch to generic handoff code
> 
>    ArmPkg/CpuDxe: Simplify memory attributes protocol implementation
> 
> 
> 
>   ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c                             |  2 +-
> 
>   ArmPkg/Drivers/CpuDxe/MemoryAttribute.c                          | 50 +----------
> 
>   ArmPkg/Drivers/CpuPei/CpuPei.c                                   | 76 +++++++++++++++++
> 
>   ArmPkg/Drivers/CpuPei/CpuPei.inf                                 |  4 +
> 
>   ArmPkg/Include/Library/ArmMmuLib.h                               | 36 +++++++-
> 
>   ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c                 | 52 +++++++++++-
> 
>   ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c                   | 88 +++++++++++++++++---
> 
>   ArmPkg/Library/OpteeLib/Optee.c                                  |  2 +-
> 
>   MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c                   | 71 ----------------
> 
>   MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c} | 31 ++++++-
> 
>   MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf                          | 24 ++----
> 
>   MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c           | 63 --------------
> 
>   MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c               | 75 -----------------
> 
>   MdeModulePkg/Include/Ppi/MemoryAttribute.h                       | 83 ++++++++++++++++++
> 
>   MdeModulePkg/MdeModulePkg.dec                                    |  3 +
> 
>   15 files changed, 366 insertions(+), 294 deletions(-)
> 
>   delete mode 100644 MdeModulePkg/Core/DxeIplPeim/Arm/DxeLoadFunc.c
> 
>   rename MdeModulePkg/Core/DxeIplPeim/{Ebc/DxeLoadFunc.c => DxeHandoff.c} (62%)
> 
>   delete mode 100644 MdeModulePkg/Core/DxeIplPeim/LoongArch64/DxeLoadFunc.c
> 
>   delete mode 100644 MdeModulePkg/Core/DxeIplPeim/RiscV64/DxeLoadFunc.c
> 
>   create mode 100644 MdeModulePkg/Include/Ppi/MemoryAttribute.h
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105807): https://edk2.groups.io/g/devel/message/105807
Mute This Topic: https://groups.io/mt/99288474/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-