From: Jiewen Yao <jiewen.yao@intel.com>
To: edk2-devel@lists.01.org
Cc: Leif Lindholm <leif.lindholm@linaro.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH V3 2/4] ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage
Date: Wed, 8 Feb 2017 23:20:30 -0800 [thread overview]
Message-ID: <1486624832-15736-3-git-send-email-jiewen.yao@intel.com> (raw)
In-Reply-To: <1486624832-15736-1-git-send-email-jiewen.yao@intel.com>
Current Arm CpuDxe driver uses EFI_MEMORY_WP for write protection,
according to UEFI spec, we should use EFI_MEMORY_RO for write protection.
The EFI_MEMORY_WP is the cache attribute instead of memory attribute.
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c | 3 ++-
ArmPkg/Drivers/CpuDxe/Arm/Mmu.c | 14 ++++++--------
ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c | 5 +++--
ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 3 ++-
4 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c
index d8bb419..15d5a81 100644
--- a/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c
+++ b/ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c
@@ -3,6 +3,7 @@
Copyright (c) 2009, Hewlett-Packard Company. All rights reserved.<BR>
Portions copyright (c) 2010, Apple Inc. All rights reserved.<BR>
Portions copyright (c) 2011-2013, ARM Ltd. All rights reserved.<BR>
+Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -224,7 +225,7 @@ EfiAttributeToArmAttribute (
ArmAttributes |= TT_AF;
// Determine protection attributes
- if (EfiAttributes & EFI_MEMORY_WP) {
+ if (EfiAttributes & EFI_MEMORY_RO) {
ArmAttributes |= TT_AP_RO_RO;
}
diff --git a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
index 14fc22d..6dcfba6 100644
--- a/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
+++ b/ArmPkg/Drivers/CpuDxe/Arm/Mmu.c
@@ -3,6 +3,7 @@
Copyright (c) 2009, Hewlett-Packard Company. All rights reserved.<BR>
Portions copyright (c) 2010, Apple Inc. All rights reserved.<BR>
Portions copyright (c) 2013, ARM Ltd. All rights reserved.<BR>
+Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -62,7 +63,7 @@ SectionToGcdAttributes (
// determine protection attributes
switch(SectionAttributes & TT_DESCRIPTOR_SECTION_AP_MASK) {
case TT_DESCRIPTOR_SECTION_AP_NO_NO: // no read, no write
- //*GcdAttributes |= EFI_MEMORY_WP | EFI_MEMORY_RP;
+ //*GcdAttributes |= EFI_MEMORY_RO | EFI_MEMORY_RP;
break;
case TT_DESCRIPTOR_SECTION_AP_RW_NO:
@@ -73,7 +74,7 @@ SectionToGcdAttributes (
// read only cases map to write-protect
case TT_DESCRIPTOR_SECTION_AP_RO_NO:
case TT_DESCRIPTOR_SECTION_AP_RO_RO:
- *GcdAttributes |= EFI_MEMORY_WP;
+ *GcdAttributes |= EFI_MEMORY_RO;
break;
default:
@@ -126,7 +127,7 @@ PageToGcdAttributes (
// determine protection attributes
switch(PageAttributes & TT_DESCRIPTOR_PAGE_AP_MASK) {
case TT_DESCRIPTOR_PAGE_AP_NO_NO: // no read, no write
- //*GcdAttributes |= EFI_MEMORY_WP | EFI_MEMORY_RP;
+ //*GcdAttributes |= EFI_MEMORY_RO | EFI_MEMORY_RP;
break;
case TT_DESCRIPTOR_PAGE_AP_RW_NO:
@@ -137,7 +138,7 @@ PageToGcdAttributes (
// read only cases map to write-protect
case TT_DESCRIPTOR_PAGE_AP_RO_NO:
case TT_DESCRIPTOR_PAGE_AP_RO_RO:
- *GcdAttributes |= EFI_MEMORY_WP;
+ *GcdAttributes |= EFI_MEMORY_RO;
break;
default:
@@ -730,9 +731,6 @@ EfiAttributeToArmAttribute (
ArmAttributes = TT_DESCRIPTOR_SECTION_CACHE_POLICY_WRITE_BACK_ALLOC; // TEX [2:0] = 001, C=1, B=1
break;
- case EFI_MEMORY_WP:
- case EFI_MEMORY_XP:
- case EFI_MEMORY_RP:
case EFI_MEMORY_UCE:
default:
// Cannot be implemented UEFI definition unclear for ARM
@@ -743,7 +741,7 @@ EfiAttributeToArmAttribute (
}
// Determine protection attributes
- if (EfiAttributes & EFI_MEMORY_WP) {
+ if (EfiAttributes & EFI_MEMORY_RO) {
ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RO_RO;
} else {
ArmAttributes |= TT_DESCRIPTOR_SECTION_AP_RW_RW;
diff --git a/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c b/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c
index 723604d..54d9b01 100644
--- a/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c
+++ b/ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c
@@ -1,6 +1,7 @@
/** @file
*
* Copyright (c) 2013, ARM Limited. All rights reserved.
+* Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
*
* This program and the accompanying materials
* are licensed and made available under the terms and conditions of the BSD License
@@ -236,7 +237,7 @@ CpuConvertPagesToUncachedVirtualAddress (
// be the PCI address. Code should always use the CPU address, and we will or in VirtualMask
// to that address.
//
- Status = SetMemoryAttributes (Address, Length, EFI_MEMORY_WP, 0);
+ Status = SetMemoryAttributes (Address, Length, EFI_MEMORY_RO, 0);
if (!EFI_ERROR (Status)) {
Status = SetMemoryAttributes (Address | VirtualMask, Length, EFI_MEMORY_UC, VirtualMask);
}
@@ -264,7 +265,7 @@ CpuReconvertPages (
//
// Unmap the aliased Address
//
- Status = SetMemoryAttributes (Address | VirtualMask, Length, EFI_MEMORY_WP, 0);
+ Status = SetMemoryAttributes (Address | VirtualMask, Length, EFI_MEMORY_RO, 0);
if (!EFI_ERROR (Status)) {
//
// Restore atttributes
diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
index 540069a..6aa970b 100644
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
@@ -3,6 +3,7 @@
*
* Copyright (c) 2011-2014, ARM Limited. All rights reserved.
* Copyright (c) 2016, Linaro Limited. All rights reserved.
+* Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
*
* This program and the accompanying materials
* are licensed and made available under the terms and conditions of the BSD License
@@ -89,7 +90,7 @@ PageAttributeToGcdAttribute (
// Determine protection attributes
if (((PageAttributes & TT_AP_MASK) == TT_AP_NO_RO) || ((PageAttributes & TT_AP_MASK) == TT_AP_RO_RO)) {
// Read only cases map to write-protect
- GcdAttributes |= EFI_MEMORY_WP;
+ GcdAttributes |= EFI_MEMORY_RO;
}
// Process eXecute Never attribute
--
2.7.4.windows.1
next prev parent reply other threads:[~2017-02-09 7:20 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-09 7:20 [PATCH V3 0/4] DXE Memory Protection Jiewen Yao
2017-02-09 7:20 ` [PATCH V3 1/4] UefiCpuPkg/CpuDxe: Add memory attribute setting Jiewen Yao
2017-02-09 7:20 ` Jiewen Yao [this message]
2017-02-09 7:20 ` [PATCH V3 3/4] MdeModulePkg/dec: add PcdImageProtectionPolicy Jiewen Yao
2017-02-09 7:20 ` [PATCH V3 4/4] MdeModulePkg/DxeCore: Add UEFI image protection Jiewen Yao
2017-02-09 7:43 ` [PATCH V3 0/4] DXE Memory Protection Yao, Jiewen
2017-02-09 8:49 ` Ard Biesheuvel
2017-02-09 9:09 ` Ard Biesheuvel
2017-02-09 9:22 ` Ard Biesheuvel
2017-02-09 13:19 ` Yao, Jiewen
2017-02-09 13:51 ` Ard Biesheuvel
2017-02-09 14:08 ` Yao, Jiewen
2017-02-09 14:55 ` Ard Biesheuvel
2017-02-09 15:27 ` Yao, Jiewen
2017-02-09 15:28 ` Ard Biesheuvel
2017-02-09 16:21 ` Ard Biesheuvel
2017-02-09 16:29 ` Yao, Jiewen
2017-02-09 16:30 ` Ard Biesheuvel
2017-02-09 16:48 ` Ard Biesheuvel
2017-02-10 2:26 ` Yao, Jiewen
2017-02-10 6:34 ` Ard Biesheuvel
2017-02-10 6:41 ` Ard Biesheuvel
2017-02-10 11:32 ` Yao, Jiewen
2017-02-10 11:42 ` Ard Biesheuvel
2017-02-10 12:59 ` Yao, Jiewen
2017-02-10 14:16 ` Ard Biesheuvel
2017-02-09 14:23 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1486624832-15736-3-git-send-email-jiewen.yao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox