From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+109450+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id BEA7174004E
	for <rebecca@openfw.io>; Mon,  9 Oct 2023 10:00:14 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=7q6lEfrSbTiSWcIDXNgppbEETJFGxvJ2FyIqkRAKFG8=;
 c=relaxed/simple; d=groups.io;
 h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1696845613; v=1;
 b=XMVgeOtiI2RCQPsIO+NvCd3vOuadrIpIcqxZredMSnmfAWtl1ju1yDfBr7jiAqPcPA3SY6nS
 BeltF4loswySoQ+fyGbEINKEPD/GVp21E996BauxsjmMLPoLJHQvACO54SLUeo65fFDdvoosKD9
 XNktPg7st2QbaNgnYOOuP2tg=
X-Received: by 127.0.0.2 with SMTP id zzBvYY7687511xRSDCaowBqU; Mon, 09 Oct 2023 03:00:13 -0700
X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by mx.groups.io with SMTP id smtpd.web11.57533.1696845612500604314
 for <devel@edk2.groups.io>;
 Mon, 09 Oct 2023 03:00:12 -0700
X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73])
 by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-642-sanoJPdHMz2MBvEORZqnmQ-1; Mon, 09 Oct 2023 06:00:08 -0400
X-MC-Unique: sanoJPdHMz2MBvEORZqnmQ-1
X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C402829ABA02;
	Mon,  9 Oct 2023 10:00:07 +0000 (UTC)
X-Received: from [10.39.192.114] (unknown [10.39.192.114])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 64D6C140E962;
	Mon,  9 Oct 2023 10:00:06 +0000 (UTC)
Message-ID: <14c4402a-9de0-38cb-0a43-5edb765f942f@redhat.com>
Date: Mon, 9 Oct 2023 12:00:05 +0200
MIME-Version: 1.0
Subject: Re: [edk2-devel] [PATCH v5 24/28] ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib
To: devel@edk2.groups.io, taylor.d.beebe@gmail.com
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Leif Lindholm <quic_llindhol@quicinc.com>,
 Sami Mujawar <sami.mujawar@arm.com>, Gerd Hoffmann <kraxel@redhat.com>
References: <20231009000742.1792-1-taylor.d.beebe@gmail.com>
 <20231009000742.1792-25-taylor.d.beebe@gmail.com>
From: "Laszlo Ersek" <lersek@redhat.com>
In-Reply-To: <20231009000742.1792-25-taylor.d.beebe@gmail.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,lersek@redhat.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: Mc6uN0zC5k2u4qFfJK28i3fIx7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=XMVgeOti;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

On 10/9/23 02:07, Taylor Beebe wrote:
> Set the memory protections on Arm virtual platforms. Because
> the QemuFg parser is not currently available in ArmVirtPkg, use
> the GrubCompat profile by default.
>=20
> Signed-off-by: Taylor Beebe <taylor.d.beebe@gmail.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> ---
>  ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c   | 7 +++++++
>  ArmVirtPkg/ArmVirtPkg.dec                   | 7 +++++++
>  ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf | 3 +++
>  3 files changed, 17 insertions(+)
>=20
> diff --git a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c b/ArmVirtPkg/Memor=
yInitPei/MemoryInitPeim.c
> index ef88a9df1d62..aaf2af9abccf 100644
> --- a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c
> +++ b/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.c
> @@ -11,6 +11,7 @@
>  #include <Library/ArmPlatformLib.h>
>  #include <Library/DebugLib.h>
>  #include <Library/HobLib.h>
> +#include <Library/SetMemoryProtectionsLib.h>
>  #include <Library/PeimEntryPoint.h>
>  #include <Library/PeiServicesLib.h>
>  #include <Library/PcdLib.h>
> @@ -100,5 +101,11 @@ InitializeMemory (
>               );
>    ASSERT_EFI_ERROR (Status);
> =20
> +  ASSERT (FixedPcdGet8 (PcdDxeMemoryProtectionProfile) < DxeMemoryProtec=
tionSettingsMax);
> +  SetDxeMemoryProtectionSettings (
> +    NULL,
> +    (DXE_MEMORY_PROTECTION_PROFILE_INDEX)FixedPcdGet8 (PcdDxeMemoryProte=
ctionProfile)
> +    );
> +
>    return Status;
>  }
> diff --git a/ArmVirtPkg/ArmVirtPkg.dec b/ArmVirtPkg/ArmVirtPkg.dec
> index 4645c91a8375..d90e492fa56a 100644
> --- a/ArmVirtPkg/ArmVirtPkg.dec
> +++ b/ArmVirtPkg/ArmVirtPkg.dec
> @@ -67,3 +67,10 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
>    # Cloud Hypervisor has no other way to pass Rsdp address to the guest =
except use a PCD.
>    #
>    gArmVirtTokenSpaceGuid.PcdCloudHvAcpiRsdpBaseAddress|0x0|UINT64|0x0000=
0005
> +
> +  ##
> +  # This value will be used to determine the level of memory protection =
each boot.
> +  # See DXE_MEMORY_PROTECTION_PROFILE_INDEX in
> +  # MdeModulePkg/Include/Library/SetMemoryProtectionsLib.h for index def=
initions.
> +  #
> +  gArmVirtTokenSpaceGuid.PcdDxeMemoryProtectionProfile|0x3|UINT8|0x00000=
006
> diff --git a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf b/ArmVirtPkg/Mem=
oryInitPei/MemoryInitPeim.inf
> index 2039f71a0ebe..9cfd10bc44ef 100644
> --- a/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf
> +++ b/ArmVirtPkg/MemoryInitPei/MemoryInitPeim.inf
> @@ -26,6 +26,7 @@ [Packages]
>    EmbeddedPkg/EmbeddedPkg.dec
>    ArmPkg/ArmPkg.dec
>    ArmPlatformPkg/ArmPlatformPkg.dec
> +  ArmVirtPkg/ArmVirtPkg.dec
> =20
>  [LibraryClasses]
>    PeimEntryPoint
> @@ -34,6 +35,7 @@ [LibraryClasses]
>    ArmLib
>    ArmPlatformLib
>    MemoryInitPeiLib
> +  SetMemoryProtectionsLib
> =20
>  [Guids]
>    gEfiMemoryTypeInformationGuid
> @@ -44,6 +46,7 @@ [FeaturePcd]
>  [FixedPcd]
>    gArmTokenSpaceGuid.PcdSystemMemoryBase
>    gArmPlatformTokenSpaceGuid.PcdSystemMemoryUefiRegionSize
> +  gArmVirtTokenSpaceGuid.PcdDxeMemoryProtectionProfile
> =20
>    gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory
>    gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS

(1) I can't say whether setting the profile in MemoryInitPei is the
right (or optimal) place. For other reviewers to comment on.

(2) I think adding a dedicated PCD just for this seems overkill, but
then again I remember we want to allow platform builders to override
this simply with a --pcd option at build time, so it seems sensible.

(3) NB: are we sure this isn't needed for OVMF? (In which case the PCD
would be declared there, and ArmVirtPkg would consume it.) Because I
remember that even "nx stack" would break grub in some ancient debian
distro. Patch 23 ("OvmfPkg: Enable Choosing Memory Protection Profile
via QemuCfg") seems to default to the "release" profile. Just asking.

Thanks,
Laszlo



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109450): https://edk2.groups.io/g/devel/message/109450
Mute This Topic: https://groups.io/mt/101843368/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562=
12/xyzzy [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-