From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: "Ard Biesheuvel" <ardb@kernel.org>,
"Michael Kinney" <michael.d.kinney@intel.com>,
"Liming Gao" <gaoliming@byosoft.com.cn>,
"Jiewen Yao" <jiewen.yao@intel.com>,
"Michael Kubacki" <michael.kubacki@microsoft.com>,
"Sean Brogan" <sean.brogan@microsoft.com>,
"Rebecca Cran" <quic_rcran@quicinc.com>,
"Leif Lindholm" <quic_llindhol@quicinc.com>,
"Sami Mujawar" <sami.mujawar@arm.com>,
"Taylor Beebe" <t@taylorbeebe.com>,
"Marvin Häuser" <mhaeuser@posteo.de>
Subject: [PATCH 1/3] ArmPkg/ArmMmuLib: Avoid splitting block entries if possible
Date: Wed, 8 Feb 2023 18:58:10 +0100 [thread overview]
Message-ID: <20230208175812.700129-2-ardb@kernel.org> (raw)
In-Reply-To: <20230208175812.700129-1-ardb@kernel.org>
Currently, the AArch64 MMU page table logic will break down any block
entry that overlaps with the region being mapped, even if the block
entry in question is using the same attributes as the new region.
This means that creating a non-executable mapping inside a region that
is already mapped non-executable at a coarser granularity may trigger a
call to AllocatePages (), which may recurse back into the page table
code to update the attributes on the newly allocated page tables.
Let's avoid this, by preserving the block entry if it already covers the
region being mapped with the correct attributes.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
index 1cf8dc090012..28191938aeb1 100644
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c
@@ -251,6 +251,15 @@ UpdateRegionMappingRecursive (
ASSERT (Level < 3);
if (!IsTableEntry (*Entry, Level)) {
+ //
+ // If the region we are trying to map is already covered by a block
+ // entry with the right attributes, don't bother splitting it up.
+ //
+ if (IsBlockEntry (*Entry, Level) &&
+ ((*Entry & TT_ATTRIBUTES_MASK & ~AttributeClearMask) == AttributeSetMask)) {
+ continue;
+ }
+
//
// No table entry exists yet, so we need to allocate a page table
// for the next level.
--
2.39.1
next prev parent reply other threads:[~2023-02-08 17:58 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-08 17:58 [PATCH 0/3] Apply NX protections more strictly Ard Biesheuvel
2023-02-08 17:58 ` Ard Biesheuvel [this message]
2023-02-08 17:58 ` [PATCH 2/3] ArmPkg/CpuDxe: Perform preliminary NX remap of free memory Ard Biesheuvel
2023-02-08 18:32 ` Marvin Häuser
2023-02-08 18:49 ` [edk2-devel] " Ard Biesheuvel
2023-02-08 18:57 ` Taylor Beebe
2023-02-08 22:52 ` Ard Biesheuvel
2023-02-08 17:58 ` [PATCH 3/3] MdeModulePkg/DxeCore: Unconditionally set memory protections Ard Biesheuvel
2023-02-08 18:25 ` Ard Biesheuvel
2023-02-08 18:55 ` Marvin Häuser
2023-02-08 19:12 ` Taylor Beebe
2023-02-08 22:08 ` Ard Biesheuvel
2023-02-08 22:24 ` Taylor Beebe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230208175812.700129-2-ardb@kernel.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox