From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f65.google.com (mail-wm1-f65.google.com [209.85.128.65]) by mx.groups.io with SMTP id smtpd.web11.14235.1585150187402502367 for ; Wed, 25 Mar 2020 08:29:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=Hp+kVbnX; spf=pass (domain: linaro.org, ip: 209.85.128.65, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wm1-f65.google.com with SMTP id m3so3215320wmi.0 for ; Wed, 25 Mar 2020 08:29:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=cgKE3Gz7pbQ8y00jjZEtfHarG6vi17KgCy0dGsBHvtM=; b=Hp+kVbnXb4cPjAM2TDTmW1g+79YTlBFtPrp0r65SZqJzi+OZaqM85UN9dKpQNJ11im mqRTZfSv4wRwUzZlIp204yHSqoI+fmqQ0dQA+E9IS4eMDzfFn2w5qcy1H21pUKZi7CMy Nte+G9OirAws4dOXAntwU8DS1pxaBFWkTfGL7RFx8PiwmeNyrtto9AlN1Qvty6plR9J5 z4ZxLFT+sstl58883QHt3TvFaI6ZrU76SuxUu83zObcDtF4PtjNxzIaW9EoVWNGMPBwM MIlPb6x9N2SinQKZs5zDUAHl6EC0dPwnfhFOqAlbwCgHWT0O41SnTBZdXSdGvoLkT2YA Obbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=cgKE3Gz7pbQ8y00jjZEtfHarG6vi17KgCy0dGsBHvtM=; b=JqRyWmLvSFxzNj1stqX0Qp+9CRakoiCuRmwclYN8dTNDD8Kk1FDvpCRd2NJC1K5R4J oWZ2fTToapW+20d1hIyiKnQaZo243wU3tavdhUWjX+ngOGhcrzIIcGBPRZC2yq5icQ3L zxhMRI2afLuVLDjmrYqj/nIUZVkIkjnGbTvuLqp7vLFDGdhrxLmXxiUfZZzVijHNxrbl r6rBUNF46G7MT1r/X/6DK8oEdThNFPrcIyKPKrqQMAKkx575Nt1dcB6wUZZjhqUT4AdG an1wsCzmV0EkzBtA4h/Y0GA0V1BAoRrEh1SS8ueeTvgIZJhoBihP7DszXC3Kgx9mK52G M42Q== X-Gm-Message-State: ANhLgQ0h0iwpd+xeWC/YNY6l/bQ4gQuM9se14NHaGdnN8rXrIV4IjIkO 4Daps61sxMaU5TCv9iZ+dc/kHLjLzYN+Eq4R X-Google-Smtp-Source: ADFU+vtiYOkuoFfQxPqfbB6jULAPaimjEMv86GWbJvl8lZRSxfjmUvRupOD0imkNjIVLBsXPPEV4vQ== X-Received: by 2002:a1c:f401:: with SMTP id z1mr3913084wma.18.1585150185706; Wed, 25 Mar 2020 08:29:45 -0700 (PDT) Return-Path: Received: from e123331-lin.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr. [109.210.65.247]) by smtp.gmail.com with ESMTPSA id r15sm29249296wra.19.2020.03.25.08.29.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Mar 2020 08:29:45 -0700 (PDT) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Laszlo Ersek , Leif Lindholm , Ashish Singhal Subject: [PATCH v3 0/3] ArmPkg/ArmMmuLib AARCH64: correctness fix Date: Wed, 25 Mar 2020 16:29:37 +0100 Message-Id: <20200325152940.1492-1-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 The new ArmMmuLib code is easier to reason about, so that is what I did: currently, when we create mappings that cover existing table entries, we may end up overwriting those with block entries without taking the mapping attributes of the original table entries into account. So let's fix this. I honestly don't know whether the original code was better at dealing with this: I do remember some changes from Heyi that may have been related, but the old code is not easy to follow. In any case, I didn't manage to hit this case in practice, given that we typically start out with large mappings, and break them down later (to set permissions), rather than the other way around. Patch #1 adds some helpers to hide the insane way the type bits change meaning when you change to level 3. Patch #2 ensures that we only replace (and free) table entries with block entries if it is guaranteed that doing so will not lose any attribute information. Changes since v2: - add patch to limit recursion to levels < 3 in FreePageTablesRecursive() Changes since v1: - zero newly allocated pages before splitting a block entry into a table entry, to avoid garbage in that page being misidentified as entry type attributes - this should fix the crash observed by Laszlo Cc: Laszlo Ersek Cc: Leif Lindholm Cc: Ashish Singhal Ard Biesheuvel (3): ArmPkg/ArmMmuLib AARCH64: limit recursion when freeing page tables ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table entry .../Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 83 +++++++++++++++---- 1 file changed, 68 insertions(+), 15 deletions(-) -- 2.17.1