From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id BEA7174004E for ; Mon, 9 Oct 2023 10:00:14 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=7q6lEfrSbTiSWcIDXNgppbEETJFGxvJ2FyIqkRAKFG8=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1696845613; v=1; b=XMVgeOtiI2RCQPsIO+NvCd3vOuadrIpIcqxZredMSnmfAWtl1ju1yDfBr7jiAqPcPA3SY6nS BeltF4loswySoQ+fyGbEINKEPD/GVp21E996BauxsjmMLPoLJHQvACO54SLUeo65fFDdvoosKD9 XNktPg7st2QbaNgnYOOuP2tg= X-Received: by 127.0.0.2 with SMTP id zzBvYY7687511xRSDCaowBqU; Mon, 09 Oct 2023 03:00:13 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.57533.1696845612500604314 for ; Mon, 09 Oct 2023 03:00:12 -0700 X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-642-sanoJPdHMz2MBvEORZqnmQ-1; Mon, 09 Oct 2023 06:00:08 -0400 X-MC-Unique: sanoJPdHMz2MBvEORZqnmQ-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C402829ABA02; Mon, 9 Oct 2023 10:00:07 +0000 (UTC) X-Received: from [10.39.192.114] (unknown [10.39.192.114]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 64D6C140E962; Mon, 9 Oct 2023 10:00:06 +0000 (UTC) Message-ID: <14c4402a-9de0-38cb-0a43-5edb765f942f@redhat.com> Date: Mon, 9 Oct 2023 12:00:05 +0200 MIME-Version: 1.0 Subject: Re: [edk2-devel] [PATCH v5 24/28] ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib To: devel@edk2.groups.io, taylor.d.beebe@gmail.com Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann References: <20231009000742.1792-1-taylor.d.beebe@gmail.com> <20231009000742.1792-25-taylor.d.beebe@gmail.com> From: "Laszlo Ersek" In-Reply-To: <20231009000742.1792-25-taylor.d.beebe@gmail.com> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Mc6uN0zC5k2u4qFfJK28i3fIx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=XMVgeOti; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On 10/9/23 02:07, Taylor Beebe wrote: > Set the memory protections on Arm virtual platforms. Because > the QemuFg parser is not currently available in ArmVirtPkg, use > the GrubCompat profile by default. >=20 > Signed-off-by: Taylor Beebe > Cc: Ard Biesheuvel > Cc: Leif Lindholm > Cc: Sami Mujawar > Cc: Gerd Hoffmann > --- > ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c | 7 +++++++ > ArmVirtPkg/ArmVirtPkg.dec | 7 +++++++ > ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf | 3 +++ > 3 files changed, 17 insertions(+) >=20 > diff --git a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c b/ArmVirtPkg/Memor= yInitPei/MemoryInitPeim.c > index ef88a9df1d62..aaf2af9abccf 100644 > --- a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c > +++ b/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c > @@ -11,6 +11,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -100,5 +101,11 @@ InitializeMemory ( > ); > ASSERT_EFI_ERROR (Status); > =20 > + ASSERT (FixedPcdGet8 (PcdDxeMemoryProtectionProfile) < DxeMemoryProtec= tionSettingsMax); > + SetDxeMemoryProtectionSettings ( > + NULL, > + (DXE_MEMORY_PROTECTION_PROFILE_INDEX)FixedPcdGet8 (PcdDxeMemoryProte= ctionProfile) > + ); > + > return Status; > } > diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec > index 4645c91a8375..d90e492fa56a 100644 > --- a/ArmVirtPkg/ArmVirtPkg.dec > +++ b/ArmVirtPkg/ArmVirtPkg.dec > @@ -67,3 +67,10 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] > # Cloud Hypervisor has no other way to pass Rsdp address to the guest = except use a PCD. > # > gArmVirtTokenSpaceGuid.PcdCloudHvAcpiRsdpBaseAddress|0x0|UINT64|0x0000= 0005 > + > + ## > + # This value will be used to determine the level of memory protection = each boot. > + # See DXE_MEMORY_PROTECTION_PROFILE_INDEX in > + # MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h for index def= initions. > + # > + gArmVirtTokenSpaceGuid.PcdDxeMemoryProtectionProfile|0x3|UINT8|0x00000= 006 > diff --git a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf b/ArmVirtPkg/Mem= oryInitPei/MemoryInitPeim.inf > index 2039f71a0ebe..9cfd10bc44ef 100644 > --- a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf > +++ b/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf > @@ -26,6 +26,7 @@ [Packages] > EmbeddedPkg/EmbeddedPkg.dec > ArmPkg/ArmPkg.dec > ArmPlatformPkg/ArmPlatformPkg.dec > + ArmVirtPkg/ArmVirtPkg.dec > =20 > [LibraryClasses] > PeimEntryPoint > @@ -34,6 +35,7 @@ [LibraryClasses] > ArmLib > ArmPlatformLib > MemoryInitPeiLib > + SetMemoryProtectionsLib > =20 > [Guids] > gEfiMemoryTypeInformationGuid > @@ -44,6 +46,7 @@ [FeaturePcd] > [FixedPcd] > gArmTokenSpaceGuid.PcdSystemMemoryBase > gArmPlatformTokenSpaceGuid.PcdSystemMemoryUefiRegionSize > + gArmVirtTokenSpaceGuid.PcdDxeMemoryProtectionProfile > =20 > gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory > gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS (1) I can't say whether setting the profile in MemoryInitPei is the right (or optimal) place. For other reviewers to comment on. (2) I think adding a dedicated PCD just for this seems overkill, but then again I remember we want to allow platform builders to override this simply with a --pcd option at build time, so it seems sensible. (3) NB: are we sure this isn't needed for OVMF? (In which case the PCD would be declared there, and ArmVirtPkg would consume it.) Because I remember that even "nx stack" would break grub in some ancient debian distro. Patch 23 ("OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg") seems to default to the "release" profile. Just asking. Thanks, Laszlo -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109450): https://edk2.groups.io/g/devel/message/109450 Mute This Topic: https://groups.io/mt/101843368/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562= 12/xyzzy [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-