From: Girish Pathak <girish.pathak@arm.com>
To: edk2-devel@lists.01.org
Cc: ard.biesheuvel@linaro.org, leif.lindholm@linaro.org,
Matteo.Carlini@arm.com, Stephanie.Hughes-Fitt@arm.com,
nd@arm.com, Arvind.Chauhan@arm.com, Daniil.Egranov@arm.com,
thomas.abraham@arm.com
Subject: [PATCH edk2-platforms v3 14/17] ARM/VExpressPkg: Set EFI_MEMORY_XP flag on GOP framebuffer
Date: Tue, 20 Mar 2018 16:18:20 +0000 [thread overview]
Message-ID: <20180320161823.54020-15-girish.pathak@arm.com> (raw)
In-Reply-To: <20180320161823.54020-1-girish.pathak@arm.com>
The framebuffer memory is set with flag
EFI_MEMORY_WC (uncached, unbuffered) which causes framebuffer memory
with eXecute bit set. Framebuffer memory having executable bit
set is a security hazard. This fix adds EFI_MEMORY_XP flag to avoid this.
Unfortunately function gDS->SetMemorySpaceAttributes() causes assertion due
to unsupported EFI_MEMORY_XP type. Therefore this fix replaces
gDS->SetMemorySpaceAttributes() with Cpu->SetMemoryAttributes().
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Girish Pathak <girish.pathak@arm.com>
Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
---
Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpress.c | 24 ++++++++++++++------
Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpressLib.inf | 1 -
Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpress.c | 24 ++++++++++++++------
Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpressLib.inf | 1 -
4 files changed, 34 insertions(+), 16 deletions(-)
diff --git a/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpress.c b/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpress.c
index c0a25a18d3fcfe91a76ee985ee58145b97900fa0..4c114de4062ece7cee1221148afb42e66d04f07e 100644
--- a/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpress.c
+++ b/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpress.c
@@ -17,11 +17,11 @@
#include <Library/ArmPlatformSysConfigLib.h>
#include <Library/PcdLib.h>
#include <Library/DebugLib.h>
-#include <Library/DxeServicesTableLib.h>
#include <Library/LcdPlatformLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h>
+#include <Protocol/Cpu.h>
#include <Protocol/EdidDiscovered.h>
#include <Protocol/EdidActive.h>
@@ -159,6 +159,7 @@ LcdPlatformGetVram (
{
EFI_STATUS Status;
EFI_ALLOCATE_TYPE AllocationType;
+ EFI_CPU_ARCH_PROTOCOL *Cpu;
ASSERT (VramBaseAddress != NULL);
ASSERT (VramSize != NULL);
@@ -185,13 +186,22 @@ LcdPlatformGetVram (
return Status;
}
- // Mark the VRAM as write-combining.
- // The VRAM is inside the DRAM, which is cacheable.
- Status = gDS->SetMemorySpaceAttributes (
- *VramBaseAddress,
- *VramSize,
- EFI_MEMORY_WC
+ // Ensure the Cpu architectural protocol is already installed
+ Status = gBS->LocateProtocol (
+ &gEfiCpuArchProtocolGuid,
+ NULL,
+ (VOID **)&Cpu
);
+ if (!EFI_ERROR (Status)) {
+ // The VRAM is inside the DRAM, which is cacheable.
+ // Mark the VRAM as write-combining (uncached) and non-executable.
+ Status = Cpu->SetMemoryAttributes (
+ Cpu,
+ *VramBaseAddress,
+ *VramSize,
+ EFI_MEMORY_WC | EFI_MEMORY_XP
+ );
+ }
if (EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
gBS->FreePages (*VramBaseAddress, EFI_SIZE_TO_PAGES (*VramSize));
diff --git a/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpressLib.inf b/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpressLib.inf
index 9b0d358846bf367d7f9ff6f5d3fdffc204864528..c7b1b7fae77cbbf82b3a0768e7654a96719f5e7a 100644
--- a/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpressLib.inf
+++ b/Platform/ARM/VExpressPkg/Library/HdLcdArmVExpressLib/HdLcdArmVExpressLib.inf
@@ -33,7 +33,6 @@ [Packages]
[LibraryClasses]
ArmPlatformSysConfigLib
BaseLib
- DxeServicesTableLib
[Protocols]
gEfiEdidDiscoveredProtocolGuid # Produced
diff --git a/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpress.c b/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpress.c
index 61ddf77e903e6c33a26b2aa8b76121e807195a9a..cae5f3a658efa4cc2be135259b63c860c26c6874 100644
--- a/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpress.c
+++ b/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpress.c
@@ -17,10 +17,10 @@
#include <Library/IoLib.h>
#include <Library/PcdLib.h>
#include <Library/DebugLib.h>
-#include <Library/DxeServicesTableLib.h>
#include <Library/LcdPlatformLib.h>
#include <Library/UefiBootServicesTableLib.h>
+#include <Protocol/Cpu.h>
#include <Protocol/EdidDiscovered.h>
#include <Protocol/EdidActive.h>
@@ -212,6 +212,7 @@ LcdPlatformGetVram (
)
{
EFI_STATUS Status;
+ EFI_CPU_ARCH_PROTOCOL *Cpu;
ASSERT (VramBaseAddress != NULL);
ASSERT (VramSize != NULL);
@@ -241,13 +242,22 @@ LcdPlatformGetVram (
return Status;
}
- // Mark the VRAM as write-combining.
- // The VRAM is inside the DRAM, which is cacheable.
- Status = gDS->SetMemorySpaceAttributes (
- *VramBaseAddress,
- *VramSize,
- EFI_MEMORY_WC
+ // Ensure the Cpu architectural protocol is already installed
+ Status = gBS->LocateProtocol (
+ &gEfiCpuArchProtocolGuid,
+ NULL,
+ (VOID **)&Cpu
);
+ if (!EFI_ERROR (Status)) {
+ // The VRAM is inside the DRAM, which is cacheable.
+ // Mark the VRAM as write-combining (uncached) and non-executable.
+ Status = Cpu->SetMemoryAttributes (
+ Cpu,
+ *VramBaseAddress,
+ *VramSize,
+ EFI_MEMORY_WC | EFI_MEMORY_XP
+ );
+ }
if (EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
gBS->FreePages (*VramBaseAddress, EFI_SIZE_TO_PAGES (*VramSize));
diff --git a/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpressLib.inf b/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpressLib.inf
index 2bf14f999e633a55abd572daaac1e80ae2e648eb..b1fa100def0dd774fec50cb04a638a89b95de575 100644
--- a/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpressLib.inf
+++ b/Platform/ARM/VExpressPkg/Library/PL111LcdArmVExpressLib/PL111LcdArmVExpressLib.inf
@@ -33,7 +33,6 @@ [Packages]
[LibraryClasses]
ArmPlatformSysConfigLib
BaseLib
- DxeServicesTableLib
[Protocols]
gEfiEdidDiscoveredProtocolGuid # Produced
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
next prev parent reply other threads:[~2018-03-20 16:12 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-20 16:18 [PATCH edk2-platforms v3 00/17] Update GOP Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 01/17] ARM/VExpressPkg: Fix MODULE_TYPE of HDLCD/PL111 platform libraries Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 02/17] ARM/VExpressPkg: Tidy HDLCD and PL11LCD platform Lib: Coding standard Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 03/17] ARM/VExpressPkg: Tidy HdLcd/PL111Lcd code: Updated comments Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 04/17] ARM/VExpressPkg: Remove unused PcdPL111LcdMaxMode from HDLCD inf Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 05/17] ARM/VExpressPkg: Add and update debug ASSERTS Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 06/17] ARM/VExpressPkg: PL111Lcd/HdLcd plaform libs: Minor code cleanup Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 07/17] ARM/VExpressPkg: PL111 and HDLCD: Use FixedPcdGet32 Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 08/17] ARM/VExpressPkg: HdLcdArmVExpressLib: Remove status check EFI_TIMEOUT Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 09/17] ARM/VExpressPkg: HdLcdArmVExpressLib: Remove redundant Bpp Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 10/17] ARM/VExpressPkg: Redefine LcdPlatformGetTimings function Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 11/17] ARM/VExpressPkg: PL111 and HDLCD: Add PCD to select pixel format Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 12/17] ARM/VExpressPkg: Allocate framebuffer using EfiRuntimeServicesData Girish Pathak
2018-03-21 3:37 ` Ard Biesheuvel
2018-03-21 11:07 ` Girish Pathak
2018-03-21 18:26 ` Ard Biesheuvel
2018-03-22 15:20 ` Evan Lloyd
2018-03-22 17:38 ` Ard Biesheuvel
2018-03-20 16:18 ` [PATCH edk2-platforms v3 13/17] ARM/VExpressPkg: Reserving framebuffer at build Girish Pathak
2018-03-20 16:18 ` Girish Pathak [this message]
2018-03-20 16:18 ` [PATCH edk2-platforms v3 15/17] ARM/VExpressPkg: New DP500/DP550/DP650 platform library Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 16/17] ARM/JunoPkg: Adding SCMI MTL library Girish Pathak
2018-03-20 16:18 ` [PATCH edk2-platforms v3 17/17] ARM/JunoPkg: Add HDLCD platform library Girish Pathak
2018-03-21 12:56 ` [PATCH edk2-platforms v3 00/17] Update GOP Evan Lloyd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180320161823.54020-15-girish.pathak@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox