From patchwork Thu Feb 9 17:38:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93758 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp114729qgi; Thu, 9 Feb 2017 09:38:30 -0800 (PST) X-Received: by 10.99.109.143 with SMTP id i137mr5326327pgc.11.1486661909994; Thu, 09 Feb 2017 09:38:29 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id b129si10644052pfg.145.2017.02.09.09.38.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Feb 2017 09:38:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 883E581FEC; Thu, 9 Feb 2017 09:38:29 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wr0-x22e.google.com (mail-wr0-x22e.google.com [IPv6:2a00:1450:400c:c0c::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id DC83681F6D for ; Thu, 9 Feb 2017 09:38:27 -0800 (PST) Received: by mail-wr0-x22e.google.com with SMTP id k90so88604752wrc.3 for ; Thu, 09 Feb 2017 09:38:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=DsrVRsjq0/Os7AplhB5N1+04bHxA8G+XBHWGjSIuNsY=; b=jGb1r9jpBTNROzdOBaoH0mvbO4imQa573ax0sItkeGwN/LFy7VoDl8bDQRbrGvu+xx gfLffbwSrSQxwdffrUUr8p+G4zQRqU8DD6CVl+Zm0t1/2Z3/qbio65wIBhZZCPBCnG12 I66zel8fG/urhnj+WpPdITYdw8KJg0kjFnNBI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=DsrVRsjq0/Os7AplhB5N1+04bHxA8G+XBHWGjSIuNsY=; b=NF4XGp2aoEwlkLwwnc+NxQBsh6mrPs1iXy97bP52E4M0RCqL/pL/a5NogvGU3kMSTE bo4elTXGOGNUoiTv/FiQzjmt9s+JWVc2O1sGJ3SdXoxfuuJNVXY8QaMwuxAdgQ6gJGX6 HSJjFwzPRpeet14LRyJkkVxrF7zNfUApnX+EhhPzULjm9+GOP8HwfcSyWEoTcgBei1gs BRVhF3b/uFvZKaILLyQpAN27A5KoDzeNeUHJAIso19azqiVS7FNSDQDND2ZnWURy9isK WjWI//D4gtl3+Rb7WM28WJkYmK1G5KpvZ132wJWv8fPPL8IbLxIj4WnARxjsR+7H2w6w WUpQ== X-Gm-Message-State: AMke39lYrbrKdFK6hDxssR5Uf/NSFAacoA4T7dGOKgBanFw5MhN7dZUfY4dOMxW04IgDEi+n X-Received: by 10.223.164.207 with SMTP id h15mr3849372wrb.142.1486661906323; Thu, 09 Feb 2017 09:38:26 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id p49sm19530786wrb.10.2017.02.09.09.38.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 09 Feb 2017 09:38:25 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, leif.lindholm@linaro.org, jiewen.yao@intel.com Date: Thu, 9 Feb 2017 17:38:08 +0000 Message-Id: <1486661891-7888-2-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH 1/4] ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: michael.d.kinney@intel.com, feng.tian@intel.com, jeff.fan@intel.com, star.zeng@intel.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" From: Jiewen Yao Current Arm CpuDxe driver uses EFI_MEMORY_WP for write protection, according to UEFI spec, we should use EFI_MEMORY_RO for write protection. The EFI_MEMORY_WP is the cache attribute instead of memory attribute. Cc: Leif Lindholm Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 3 ++- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 14 ++++++-------- ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c | 5 +++-- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 3 ++- 4 files changed, 13 insertions(+), 12 deletions(-) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Leif Lindholm diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c index d8bb41978066..15d5a8173233 100644 --- a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c @@ -3,6 +3,7 @@ Copyright (c) 2009, Hewlett-Packard Company. All rights reserved.
Portions copyright (c) 2010, Apple Inc. All rights reserved.
Portions copyright (c) 2011-2013, ARM Ltd. All rights reserved.
+Copyright (c) 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -224,7 +225,7 @@ EfiAttributeToArmAttribute ( ArmAttributes |= TT_AF; // Determine protection attributes - if (EfiAttributes & EFI_MEMORY_WP) { + if (EfiAttributes & EFI_MEMORY_RO) { ArmAttributes |= TT_AP_RO_RO; } diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c index 14fc22d7a59f..6dcfba69e879 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -3,6 +3,7 @@ Copyright (c) 2009, Hewlett-Packard Company. All rights reserved.
Portions copyright (c) 2010, Apple Inc. All rights reserved.
Portions copyright (c) 2013, ARM Ltd. All rights reserved.
+Copyright (c) 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -62,7 +63,7 @@ SectionToGcdAttributes ( // determine protection attributes switch(SectionAttributes & TT_DESCRIPTOR_SECTION_AP_MASK) { case TT_DESCRIPTOR_SECTION_AP_NO_NO: // no read, no write - //*GcdAttributes |= EFI_MEMORY_WP | EFI_MEMORY_RP; + //*GcdAttributes |= EFI_MEMORY_RO | EFI_MEMORY_RP; break; case TT_DESCRIPTOR_SECTION_AP_RW_NO: @@ -73,7 +74,7 @@ SectionToGcdAttributes ( // read only cases map to write-protect case TT_DESCRIPTOR_SECTION_AP_RO_NO: case TT_DESCRIPTOR_SECTION_AP_RO_RO: - *GcdAttributes |= EFI_MEMORY_WP; + *GcdAttributes |= EFI_MEMORY_RO; break; default: @@ -126,7 +127,7 @@ PageToGcdAttributes ( // determine protection attributes switch(PageAttributes & TT_DESCRIPTOR_PAGE_AP_MASK) { case TT_DESCRIPTOR_PAGE_AP_NO_NO: // no read, no write - //*GcdAttributes |= EFI_MEMORY_WP | EFI_MEMORY_RP; + //*GcdAttributes |= EFI_MEMORY_RO | EFI_MEMORY_RP; break; case TT_DESCRIPTOR_PAGE_AP_RW_NO: @@ -137,7 +138,7 @@ PageToGcdAttributes ( // read only cases map to write-protect case TT_DESCRIPTOR_PAGE_AP_RO_NO: case TT_DESCRIPTOR_PAGE_AP_RO_RO: - *GcdAttributes |= EFI_MEMORY_WP; + *GcdAttributes |= EFI_MEMORY_RO; break; default: @@ -730,9 +731,6 @@ EfiAttributeToArmAttribute ( ArmAttributes = TT_DESCRIPTOR_SECTION_CACHE_POLICY_WRITE_BACK_ALLOC; // TEX [2:0] = 001, C=1, B=1 break; - case EFI_MEMORY_WP: - case EFI_MEMORY_XP: - case EFI_MEMORY_RP: case EFI_MEMORY_UCE: default: // Cannot be implemented UEFI definition unclear for ARM @@ -743,7 +741,7 @@ EfiAttributeToArmAttribute ( } // Determine protection attributes - if (EfiAttributes & EFI_MEMORY_WP) { + if (EfiAttributes & EFI_MEMORY_RO) { ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RO_RO; } else { ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RW_RW; diff --git a/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c b/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c index 723604d1df96..54d9b0163331 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c +++ b/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c @@ -1,6 +1,7 @@ /** @file * * Copyright (c) 2013, ARM Limited. All rights reserved. +* Copyright (c) 2017, Intel Corporation. All rights reserved.
* * This program and the accompanying materials * are licensed and made available under the terms and conditions of the BSD License @@ -236,7 +237,7 @@ CpuConvertPagesToUncachedVirtualAddress ( // be the PCI address. Code should always use the CPU address, and we will or in VirtualMask // to that address. // - Status = SetMemoryAttributes (Address, Length, EFI_MEMORY_WP, 0); + Status = SetMemoryAttributes (Address, Length, EFI_MEMORY_RO, 0); if (!EFI_ERROR (Status)) { Status = SetMemoryAttributes (Address | VirtualMask, Length, EFI_MEMORY_UC, VirtualMask); } @@ -264,7 +265,7 @@ CpuReconvertPages ( // // Unmap the aliased Address // - Status = SetMemoryAttributes (Address | VirtualMask, Length, EFI_MEMORY_WP, 0); + Status = SetMemoryAttributes (Address | VirtualMask, Length, EFI_MEMORY_RO, 0); if (!EFI_ERROR (Status)) { // // Restore atttributes diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index 540069a59b2e..6aa970bc0514 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -3,6 +3,7 @@ * * Copyright (c) 2011-2014, ARM Limited. All rights reserved. * Copyright (c) 2016, Linaro Limited. All rights reserved. +* Copyright (c) 2017, Intel Corporation. All rights reserved.
* * This program and the accompanying materials * are licensed and made available under the terms and conditions of the BSD License @@ -89,7 +90,7 @@ PageAttributeToGcdAttribute ( // Determine protection attributes if (((PageAttributes & TT_AP_MASK) == TT_AP_NO_RO) || ((PageAttributes & TT_AP_MASK) == TT_AP_RO_RO)) { // Read only cases map to write-protect - GcdAttributes |= EFI_MEMORY_WP; + GcdAttributes |= EFI_MEMORY_RO; } // Process eXecute Never attribute From patchwork Thu Feb 9 17:38:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93759 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp114743qgi; Thu, 9 Feb 2017 09:38:32 -0800 (PST) X-Received: by 10.84.248.11 with SMTP id p11mr5631467pll.72.1486661912162; Thu, 09 Feb 2017 09:38:32 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id t25si10605905pgo.353.2017.02.09.09.38.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Feb 2017 09:38:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id BA59681FF7; Thu, 9 Feb 2017 09:38:31 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B718981FF7 for ; Thu, 9 Feb 2017 09:38:29 -0800 (PST) Received: by mail-wm0-x235.google.com with SMTP id v77so26676453wmv.0 for ; Thu, 09 Feb 2017 09:38:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=C7MyAVGHImQtQ8bJQJ1Mw8WfLuTPyFcdFkKD3ny+GNM=; b=G0K/3LdmnzvBLgrtJYVgd8azgG28Lq5DQJM5R5iwduMOHja3U2ZduKOHEUbC73RUoQ pYrnbaro1lNHo7Gay/3krtu/jxPiYKf18zCmescQglN8mmSCveL4BFGrQVKUMCEoeRw6 MHoe8aBfa9SuDwioHWL9uFalkF8xbTgN709Ow= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=C7MyAVGHImQtQ8bJQJ1Mw8WfLuTPyFcdFkKD3ny+GNM=; b=F/qEHuj4AzeN/rBfTuSjsnVAmG1pA/WRqPFpps+wvLZ6nd3Hbl3AxmDAMS7edj7obG ++IIV/SydAfsehcp5IxQJCDPq3ZQU1sFZZ/wrQPL2H45nthgUWvIYlzaYqEKhTQKwoHn T9ax+MDr5TwLlcRf1aAiMvCUw+vRoc4/JU5/bMwZrh7DD0flx2xE9iHoIIJY0F08fDih ojUnDMA9mHOQiUIk43cylJMkqS2NF2TaA+4lOZpZf32ZruERh1XzkcVhJAOFli0QHMtE jhDeUekBnGq7/T/wTG33JIKvtT7EwHCNdIwC1hc8V2zL1nCYkUcw8SavcV/vLI/2bpoo nFWQ== X-Gm-Message-State: AMke39mWxlWQbe3WeiTqRzMDw0YGXIsC9tKWnpB3te1DEgMpY3ulJhpPp2pJm0jbfHIJrZ6/ X-Received: by 10.28.178.16 with SMTP id b16mr25607598wmf.83.1486661908352; Thu, 09 Feb 2017 09:38:28 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id p49sm19530786wrb.10.2017.02.09.09.38.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 09 Feb 2017 09:38:27 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, leif.lindholm@linaro.org, jiewen.yao@intel.com Date: Thu, 9 Feb 2017 17:38:09 +0000 Message-Id: <1486661891-7888-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH 2/4] ArmPkg/CpuDxe: translate invalid memory types in EfiAttributeToArmAttribute X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: michael.d.kinney@intel.com, feng.tian@intel.com, jeff.fan@intel.com, star.zeng@intel.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" The single user of EfiAttributeToArmAttribute () is the protocol method EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes(), which uses the return value to compare against the ARM attributes of an existing mapping, to infer whether it is actually necessary to change anything, or whether the requested update is redundant. This saves some cache and TLB maintenance on 32-bit ARM systems that use uncached translation tables. However, EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes() may be invoked with only permission bits set, in which case the implied requested action is to update the permissions of the region without modifying the cacheability attributes. This is currently not possible, because EfiAttributeToArmAttribute () ASSERT()s [on AArch64] on Attributes arguments that lack a cacheability bit. So let's simply return TT_ATTR_INDX_INVALID (AArch64) or TT_DESCRIPTOR_SECTION_TYPE_FAULT (ARM) in these cases (or'ed with the appropriate permission bits). This way, the return value is equally suitable for checking whether the attributes need to be modified, but in a way that accommodates the use without a cacheability bit set. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 4 +--- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 3 --- 2 files changed, 1 insertion(+), 6 deletions(-) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c index 15d5a8173233..7688846e70cb 100644 --- a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c @@ -216,9 +216,7 @@ EfiAttributeToArmAttribute ( ArmAttributes = TT_ATTR_INDX_MEMORY_WRITE_BACK; break; default: - DEBUG ((EFI_D_ERROR, "EfiAttributeToArmAttribute: 0x%lX attributes is not supported.\n", EfiAttributes)); - ASSERT (0); - ArmAttributes = TT_ATTR_INDX_DEVICE_MEMORY; + ArmAttributes = TT_ATTR_INDX_MASK; } // Set the access flag to match the block attributes diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c index 6dcfba69e879..b6ba975b353a 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -733,10 +733,7 @@ EfiAttributeToArmAttribute ( case EFI_MEMORY_UCE: default: - // Cannot be implemented UEFI definition unclear for ARM - // Cause a page fault if these ranges are accessed. ArmAttributes = TT_DESCRIPTOR_SECTION_TYPE_FAULT; - DEBUG ((EFI_D_PAGE, "SetMemoryAttributes(): Unsupported attribute %x will page fault on access\n", EfiAttributes)); break; } From patchwork Thu Feb 9 17:38:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93760 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp114755qgi; Thu, 9 Feb 2017 09:38:34 -0800 (PST) X-Received: by 10.98.102.196 with SMTP id s65mr4955663pfj.137.1486661914527; Thu, 09 Feb 2017 09:38:34 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id 35si10612903pgx.238.2017.02.09.09.38.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Feb 2017 09:38:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id EFD8E81FFB; Thu, 9 Feb 2017 09:38:33 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wr0-x22b.google.com (mail-wr0-x22b.google.com [IPv6:2a00:1450:400c:c0c::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C046281FFB for ; Thu, 9 Feb 2017 09:38:31 -0800 (PST) Received: by mail-wr0-x22b.google.com with SMTP id k90so88606062wrc.3 for ; Thu, 09 Feb 2017 09:38:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=9eVjZ13EEuxccdTzIKv7cVNyuRkk/74EnZjy0bKKUnc=; b=BRcsfAoiyk8d8UOzjgn8K4zsZjf4tTKox+UYaEEGZbjvBOji/BDPBa1sr6HVlVrswU xEG32KSTVnXJbLajRdzTc6UNeOxzpqPtnS765VATdzda5Eg+ESG0SGoNiztgVCivWbyM XLpvRe5coI61gNxkzxIQnQYPXnTX4XJps1awc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=9eVjZ13EEuxccdTzIKv7cVNyuRkk/74EnZjy0bKKUnc=; b=WNu7HHSh4Qxr3wUdpynxZKbMkP2MCotb8rh2hQa5aP4SKEnisSK9MQxnE4YAu0kWso gGPuzYoDIgbAw38APuWsvth6Hx+Ff0g/KGVOxksmOdx1OyCqMsb3nIK55qL0mqt4eP/s HEVnOLIooFyMdFAHSSaE9OQT3P2laR//OxAAfwNZjrB96cyqkGX9KhqOvDirlioZsEXW Yun9La2QNaIINEcAja2/coE/RtH7gYq1Bccqnfo5ca8ojO3U7nvfmDYfUv4gNzGcpkVR f0ZunJq2wX93pflV1CsqGCDsFEZNYm1+noCjrhhJ33rLh+ne3v4Omw9HyuzQuGI6vAL7 lNSg== X-Gm-Message-State: AMke39newioSDyEtluWIwGdyFOYXWEPxks9FWFIa3G6WUKp0daBtZeaV232BCsasMKK5jIkc X-Received: by 10.223.172.136 with SMTP id o8mr3939672wrc.76.1486661910416; Thu, 09 Feb 2017 09:38:30 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id p49sm19530786wrb.10.2017.02.09.09.38.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 09 Feb 2017 09:38:29 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, leif.lindholm@linaro.org, jiewen.yao@intel.com Date: Thu, 9 Feb 2017 17:38:10 +0000 Message-Id: <1486661891-7888-4-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH 3/4] ArmPkg/CpuDxe: ARM: ignore page table updates that only change permissions X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: michael.d.kinney@intel.com, feng.tian@intel.com, jeff.fan@intel.com, star.zeng@intel.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Currently, we have not implemented support on 32-bit ARM for managing permission bits in the page tables. Since the new DXE page protection for PE/COFF images may invoke EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes() with only permission attributes set, let's simply ignore those for now. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 7 +++++++ 1 file changed, 7 insertions(+) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Leif Lindholm diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c index b6ba975b353a..89e429925ba9 100644 --- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c +++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c @@ -680,6 +680,13 @@ SetMemoryAttributes ( { EFI_STATUS Status; + // + // Ignore invocations that only modify permission bits + // + if ((Attributes & EFI_MEMORY_CACHETYPE_MASK) == 0) { + return EFI_SUCCESS; + } + if(((BaseAddress & 0xFFFFF) == 0) && ((Length & 0xFFFFF) == 0)) { // Is the base and length a multiple of 1 MB? DEBUG ((EFI_D_PAGE, "SetMemoryAttributes(): MMU section 0x%x length 0x%x to %lx\n", (UINTN)BaseAddress, (UINTN)Length, Attributes)); From patchwork Thu Feb 9 17:38:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93761 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp114772qgi; Thu, 9 Feb 2017 09:38:36 -0800 (PST) X-Received: by 10.98.19.145 with SMTP id 17mr5025232pft.26.1486661916587; Thu, 09 Feb 2017 09:38:36 -0800 (PST) Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id y19si10651915pgj.37.2017.02.09.09.38.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Feb 2017 09:38:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 2CC5D82007; Thu, 9 Feb 2017 09:38:36 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 23E6482007 for ; Thu, 9 Feb 2017 09:38:34 -0800 (PST) Received: by mail-wm0-x235.google.com with SMTP id v77so26678091wmv.0 for ; Thu, 09 Feb 2017 09:38:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HMVvVAeoGCU0B5PKtUAEJ91azzWCePUIyogHNAtEr3Y=; b=Fr/FQYp6m1l25MwtKzeo0sMZPM6HIxvuI6I/VHxSRXdIoneMl2VuFPqkDSB05nkbW0 LRk5wfojnxEGW7tc255tVvaJL3gosOJhQAT1IAaRQlkXNrAo2NggKk+iwAC098GdNvrS 4wk4VtuqWfq8GfjGFs6EfuTpCWx9o2WTecT40= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HMVvVAeoGCU0B5PKtUAEJ91azzWCePUIyogHNAtEr3Y=; b=eaC86JS7s3Pivv1oS/MrQoxRySXXaCoF4tZENyxzKVEd8UaS06J0fOz5iJPeRbHQ57 Vr8UrCs+AlP5o6uR9hAcwR0yNlcvSESk/lULpl/XC+Y+pP3T/+ZZWr8LaNUpJ7QTwaAQ r8ZQ0jWCrrb93137FyBUH5RQ3z8YNxVMkiWzQC+yQCzkoL6Vd+qa6zKBoOpQXGdqY6QB QB2g8/WTIT3Ki4tb0+YqldKpZ7wzzoftmMMFVnYqXpPNaVlK44hHgM4HwvbkW7ITQJRe NXfTtF58aJSavYL3PWSURPjEzJhCk5qc4tD6FxQnkUeLjcwPBYyIxDFgOMFTymBuBTmP fvJg== X-Gm-Message-State: AMke39mv9k9E5kaSLp51E1U16mwU6+OzChX5YPdknKOtwcIWC2BRHul+WmDtDusu1iGzG78d X-Received: by 10.28.34.194 with SMTP id i185mr22806442wmi.118.1486661912730; Thu, 09 Feb 2017 09:38:32 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id p49sm19530786wrb.10.2017.02.09.09.38.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 09 Feb 2017 09:38:31 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org, leif.lindholm@linaro.org, jiewen.yao@intel.com Date: Thu, 9 Feb 2017 17:38:11 +0000 Message-Id: <1486661891-7888-5-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [edk2] [PATCH 4/4] ArmPkg/ArmMmuLib: AARCH64: add support for modifying only permissions X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: michael.d.kinney@intel.com, feng.tian@intel.com, jeff.fan@intel.com, star.zeng@intel.com, Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Since the new DXE page protection for PE/COFF images may invoke EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes() with only permission attributes set, add support for this in the AARCH64 MMU code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 73 +++++++++++++++----- 1 file changed, 56 insertions(+), 17 deletions(-) -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index 6aa970bc0514..764e54b5d747 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -28,6 +28,10 @@ // We use this index definition to define an invalid block entry #define TT_ATTR_INDX_INVALID ((UINT32)~0) +#define EFI_MEMORY_CACHETYPE_MASK (EFI_MEMORY_UC | EFI_MEMORY_WC | \ + EFI_MEMORY_WT | EFI_MEMORY_WB | \ + EFI_MEMORY_UCE) + STATIC UINT64 ArmMemoryAttributeToPageAttribute ( @@ -101,25 +105,46 @@ PageAttributeToGcdAttribute ( return GcdAttributes; } -ARM_MEMORY_REGION_ATTRIBUTES -GcdAttributeToArmAttribute ( +STATIC +UINT64 +GcdAttributeToPageAttribute ( IN UINT64 GcdAttributes ) { - switch (GcdAttributes & 0xFF) { + UINT64 PageAttributes; + + switch (GcdAttributes & EFI_MEMORY_CACHETYPE_MASK) { case EFI_MEMORY_UC: - return ARM_MEMORY_REGION_ATTRIBUTE_DEVICE; + PageAttributes = TT_ATTR_INDX_DEVICE_MEMORY; + break; case EFI_MEMORY_WC: - return ARM_MEMORY_REGION_ATTRIBUTE_UNCACHED_UNBUFFERED; + PageAttributes = TT_ATTR_INDX_MEMORY_NON_CACHEABLE; + break; case EFI_MEMORY_WT: - return ARM_MEMORY_REGION_ATTRIBUTE_WRITE_THROUGH; + PageAttributes = TT_ATTR_INDX_MEMORY_WRITE_THROUGH | TT_SH_INNER_SHAREABLE; + break; case EFI_MEMORY_WB: - return ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK; + PageAttributes = TT_ATTR_INDX_MEMORY_WRITE_BACK | TT_SH_INNER_SHAREABLE; + break; default: - DEBUG ((EFI_D_ERROR, "GcdAttributeToArmAttribute: 0x%lX attributes is not supported.\n", GcdAttributes)); - ASSERT (0); - return ARM_MEMORY_REGION_ATTRIBUTE_DEVICE; + PageAttributes = TT_ATTR_INDX_MASK; + break; } + + if ((GcdAttributes & EFI_MEMORY_XP) != 0 || + (GcdAttributes & EFI_MEMORY_CACHETYPE_MASK) == EFI_MEMORY_UC) { + if (ArmReadCurrentEL () == AARCH64_EL2) { + PageAttributes |= TT_XN_MASK; + } else { + PageAttributes |= TT_UXN_MASK | TT_PXN_MASK; + } + } + + if ((GcdAttributes & EFI_MEMORY_RO) != 0) { + PageAttributes |= TT_AP_RO_RO; + } + + return PageAttributes | TT_AF; } #define MIN_T0SZ 16 @@ -434,17 +459,31 @@ SetMemoryAttributes ( ) { RETURN_STATUS Status; - ARM_MEMORY_REGION_DESCRIPTOR MemoryRegion; UINT64 *TranslationTable; - - MemoryRegion.PhysicalBase = BaseAddress; - MemoryRegion.VirtualBase = BaseAddress; - MemoryRegion.Length = Length; - MemoryRegion.Attributes = GcdAttributeToArmAttribute (Attributes); + UINT64 PageAttributes; + UINT64 PageAttributeMask; + + PageAttributes = GcdAttributeToPageAttribute (Attributes); + PageAttributeMask = 0; + + if ((Attributes & EFI_MEMORY_CACHETYPE_MASK) == 0) { + // + // No memory type was set in Attributes, so we are going to update the + // permissions only. + // + PageAttributes &= TT_AP_MASK | TT_UXN_MASK | TT_PXN_MASK; + PageAttributeMask = ~(TT_ADDRESS_MASK_BLOCK_ENTRY | TT_AP_MASK | + TT_PXN_MASK | TT_XN_MASK); + } TranslationTable = ArmGetTTBR0BaseAddress (); - Status = FillTranslationTable (TranslationTable, &MemoryRegion); + Status = UpdateRegionMapping ( + TranslationTable, + BaseAddress, + Length, + PageAttributes, + PageAttributeMask); if (RETURN_ERROR (Status)) { return Status; }