public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: edk2-devel@lists.01.org, leif.lindholm@linaro.org, jiewen.yao@intel.com
Cc: feng.tian@intel.com, michael.d.kinney@intel.com,
	jeff.fan@intel.com, star.zeng@intel.com,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH 0/4] ArmPkg: add groundwork for DXE image protection
Date: Thu,  9 Feb 2017 17:38:07 +0000	[thread overview]
Message-ID: <1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org> (raw)

The upcoming DXE image protection feature expects the EFI_CPU_ARCH_PROTOCOL
method SetMemoryAttributes() to deal with invocations that only modify
permission attributes, but leave the cacheability attributes alone. This
requires some groundwork to be performed in the MMU code for ARM.

Patch #1 is Jiewen's patch to retire EFI_MEMORY_WP, which is no longer
used as a permission attribute.

Patch #2 updates EfiAttributeToArmAttribute () so it can deal with
unspecified caching modes.

Patch #3 makes ARM deal with EFI_CPU_ARCH_PROTOCOL.SetMemoryAttributes()
calls that do not specify memory attributes. On ARM, we don't have code
that manages the permission bits in the page tables, so this does little
more than ignore such attributes.

Patch #4 implements the handling for AARCH64 to manage the permissions
bits without touching or caring about the memory type attributes.

Ard Biesheuvel (3):
  ArmPkg/CpuDxe: translate invalid memory types in
    EfiAttributeToArmAttribute
  ArmPkg/CpuDxe: ARM: ignore page table updates that only change
    permissions
  ArmPkg/ArmMmuLib: AARCH64: add support for modifying only permissions

Jiewen Yao (1):
  ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage

 ArmPkg/Drivers/CpuDxe/AArch64/Mmu.c              |  7 +-
 ArmPkg/Drivers/CpuDxe/Arm/Mmu.c                  | 24 ++++---
 ArmPkg/Drivers/CpuDxe/CpuMmuCommon.c             |  5 +-
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 76 +++++++++++++++-----
 4 files changed, 77 insertions(+), 35 deletions(-)

-- 
2.7.4



             reply	other threads:[~2017-02-09 17:38 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-09 17:38 Ard Biesheuvel [this message]
2017-02-09 17:38 ` [PATCH 1/4] ArmPkg/CpuDxe: Correct EFI_MEMORY_RO usage Ard Biesheuvel
2017-02-10 18:17   ` Leif Lindholm
2017-02-10 18:25     ` Ard Biesheuvel
2017-02-10 19:36       ` Leif Lindholm
2017-02-09 17:38 ` [PATCH 2/4] ArmPkg/CpuDxe: translate invalid memory types in EfiAttributeToArmAttribute Ard Biesheuvel
2017-02-10 17:54   ` Leif Lindholm
2017-02-10 17:56     ` Ard Biesheuvel
2017-02-09 17:38 ` [PATCH 3/4] ArmPkg/CpuDxe: ARM: ignore page table updates that only change permissions Ard Biesheuvel
2017-02-10 17:59   ` Leif Lindholm
2017-02-09 17:38 ` [PATCH 4/4] ArmPkg/ArmMmuLib: AARCH64: add support for modifying only permissions Ard Biesheuvel
2017-02-10 18:16   ` Leif Lindholm
2017-02-10 18:23     ` Ard Biesheuvel
2017-02-11 14:35       ` Leif Lindholm

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1486661891-7888-1-git-send-email-ard.biesheuvel@linaro.org \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox