From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 34B0980310 for ; Mon, 6 Mar 2017 08:11:57 -0800 (PST) Received: by mail-wm0-x22d.google.com with SMTP id n11so68063432wma.1 for ; Mon, 06 Mar 2017 08:11:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=nsv1ve5F7n0rXiIvcac+82rw99mIkmPf4ppeWtg7r+w=; b=UQDOmvLjYA4gnnnNBGp2wcYea+FMJuNV6mDew4UoHeo+76Yin7uLH8Q9N/iPMPESuk 0L+PCsXfwF4hgm3PCH2SzqaJsdDWIiUQh+1XUhHsPUTafGaEzgikGkpu5/wwcCw2zEbi MJPWfPLkeKvAqFDUHgHrZBQVd/+h6hDVTa05A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=nsv1ve5F7n0rXiIvcac+82rw99mIkmPf4ppeWtg7r+w=; b=tcrGOsY4ud25I+WORdwBLMOXjpGXu8Owb6O+JPbofMPV5MyUWv7fHYOTpzonasqSx0 4dAUxwwp4zOZT+TJpd2/BccH8CkHHBBw7k4tFaW3I78qoIDPg6oH2nFs35faUocH5kBQ xiJAGtgI2CREC+6IAx1T3e5GRC7Cr4GCRuUfASYxB2+l9QATFHqH3294cJrwjdhtpDpB 4KRxDzH0kZtSvsgLZiKUqh6lBx/j94zHqlZrKg1+OXqyMRm5ljQzhwmfH2G/hPD5A3AY 0ect+WX00xnkj32v3Kt5mdElVV7iub0Afe1/22W9LE6lK2Qw6qkfdC22drXWwqdFeBdd w6RQ== X-Gm-Message-State: AMke39nPgxNCi5SI7vt0w96+Y4kM3Q/Yg1/6b/eGDgMVhtmsSLAYujBEp9vK9/omB4OfXOlm X-Received: by 10.28.153.149 with SMTP id b143mr5476474wme.87.1488816715789; Mon, 06 Mar 2017 08:11:55 -0800 (PST) Received: from bivouac.eciton.net (bivouac.eciton.net. [2a00:1098:0:86:1000:23:0:2]) by smtp.gmail.com with ESMTPSA id k76sm26796889wrc.12.2017.03.06.08.11.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 08:11:55 -0800 (PST) Date: Mon, 6 Mar 2017 16:11:53 +0000 From: Leif Lindholm To: Ard Biesheuvel Cc: edk2-devel@lists.01.org, lersek@redhat.com Message-ID: <20170306161153.GZ16034@bivouac.eciton.net> References: <1488385903-30267-1-git-send-email-ard.biesheuvel@linaro.org> <1488385903-30267-5-git-send-email-ard.biesheuvel@linaro.org> MIME-Version: 1.0 In-Reply-To: <1488385903-30267-5-git-send-email-ard.biesheuvel@linaro.org> User-Agent: Mutt/1.5.23 (2014-03-12) Subject: Re: [PATCH 4/5] ArmPkg/ArmMmuLib ARM: implement memory permission control routines X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 16:11:57 -0000 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Mar 01, 2017 at 04:31:42PM +0000, Ard Biesheuvel wrote: > Now that we have the prerequisite functionality available in ArmMmuLib, > wire it up into ArmSetMemoryRegionNoExec, ArmClearMemoryRegionNoExec, > ArmSetMemoryRegionReadOnly and ArmClearMemoryRegionReadOnly. This is > used by the non-executable stack feature that is configured by DxeIpl. > > NOTE: The current implementation will not combine RO and XP attributes, > i.e., setting/clearing a region no-exec will unconditionally > clear the read-only attribute, and vice versa. Currently, we > only use ArmSetMemoryRegionNoExec(), so for now, we should be > able to live with this. > > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Ard Biesheuvel > --- > ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c > index 1112660b434e..55601328d93e 100644 > --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c > +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c > @@ -761,40 +761,40 @@ ArmSetMemoryAttributes ( > return Status; > } > > -RETURN_STATUS > +EFI_STATUS Could these RETURN_->EFI_ fixes be folded into 1/5 instead (if you've not already pushed it by the time you get here)? > ArmSetMemoryRegionNoExec ( > IN EFI_PHYSICAL_ADDRESS BaseAddress, > IN UINT64 Length > ) > { > - return RETURN_UNSUPPORTED; > + return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_XP); > } > > -RETURN_STATUS > +EFI_STATUS > ArmClearMemoryRegionNoExec ( > IN EFI_PHYSICAL_ADDRESS BaseAddress, > IN UINT64 Length > ) > { > - return RETURN_UNSUPPORTED; > + return ArmSetMemoryAttributes (BaseAddress, Length, 0); I'd be slightly happier if there was a #define for that 0, throughout. Alternatively, replace with a macro called ArmClearMemoryAttributes(). / Leif > } > > -RETURN_STATUS > +EFI_STATUS > ArmSetMemoryRegionReadOnly ( > IN EFI_PHYSICAL_ADDRESS BaseAddress, > IN UINT64 Length > ) > { > - return RETURN_UNSUPPORTED; > + return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO); > } > > -RETURN_STATUS > +EFI_STATUS > ArmClearMemoryRegionReadOnly ( > IN EFI_PHYSICAL_ADDRESS BaseAddress, > IN UINT64 Length > ) > { > - return RETURN_UNSUPPORTED; > + return ArmSetMemoryAttributes (BaseAddress, Length, 0); > } > > RETURN_STATUS > -- > 2.7.4 >