From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <leif.lindholm@linaro.org>
Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com
 [IPv6:2a00:1450:400c:c09::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id C451A80347
 for <edk2-devel@lists.01.org>; Tue,  7 Mar 2017 01:31:28 -0800 (PST)
Received: by mail-wm0-x232.google.com with SMTP id n11so85629564wma.0
 for <edk2-devel@lists.01.org>; Tue, 07 Mar 2017 01:31:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-disposition:in-reply-to:user-agent;
 bh=GFx6CiGrETM38zgqZ37X3nU3L11xVZi5H2gAmKsanT4=;
 b=LIFf74YGmMzRfjcdU+58DbSiB7SnE/nRdgAEezk4Qevn7YRm70EEmlEN4BhCuZH0IL
 DlbI4SWxDrhvEGVrNS3D9ZkjrtWpqiMjRGdOmkKAfGWkq7JfM14h5KQ7S85oJ2WXXy5n
 4jREyu9DwedONDb0zZRQIhvNuVIaRVSedJC/M=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to:user-agent;
 bh=GFx6CiGrETM38zgqZ37X3nU3L11xVZi5H2gAmKsanT4=;
 b=bXrUrCp1UQ8fHP8A/wmgCsmtn41uzGKXa/ao9r027mxVO0L3qDUQCr1RvYvgVMT2BC
 tVizaIzD827i83dUBSX1vT5d0yYslZAA+ldoQ437NTz3hrKGskJinPi1OhqvJM6v2Q13
 BOY1Hjcp9v1KqQ/MwJaj/UmERPZ9YbCbyLLo+nHsGDNTUg6A2947WjskHM0qqOYsjjkC
 43eBKcdIRJAztfYX8V/Iwb5bKyyP26S1HDIY/9xOEE0hQJd/KjM9nXoxCyq2tPzINpzA
 a5LbyDxBlRXZDA7R7RM4hRHzUtY23qy1Uj4+c5SHWW9RzfXtuqYnUlM8lbBz1oy/uAym
 tRqQ==
X-Gm-Message-State: AMke39llUNWWk6jCD7QzILMwdXzlQDZhhqOBKDMEpmotR4aksqrxkq9CHcFY1s3FD/eSoqN7
X-Received: by 10.28.191.24 with SMTP id p24mr17239992wmf.118.1488879087372;
 Tue, 07 Mar 2017 01:31:27 -0800 (PST)
Received: from bivouac.eciton.net (bivouac.eciton.net.
 [2a00:1098:0:86:1000:23:0:2])
 by smtp.gmail.com with ESMTPSA id 11sm30314218wrb.10.2017.03.07.01.31.26
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 07 Mar 2017 01:31:26 -0800 (PST)
Date: Tue, 7 Mar 2017 09:31:25 +0000
From: Leif Lindholm <leif.lindholm@linaro.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: edk2-devel@lists.01.org, lersek@redhat.com
Message-ID: <20170307093124.GG16034@bivouac.eciton.net>
References: <1488876125-24396-1-git-send-email-ard.biesheuvel@linaro.org>
 <1488876125-24396-4-git-send-email-ard.biesheuvel@linaro.org>
MIME-Version: 1.0
In-Reply-To: <1488876125-24396-4-git-send-email-ard.biesheuvel@linaro.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: Re: [PATCH v2 3/4] ArmPkg/ArmMmuLib ARM: implement memory permission control routines
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 09:31:29 -0000
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Tue, Mar 07, 2017 at 09:42:04AM +0100, Ard Biesheuvel wrote:
> Now that we have the prerequisite functionality available in ArmMmuLib,
> wire it up into ArmSetMemoryRegionNoExec, ArmClearMemoryRegionNoExec,
> ArmSetMemoryRegionReadOnly and ArmClearMemoryRegionReadOnly. This is
> used by the non-executable stack feature that is configured by DxeIpl.
> 
> NOTE: The current implementation will not combine RO and XP attributes,
>       i.e., setting/clearing a region no-exec will unconditionally
>       clear the read-only attribute, and vice versa. Currently, we
>       only use ArmSetMemoryRegionNoExec(), so for now, we should be
>       able to live with this.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>

> ---
>  ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c | 10 ++++++----
>  1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
> index 351b6c03a42c..b02f6d7fc590 100644
> --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
> +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibCore.c
> @@ -37,6 +37,8 @@
>  #define ID_MMFR0_SHR_IMP_HW_COHERENT   1
>  #define ID_MMFR0_SHR_IGNORED         0xf
>  
> +#define __EFI_MEMORY_RWX               0    // no restrictions
> +
>  #define CACHE_ATTRIBUTE_MASK   (EFI_MEMORY_UC | \
>                                  EFI_MEMORY_WC | \
>                                  EFI_MEMORY_WT | \
> @@ -797,7 +799,7 @@ ArmSetMemoryRegionNoExec (
>    IN  UINT64                    Length
>    )
>  {
> -  return EFI_UNSUPPORTED;
> +  return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_XP);
>  }
>  
>  EFI_STATUS
> @@ -806,7 +808,7 @@ ArmClearMemoryRegionNoExec (
>    IN  UINT64                    Length
>    )
>  {
> -  return EFI_UNSUPPORTED;
> +  return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX);
>  }
>  
>  EFI_STATUS
> @@ -815,7 +817,7 @@ ArmSetMemoryRegionReadOnly (
>    IN  UINT64                    Length
>    )
>  {
> -  return EFI_UNSUPPORTED;
> +  return ArmSetMemoryAttributes (BaseAddress, Length, EFI_MEMORY_RO);
>  }
>  
>  EFI_STATUS
> @@ -824,7 +826,7 @@ ArmClearMemoryRegionReadOnly (
>    IN  UINT64                    Length
>    )
>  {
> -  return EFI_UNSUPPORTED;
> +  return ArmSetMemoryAttributes (BaseAddress, Length, __EFI_MEMORY_RWX);
>  }
>  
>  RETURN_STATUS
> -- 
> 2.7.4
>