* [PATCH v2 0/2] ArmPkg/ArmMmuLib AARCH64: correctness fix @ 2020-03-25 11:38 Ard Biesheuvel 2020-03-25 11:38 ` [PATCH v2 1/2] ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types Ard Biesheuvel 2020-03-25 11:38 ` [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Ard Biesheuvel 0 siblings, 2 replies; 6+ messages in thread From: Ard Biesheuvel @ 2020-03-25 11:38 UTC (permalink / raw) To: devel; +Cc: Ard Biesheuvel, Laszlo Ersek, Leif Lindholm, Ashish Singhal The new ArmMmuLib code is easier to reason about, so that is what I did: currently, when we create mappings that cover existing table entries, we may end up overwriting those with block entries without taking the mapping attributes of the original table entries into account. So let's fix this. I honestly don't know whether the original code was better at dealing with this: I do remember some changes from Heyi that may have been related, but the old code is not easy to follow. In any case, I didn't manage to hit this case in practice, given that we typically start out with large mappings, and break them down later (to set permissions), rather than the other way around. Patch #1 adds some helpers to hide the insane way the type bits change meaning when you change to level 3. Patch #2 ensures that we only replace (and free) table entries with block entries if it is guaranteed that doing so will not lose any attribute information. Changes since v1: - zero newly allocated pages before splitting a block entry into a table entry, to avoid garbage in that page being misidentified as entry type attributes - this should fix the crash observed by Laszlo Cc: Laszlo Ersek <lersek@redhat.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Ashish Singhal <ashishsingha@nvidia.com> Ard Biesheuvel (2): ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry .../Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 65 ++++++++++++++++--- 1 file changed, 56 insertions(+), 9 deletions(-) -- 2.17.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2 1/2] ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types 2020-03-25 11:38 [PATCH v2 0/2] ArmPkg/ArmMmuLib AARCH64: correctness fix Ard Biesheuvel @ 2020-03-25 11:38 ` Ard Biesheuvel 2020-03-25 11:38 ` [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Ard Biesheuvel 1 sibling, 0 replies; 6+ messages in thread From: Ard Biesheuvel @ 2020-03-25 11:38 UTC (permalink / raw) To: devel; +Cc: Ard Biesheuvel, Laszlo Ersek, Leif Lindholm, Ashish Singhal Given how the meaning of the attribute bits for page table entry types is slightly awkward, and changes between levels, add some helpers to abstract from this. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Leif Lindholm <leif@nuviainc.com> --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 40 +++++++++++++++++--- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index a43d468b73ca..6f6ef5b05fbc 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -156,6 +156,36 @@ FreePageTablesRecursive ( FreePages (TranslationTable, 1); } +STATIC +BOOLEAN +IsBlockEntry ( + IN UINT64 Entry, + IN UINTN Level + ) +{ + if (Level == 3) { + return (Entry & TT_TYPE_MASK) == TT_TYPE_BLOCK_ENTRY_LEVEL3; + } + return (Entry & TT_TYPE_MASK) == TT_TYPE_BLOCK_ENTRY; +} + +STATIC +BOOLEAN +IsTableEntry ( + IN UINT64 Entry, + IN UINTN Level + ) +{ + if (Level == 3) { + // + // TT_TYPE_TABLE_ENTRY aliases TT_TYPE_BLOCK_ENTRY_LEVEL3 + // so we need to take the level into account as well. + // + return FALSE; + } + return (Entry & TT_TYPE_MASK) == TT_TYPE_TABLE_ENTRY; +} + STATIC EFI_STATUS UpdateRegionMappingRecursive ( @@ -197,7 +227,7 @@ UpdateRegionMappingRecursive ( if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0) { ASSERT (Level < 3); - if ((*Entry & TT_TYPE_MASK) != TT_TYPE_TABLE_ENTRY) { + if (!IsTableEntry (*Entry, Level)) { // // No table entry exists yet, so we need to allocate a page table // for the next level. @@ -215,7 +245,7 @@ UpdateRegionMappingRecursive ( InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); } - if ((*Entry & TT_TYPE_MASK) == TT_TYPE_BLOCK_ENTRY) { + if (IsBlockEntry (*Entry, Level)) { // // We are splitting an existing block entry, so we have to populate // the new table with the attributes of the block entry it replaces. @@ -246,7 +276,7 @@ UpdateRegionMappingRecursive ( AttributeSetMask, AttributeClearMask, TranslationTable, Level + 1); if (EFI_ERROR (Status)) { - if ((*Entry & TT_TYPE_MASK) != TT_TYPE_TABLE_ENTRY) { + if (!IsTableEntry (*Entry, Level)) { // // We are creating a new table entry, so on failure, we can free all // allocations we made recursively, given that the whole subhierarchy @@ -259,10 +289,10 @@ UpdateRegionMappingRecursive ( return Status; } - if ((*Entry & TT_TYPE_MASK) != TT_TYPE_TABLE_ENTRY) { + if (!IsTableEntry (*Entry, Level)) { EntryValue = (UINTN)TranslationTable | TT_TYPE_TABLE_ENTRY; ReplaceTableEntry (Entry, EntryValue, RegionStart, - (*Entry & TT_TYPE_MASK) == TT_TYPE_BLOCK_ENTRY); + IsBlockEntry (*Entry, Level)); } } else { EntryValue = (*Entry & AttributeClearMask) | AttributeSetMask; -- 2.17.1 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry 2020-03-25 11:38 [PATCH v2 0/2] ArmPkg/ArmMmuLib AARCH64: correctness fix Ard Biesheuvel 2020-03-25 11:38 ` [PATCH v2 1/2] ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types Ard Biesheuvel @ 2020-03-25 11:38 ` Ard Biesheuvel 2020-03-25 12:38 ` Leif Lindholm 2020-03-25 14:58 ` Ashish Singhal 1 sibling, 2 replies; 6+ messages in thread From: Ard Biesheuvel @ 2020-03-25 11:38 UTC (permalink / raw) To: devel; +Cc: Ard Biesheuvel, Laszlo Ersek, Leif Lindholm, Ashish Singhal Currently, depending on the size of the region being (re)mapped, the page table manipulation code may replace a table entry with a block entry, even if the existing table entry uses different mapping attributes to describe different parts of the region it covers. This is undesirable, and instead, we should avoid doing so unless we are disregarding the original attributes anyway. And if we make such a replacement, we should free all the page tables that have become orphaned in the process. So let's implement this, by taking the table entry path through the code for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index 6f6ef5b05fbc..488156e69057 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -223,8 +223,12 @@ UpdateRegionMappingRecursive ( // than a block, and recurse to create the block or page entries at // the next level. No block mappings are allowed at all at level 0, // so in that case, we have to recurse unconditionally. + // If we are changing a table entry and the AttributeClearMask is non-zero, + // we cannot replace it with a block entry without potentially losing + // attribute information, so keep the table entry in that case. // - if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0) { + if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0 || + (IsTableEntry (*Entry, Level) && AttributeClearMask != 0)) { ASSERT (Level < 3); if (!IsTableEntry (*Entry, Level)) { @@ -245,6 +249,8 @@ UpdateRegionMappingRecursive ( InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); } + ZeroMem (TranslationTable, EFI_PAGE_SIZE); + if (IsBlockEntry (*Entry, Level)) { // // We are splitting an existing block entry, so we have to populate @@ -262,8 +268,6 @@ UpdateRegionMappingRecursive ( FreePages (TranslationTable, 1); return Status; } - } else { - ZeroMem (TranslationTable, EFI_PAGE_SIZE); } } else { TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); @@ -300,7 +304,20 @@ UpdateRegionMappingRecursive ( EntryValue |= (Level == 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 : TT_TYPE_BLOCK_ENTRY; - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + if (IsTableEntry (*Entry, Level)) { + // + // We are replacing a table entry with a block entry. This is only + // possible if we are keeping none of the original attributes. + // We can free the table entry's page table, and all the ones below + // it, since we are dropping the only possible reference to it. + // + ASSERT (AttributeClearMask == 0); + TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); + FreePageTablesRecursive (TranslationTable); + } else { + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + } } } return EFI_SUCCESS; -- 2.17.1 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry 2020-03-25 11:38 ` [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Ard Biesheuvel @ 2020-03-25 12:38 ` Leif Lindholm 2020-03-25 14:47 ` Ard Biesheuvel 2020-03-25 14:58 ` Ashish Singhal 1 sibling, 1 reply; 6+ messages in thread From: Leif Lindholm @ 2020-03-25 12:38 UTC (permalink / raw) To: Ard Biesheuvel; +Cc: devel, Laszlo Ersek, Ashish Singhal On Wed, Mar 25, 2020 at 12:38:46 +0100, Ard Biesheuvel wrote: > Currently, depending on the size of the region being (re)mapped, the > page table manipulation code may replace a table entry with a block entry, > even if the existing table entry uses different mapping attributes to > describe different parts of the region it covers. This is undesirable, and > instead, we should avoid doing so unless we are disregarding the original > attributes anyway. And if we make such a replacement, we should free all > the page tables that have become orphaned in the process. > > So let's implement this, by taking the table entry path through the code > for block sized regions if a table entry already exists, and the clear > mask is set (which means we are preserving attributes from the existing > mapping). And when we do replace a table entry with a block entry, free > all the pages that are no longer referenced. > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> With Laszlo's Tested-by: Reviewed-by: Leif Lindholm <leif@nuviainc.com> > --- > ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++---- > 1 file changed, 21 insertions(+), 4 deletions(-) > > diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c > index 6f6ef5b05fbc..488156e69057 100644 > --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c > +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c > @@ -223,8 +223,12 @@ UpdateRegionMappingRecursive ( > // than a block, and recurse to create the block or page entries at > // the next level. No block mappings are allowed at all at level 0, > // so in that case, we have to recurse unconditionally. > + // If we are changing a table entry and the AttributeClearMask is non-zero, > + // we cannot replace it with a block entry without potentially losing > + // attribute information, so keep the table entry in that case. > // > - if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0) { > + if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0 || > + (IsTableEntry (*Entry, Level) && AttributeClearMask != 0)) { > ASSERT (Level < 3); > > if (!IsTableEntry (*Entry, Level)) { > @@ -245,6 +249,8 @@ UpdateRegionMappingRecursive ( > InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); > } > > + ZeroMem (TranslationTable, EFI_PAGE_SIZE); > + > if (IsBlockEntry (*Entry, Level)) { > // > // We are splitting an existing block entry, so we have to populate > @@ -262,8 +268,6 @@ UpdateRegionMappingRecursive ( > FreePages (TranslationTable, 1); > return Status; > } > - } else { > - ZeroMem (TranslationTable, EFI_PAGE_SIZE); > } > } else { > TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); > @@ -300,7 +304,20 @@ UpdateRegionMappingRecursive ( > EntryValue |= (Level == 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 > : TT_TYPE_BLOCK_ENTRY; > > - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); > + if (IsTableEntry (*Entry, Level)) { > + // > + // We are replacing a table entry with a block entry. This is only > + // possible if we are keeping none of the original attributes. > + // We can free the table entry's page table, and all the ones below > + // it, since we are dropping the only possible reference to it. > + // > + ASSERT (AttributeClearMask == 0); > + TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); > + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); > + FreePageTablesRecursive (TranslationTable); > + } else { > + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); > + } > } > } > return EFI_SUCCESS; > -- > 2.17.1 > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry 2020-03-25 12:38 ` Leif Lindholm @ 2020-03-25 14:47 ` Ard Biesheuvel 0 siblings, 0 replies; 6+ messages in thread From: Ard Biesheuvel @ 2020-03-25 14:47 UTC (permalink / raw) To: Leif Lindholm; +Cc: edk2-devel-groups-io, Laszlo Ersek, Ashish Singhal On Wed, 25 Mar 2020 at 13:38, Leif Lindholm <leif@nuviainc.com> wrote: > > On Wed, Mar 25, 2020 at 12:38:46 +0100, Ard Biesheuvel wrote: > > Currently, depending on the size of the region being (re)mapped, the > > page table manipulation code may replace a table entry with a block entry, > > even if the existing table entry uses different mapping attributes to > > describe different parts of the region it covers. This is undesirable, and > > instead, we should avoid doing so unless we are disregarding the original > > attributes anyway. And if we make such a replacement, we should free all > > the page tables that have become orphaned in the process. > > > > So let's implement this, by taking the table entry path through the code > > for block sized regions if a table entry already exists, and the clear > > mask is set (which means we are preserving attributes from the existing > > mapping). And when we do replace a table entry with a block entry, free > > all the pages that are no longer referenced. > > > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> > > With Laszlo's Tested-by: > Reviewed-by: Leif Lindholm <leif@nuviainc.com> > Thanks, but it is still not 100% correct. I'll send a v3 shortly. > > --- > > ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++---- > > 1 file changed, 21 insertions(+), 4 deletions(-) > > > > diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c > > index 6f6ef5b05fbc..488156e69057 100644 > > --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c > > +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c > > @@ -223,8 +223,12 @@ UpdateRegionMappingRecursive ( > > // than a block, and recurse to create the block or page entries at > > // the next level. No block mappings are allowed at all at level 0, > > // so in that case, we have to recurse unconditionally. > > + // If we are changing a table entry and the AttributeClearMask is non-zero, > > + // we cannot replace it with a block entry without potentially losing > > + // attribute information, so keep the table entry in that case. > > // > > - if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0) { > > + if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0 || > > + (IsTableEntry (*Entry, Level) && AttributeClearMask != 0)) { > > ASSERT (Level < 3); > > > > if (!IsTableEntry (*Entry, Level)) { > > @@ -245,6 +249,8 @@ UpdateRegionMappingRecursive ( > > InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); > > } > > > > + ZeroMem (TranslationTable, EFI_PAGE_SIZE); > > + > > if (IsBlockEntry (*Entry, Level)) { > > // > > // We are splitting an existing block entry, so we have to populate > > @@ -262,8 +268,6 @@ UpdateRegionMappingRecursive ( > > FreePages (TranslationTable, 1); > > return Status; > > } > > - } else { > > - ZeroMem (TranslationTable, EFI_PAGE_SIZE); > > } > > } else { > > TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); > > @@ -300,7 +304,20 @@ UpdateRegionMappingRecursive ( > > EntryValue |= (Level == 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 > > : TT_TYPE_BLOCK_ENTRY; > > > > - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); > > + if (IsTableEntry (*Entry, Level)) { > > + // > > + // We are replacing a table entry with a block entry. This is only > > + // possible if we are keeping none of the original attributes. > > + // We can free the table entry's page table, and all the ones below > > + // it, since we are dropping the only possible reference to it. > > + // > > + ASSERT (AttributeClearMask == 0); > > + TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); > > + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); > > + FreePageTablesRecursive (TranslationTable); > > + } else { > > + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); > > + } > > } > > } > > return EFI_SUCCESS; > > -- > > 2.17.1 > > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry 2020-03-25 11:38 ` [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Ard Biesheuvel 2020-03-25 12:38 ` Leif Lindholm @ 2020-03-25 14:58 ` Ashish Singhal 1 sibling, 0 replies; 6+ messages in thread From: Ashish Singhal @ 2020-03-25 14:58 UTC (permalink / raw) To: Ard Biesheuvel, devel@edk2.groups.io; +Cc: Laszlo Ersek, Leif Lindholm [-- Attachment #1: Type: text/plain, Size: 5033 bytes --] Hi Ard, I tried to verify the patch just now and now I am seeing data abort with a translation fault at 0th level. Also, if this helps, it is caused by in FreePageTablesRecursive function when it tries to access the address pointed to by TranslationTable. Thanks Ashish ________________________________ From: Ard Biesheuvel <ard.biesheuvel@linaro.org> Sent: Wednesday, March 25, 2020 5:38 AM To: devel@edk2.groups.io <devel@edk2.groups.io> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif@nuviainc.com>; Ashish Singhal <ashishsingha@nvidia.com> Subject: [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry External email: Use caution opening links or attachments Currently, depending on the size of the region being (re)mapped, the page table manipulation code may replace a table entry with a block entry, even if the existing table entry uses different mapping attributes to describe different parts of the region it covers. This is undesirable, and instead, we should avoid doing so unless we are disregarding the original attributes anyway. And if we make such a replacement, we should free all the page tables that have become orphaned in the process. So let's implement this, by taking the table entry path through the code for block sized regions if a table entry already exists, and the clear mask is set (which means we are preserving attributes from the existing mapping). And when we do replace a table entry with a block entry, free all the pages that are no longer referenced. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> --- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 25 ++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index 6f6ef5b05fbc..488156e69057 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -223,8 +223,12 @@ UpdateRegionMappingRecursive ( // than a block, and recurse to create the block or page entries at // the next level. No block mappings are allowed at all at level 0, // so in that case, we have to recurse unconditionally. + // If we are changing a table entry and the AttributeClearMask is non-zero, + // we cannot replace it with a block entry without potentially losing + // attribute information, so keep the table entry in that case. // - if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0) { + if (Level == 0 || ((RegionStart | BlockEnd) & BlockMask) != 0 || + (IsTableEntry (*Entry, Level) && AttributeClearMask != 0)) { ASSERT (Level < 3); if (!IsTableEntry (*Entry, Level)) { @@ -245,6 +249,8 @@ UpdateRegionMappingRecursive ( InvalidateDataCacheRange (TranslationTable, EFI_PAGE_SIZE); } + ZeroMem (TranslationTable, EFI_PAGE_SIZE); + if (IsBlockEntry (*Entry, Level)) { // // We are splitting an existing block entry, so we have to populate @@ -262,8 +268,6 @@ UpdateRegionMappingRecursive ( FreePages (TranslationTable, 1); return Status; } - } else { - ZeroMem (TranslationTable, EFI_PAGE_SIZE); } } else { TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); @@ -300,7 +304,20 @@ UpdateRegionMappingRecursive ( EntryValue |= (Level == 3) ? TT_TYPE_BLOCK_ENTRY_LEVEL3 : TT_TYPE_BLOCK_ENTRY; - ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + if (IsTableEntry (*Entry, Level)) { + // + // We are replacing a table entry with a block entry. This is only + // possible if we are keeping none of the original attributes. + // We can free the table entry's page table, and all the ones below + // it, since we are dropping the only possible reference to it. + // + ASSERT (AttributeClearMask == 0); + TranslationTable = (VOID *)(UINTN)(*Entry & TT_ADDRESS_MASK_BLOCK_ENTRY); + ReplaceTableEntry (Entry, EntryValue, RegionStart, TRUE); + FreePageTablesRecursive (TranslationTable); + } else { + ReplaceTableEntry (Entry, EntryValue, RegionStart, FALSE); + } } } return EFI_SUCCESS; -- 2.17.1 ----------------------------------------------------------------------------------- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ----------------------------------------------------------------------------------- [-- Attachment #2: Type: text/html, Size: 8395 bytes --] ^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-03-25 14:58 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2020-03-25 11:38 [PATCH v2 0/2] ArmPkg/ArmMmuLib AARCH64: correctness fix Ard Biesheuvel 2020-03-25 11:38 ` [PATCH v2 1/2] ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types Ard Biesheuvel 2020-03-25 11:38 ` [PATCH v2 2/2] ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry Ard Biesheuvel 2020-03-25 12:38 ` Leif Lindholm 2020-03-25 14:47 ` Ard Biesheuvel 2020-03-25 14:58 ` Ashish Singhal
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox