From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by mx.groups.io with SMTP id smtpd.web11.5468.1602300936840535726 for ; Fri, 09 Oct 2020 20:35:37 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: byosoft.com.cn, ip: 58.240.74.242, mailfrom: gaoliming@byosoft.com.cn) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Sat, 10 Oct 2020 11:35:14 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: , , , "'Rothman, Michael A'" Cc: "'Kinney, Michael D'" , "'Wang, Jian J'" , "'Wu, Hao A'" , "'Bi, Dandan'" , "'Liu, Zhiguang'" , "'Oleksiy Yakovlev'" , "'Ard Biesheuvel'" References: <20200924102132.18248-1-jacek.kukiello@intel.com> <002901d69319$81bb4e90$8531ebb0$@byosoft.com.cn> <001701d695fd$bdda8e90$398fabb0$@byosoft.com.cn> <163A2DF5FC986A3A.27356@groups.io> <163C48FE4529CC02.8231@groups.io> In-Reply-To: <163C48FE4529CC02.8231@groups.io> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYyIDAvMl0gVUVGSSBtZW1tYXAgd29ya2Fyb3VuZCBmb3IgaGlkaW5nIHBhZ2UtYWNjZXNzIGNhcHMgZnJvbSBPU2VzIGhpZGVzIFNQIGFuZCBDUllQVE8gY2FwcyB0b28=?= Date: Sat, 10 Oct 2020 11:35:17 +0800 Message-ID: <003a01d69eb6$5fd74bf0$1f85e3d0$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQHcicKlPZH/q0j0Rqncj8bjKuqHdANkaUxkAcpRO78DNjxa5QIlYKZ9AW5ho4oCKx1spKkTOmMg Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn Meg: Pull Request is created https://github.com/tianocore/edk2/pull/999 Thanks Liming > -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6----- > =E5=8F=91=E4=BB=B6=E4=BA=BA: bounce+27952+66058+4905953+8761045@groups.i= o > =E4=BB=A3=E8=A1=A8 gaolim= ing > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2020=E5=B9=B410=E6=9C=889=E6=97=A5= 17:30 > =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io; jacek.kukiello@intel.= com; 'Rothman, Michael > A' > =E6=8A=84=E9=80=81: 'Kinney, Michael D' ; 'W= ang, Jian J' > ; 'Wu, Hao A' ; 'Bi, Dandan' > ; 'Liu, Zhiguang' ; 'Oleksi= y > Yakovlev' ; 'Ard Biesheuvel' > =E4=B8=BB=E9=A2=98: =E5=9B=9E=E5=A4=8D: [edk2-devel] [PATCH v2 0/2] UEFI= memmap workaround for > hiding page-access caps from OSes hides SP and CRYPTO caps too >=20 > Meg: > Thanks for your detail information. I understand this problem now. > I agree your patch to revert the change introduced by previous > 3bd5c994c879f78e8e3d5346dc3b627f199291aa. >=20 > Reviewed-by: Liming Gao >=20 > If no other comments, I will merge this patch set tomorrow. >=20 > Thanks > Liming > > -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6----- > > =E5=8F=91=E4=BB=B6=E4=BA=BA: bounce+27952+66053+4905953+8761045@groups= .io > > =E4=BB=A3=E8=A1=A8 Malg= orzata > > Kukiello > > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2020=E5=B9=B410=E6=9C=889=E6=97= =A5 14:01 > > =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io; Kukiello, Malgorzat= a > > ; gaoliming@byosoft.com.cn; Rothman, Michael > A > > > > =E6=8A=84=E9=80=81: Kinney, Michael D ; Wa= ng, Jian J > > ; Wu, Hao A ; Bi, Dandan > > ; Liu, Zhiguang ; 'Oleksi= y > > Yakovlev' ; 'Ard Biesheuvel' > > > =E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v2 0/2] UEFI memmap workar= ound for > hiding > > page-access caps from OSes hides SP and CRYPTO caps too > > > > Liming, > > Any update/comment? It's pretty urgent from my perspective. > > Thanks > > Meg > > > > -----Original Message----- > > From: devel@edk2.groups.io On Behalf Of > > Malgorzata Kukiello > > Sent: Friday, October 2, 2020 2:52 PM > > To: devel@edk2.groups.io; gaoliming@byosoft.com.cn; Rothman, Michael A > > > > Cc: Kinney, Michael D ; Wang, Jian J > > ; Wu, Hao A ; Bi, Dandan > > ; Liu, Zhiguang ; 'Oleksi= y > > Yakovlev' ; 'Ard Biesheuvel' > > > Subject: Re: [edk2-devel] [PATCH v2 0/2] UEFI memmap workaround for > > hiding page-access caps from OSes hides SP and CRYPTO caps too > > > > Liming, > > I am trying to enable a crypto technology, that requires handling on t= he OS > > side (implemented in the kernel.org patch), generally speaking I mark = in > > memory map all regions that can be encrypted using the before mentione= d > > tech. Then OS checks that attribute and decides whether or not to enab= le > > that. > > So the real problem is that currently all my attributes are overwritte= n and > > cleared. > > Thanks > > Meg > > > > -----Original Message----- > > From: devel@edk2.groups.io On Behalf Of > gaoliming > > Sent: Tuesday, September 29, 2020 3:13 AM > > To: devel@edk2.groups.io; Kukiello, Malgorzata ; > > Rothman, Michael A > > Cc: Kinney, Michael D ; Wang, Jian J > > ; Wu, Hao A ; Bi, Dandan > > ; Liu, Zhiguang ; 'Oleksi= y > > Yakovlev' ; 'Ard Biesheuvel' > > > Subject: =E5=9B=9E=E5=A4=8D: [edk2-devel] [PATCH v2 0/2] UEFI memmap w= orkaround for > > hiding page-access caps from OSes hides SP and CRYPTO caps too > > > > Meg: > > What real problem do you meet with? What purpose is for this change? > And, > > I also include UEFI Arch Rothman. > > > > Rothman: > > Can you help clarify what OS (Windows or Linux) behavior is expected= for > > UEFI SP and CRYPTO memory attribute? > > > > Thanks > > Liming > > > -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6----- > > > =E5=8F=91=E4=BB=B6=E4=BA=BA: bounce+27952+65683+4905953+8761045@grou= ps.io > > > =E4=BB=A3=E8=A1=A8 > Malgorzata > > Kukiello > > > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2020=E5=B9=B49=E6=9C=8828=E6= =97=A5 23:39 > > > =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io; gaoliming@byosoft= .com.cn > > > =E6=8A=84=E9=80=81: Kinney, Michael D ; = Wang, Jian J > > > ; Wu, Hao A ; Bi, Dandan > > > ; Liu, Zhiguang ; > > > 'Oleksiy Yakovlev' ; 'Ard Biesheuvel' > > > > > > =E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v2 0/2] UEFI memmap work= around for > > hiding > > > page-access caps from OSes hides SP and CRYPTO caps too > > > > > > Liming, > > > As for mktme there is a change commited: > > > https://patchwork.kernel.org/patch/10935909/ > > > As for SP I can't find anything specific. > > > Thanks > > > Meg > > > > > > -----Original Message----- > > > From: devel@edk2.groups.io On Behalf Of > > > gaoliming > > > Sent: Friday, September 25, 2020 10:55 AM > > > To: devel@edk2.groups.io; Kukiello, Malgorzata > > > > > > Cc: Kinney, Michael D ; Wang, Jian J > > > ; Wu, Hao A ; Bi, Dandan > > > ; Liu, Zhiguang ; > > > 'Oleksiy Yakovlev' ; 'Ard Biesheuvel' > > > > > > Subject: =E5=9B=9E=E5=A4=8D: [edk2-devel] [PATCH v2 0/2] UEFI memmap= workaround > for > > > hiding page-access caps from OSes hides SP and CRYPTO caps too > > > > > > Malgorzata: > > > How do know OS (Windows or Linux) behavior for SP and CRYPTO > > attribute? > > > Is there the public document to describe this behavior? > > > > > > Thanks > > > Liming > > > > -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6----- > > > > =E5=8F=91=E4=BB=B6=E4=BA=BA: bounce+27952+65566+4905953+8761045@gr= oups.io > > > > =E4=BB=A3=E8=A1=A8 > > Malgorzata > > > Kukiello > > > > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2020=E5=B9=B49=E6=9C=8824=E6= = =97=A5 18:22 > > > > =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io > > > > =E6=8A=84=E9=80=81: Malgorzata Kukiello = ; Michael D > Kinney > > > > ; Jian J Wang ; > > > > Hao A Wu ; Dandan Bi ; > > > > Liming Gao ; Zhiguang Liu > > > > ; Oleksiy Yakovlev ; Ard > > > > Biesheuvel > > > > =E4=B8=BB=E9=A2=98: [edk2-devel] [PATCH v2 0/2] UEFI memmap workar= ound for > hiding > > > > page-access caps from OSes hides SP and CRYPTO caps too > > > > > > > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D2982 > > > > > > > > The workaround in the UEFI memmap construction, near the end of th= e > > > > function CoreGetMemoryMap() > [MdeModulePkg/Core/Dxe/Mem/Page.c] > > > > should > > > > not clear the SP and CRYPTO bits, because OSes do (apparently) > > > > correctly interpret SP and CRYPTO as capabilities, and not as > > > > currently set attributes (upon which the OSes should set their pag= e > > > > tables). For this reason, the SP and CRYPTO bits should be separat= ed > > > > from the bitmask that we use for hiding the page-access attributes= , > > > > in the workaround > > > > > > > > Signed-off-by: Malgorzata Kukiello > > > > Cc: Michael D Kinney > > > > Cc: Jian J Wang > > > > Cc: Hao A Wu > > > > Cc: Dandan Bi > > > > Cc: Liming Gao > > > > Cc: Zhiguang Liu > > > > Cc: Oleksiy Yakovlev > > > > Cc: Ard Biesheuvel (ARM address) > > > > > > > > MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ > > > > MdePkg/Include/Uefi/UefiSpec.h | 3 ++- > > > > 2 files changed, 8 insertions(+), 7 deletions(-) > > > > ------------------------------------------------------------------= -- > > > > - > > > > Intel Technology Poland sp. z o.o. > > > > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII > > > > Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > > > > 957-07-52-316 > > > > | Kapita zakadowy 200.000 PLN. > > > > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego > > > > adresata i moe zawiera informacje poufne. W razie przypadkowego > > > > otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz > trwae > > > > jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest > > zabronione. > > > > This e-mail and any attachments may contain confidential material > > > > for the sole use of the intended recipient(s). If you are not the > > > > intended > > > recipient, > > > > please contact the sender and delete all copies; any review or > > > distribution by > > > > others is strictly prohibited. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------= - > > > Intel Technology Poland sp. z o.o. > > > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII > > > Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > > > 957-07-52-316 | Kapita zakadowy 200.000 PLN. > > > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresa= ta > > > i moe zawiera informacje poufne. W razie przypadkowego otrzymania te= j > > > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > > > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > > > This e-mail and any attachments may contain confidential material fo= r > > > the sole use of the intended recipient(s). If you are not the intend= ed > > > recipient, please contact the sender and delete all copies; any revi= ew > > > or distribution by others is strictly prohibited. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > Intel Technology Poland sp. z o.o. > > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzi= a > > Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > 957-07-52-316 > > | Kapita zakadowy 200.000 PLN. > > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata= i > > moe zawiera informacje poufne. W razie przypadkowego otrzymania tej > > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > > This e-mail and any attachments may contain confidential material for = the > > sole use of the intended recipient(s). If you are not the intended rec= ipient, > > please contact the sender and delete all copies; any review or distrib= ution > by > > others is strictly prohibited. > > > > > > > > > > > > > > --------------------------------------------------------------------- > > Intel Technology Poland sp. z o.o. > > ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzi= a > > Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP > 957-07-52-316 > > | Kapita zakadowy 200.000 PLN. > > Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata= i > > moe zawiera informacje poufne. W razie przypadkowego otrzymania tej > > wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; > > jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. > > This e-mail and any attachments may contain confidential material for = the > > sole use of the intended recipient(s). If you are not the intended rec= ipient, > > please contact the sender and delete all copies; any review or distrib= ution > by > > others is strictly prohibited. > > > > > > > > > > >=20 >=20 >=20 >=20 >=20 >=20 >=20