From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web11.13639.1600942941618096686 for ; Thu, 24 Sep 2020 03:22:21 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: jacek.kukiello@intel.com) IronPort-SDR: 9q9RWq8LgODmNlzSCXVe/SIao6YTZJ5igRBnNE0k+xN3nCPc2pEEPcDw7KmnzGrax3zs0osb7R do3RU/kvE9bg== X-IronPort-AV: E=McAfee;i="6000,8403,9753"; a="158536200" X-IronPort-AV: E=Sophos;i="5.77,297,1596524400"; d="scan'208";a="158536200" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2020 03:22:20 -0700 IronPort-SDR: /r5pDYvqYbAlsGwRhDJxOWBlKCHgmrUkln40RGjtK38WXrzK+hOdUyu9yFZzMigXr445YUMrGf yReWMmpRmggA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,297,1596524400"; d="scan'208";a="338996214" Received: from jkukiell-desk.ger.corp.intel.com ([10.102.87.26]) by orsmga008.jf.intel.com with ESMTP; 24 Sep 2020 03:22:17 -0700 From: jacek.kukiello@intel.com To: devel@edk2.groups.io Cc: Malgorzata Kukiello , Michael D Kinney , Jian J Wang , Hao A Wu , Dandan Bi , Liming Gao , Zhiguang Liu , Oleksiy Yakovlev , Ard Biesheuvel Subject: [PATCH v2 0/2] UEFI memmap workaround for hiding page-access caps from OSes hides SP and CRYPTO caps too Date: Thu, 24 Sep 2020 12:21:30 +0200 Message-Id: <20200924102132.18248-1-jacek.kukiello@intel.com> X-Mailer: git-send-email 2.18.0.windows.1 REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2982 The workaround in the UEFI memmap construction, near the end of the function CoreGetMemoryMap() [MdeModulePkg/Core/Dxe/Mem/Page.c] should not clear the SP and CRYPTO bits, because OSes do (apparently) correctly interpret SP and CRYPTO as capabilities, and not as currently set attributes (upon which the OSes should set their page tables). For this reason, the SP and CRYPTO bits should be separated from the bitmask that we use for hiding the page-access attributes, in the workaround Signed-off-by: Malgorzata Kukiello Cc: Michael D Kinney Cc: Jian J Wang Cc: Hao A Wu Cc: Dandan Bi Cc: Liming Gao Cc: Zhiguang Liu Cc: Oleksiy Yakovlev Cc: Ard Biesheuvel (ARM address) MdeModulePkg/Core/Dxe/Mem/Page.c | 12 ++++++------ MdePkg/Include/Uefi/UefiSpec.h | 3 ++- 2 files changed, 8 insertions(+), 7 deletions(-) --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapita zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited.