From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
 by mx.groups.io with SMTP id smtpd.web10.16827.1676301549959972321
 for <devel@edk2.groups.io>;
 Mon, 13 Feb 2023 07:19:10 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=SpKVKhf+;
 spf=pass (domain: kernel.org, ip: 145.40.68.75, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ams.source.kernel.org (Postfix) with ESMTPS id 76A01B810D6;
	Mon, 13 Feb 2023 15:19:08 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 98F3EC4339B;
	Mon, 13 Feb 2023 15:19:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1676301547;
	bh=Rnx7YKZoErTBYxJaFQjTcobr8522kwl5l573rfILB4U=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=SpKVKhf+H80B34p1KagmKKfpe33vZy8qisNoWcrKnXTUk/NKV16f4Xd15/FjCwBOD
	 rt+6ks7vjcFMNIJbRF2bWpKeq2Q8oym8qZva035Kc10GTcJWMch2F9vKpxhWc4jKSH
	 UEQIWObJBo0UPM99WacHK9s0jqiR5sySow7gLgGqGB5oHE6OCgdNs6+NheGmEvalLg
	 taNxQ0MoiboMGp4hfqTnixc0KjkNVyl22z3YzBpVbDpMMUbTqdr4kKSFz9OEaDmZs+
	 A7d9sKRSsmW9QqOXbJWj0go3c3PUIZrMwBOfO10xr/zmiUBXMBJEx8oqSSDeoZoZ/Q
	 +sAc07A6cdXgg==
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Taylor Beebe <t@taylorbeebe.com>,
	Matthew Garrett <mjg59@srcf.ucam.org>,
	Peter Jones <pjones@redhat.com>,
	Kees Cook <keescook@chromium.org>
Subject: [RFC 13/13] ArmVirtPkg/ArmVirtQemu: Enable hardware enforced W^X memory permissions
Date: Mon, 13 Feb 2023 16:18:10 +0100
Message-Id: <20230213151810.2301480-14-ardb@kernel.org>
X-Mailer: git-send-email 2.39.1
In-Reply-To: <20230213151810.2301480-1-ardb@kernel.org>
References: <20230213151810.2301480-1-ardb@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Enable the WXN system control bit straight out of reset when running in
EL1 with the initial ID map from flash. This setting will be inherited
by the page table code after it sets up the permanent boot time page
tables, resulting in all memory mappings that are not explicitly mapped
as read-only to be non-executable.

Note that this requires runtime drivers to be built with position
independent codegen, to ensure that all absolute symbol references are
moved into a separate section in the binary. Otherwise, unmapping the
pages that are subject to relocation fixups at runtime (during the
invocation of SetVirtualAddressMap()) could result in code mappings
losing their executable permissions.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 ArmVirtPkg/ArmVirt.dsc.inc                                        | 1 +
 ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 5b18184be263..928dd6330edb 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -31,6 +31,7 @@ [BuildOptions.common.EDKII.DXE_CORE,BuildOptions.common.E=
DKII.DXE_DRIVER,BuildOp
 =0D
 [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]=0D
   GCC:*_*_ARM_DLINK_FLAGS =3D -z common-page-size=3D0x1000=0D
+  GCC:*_*_AARCH64_CC_FLAGS =3D -fpie=0D
   GCC:*_*_AARCH64_DLINK_FLAGS =3D -z common-page-size=3D0x10000=0D
 =0D
 [LibraryClasses.common]=0D
diff --git a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelpe=
r.S b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S
index 5ac7c732f6ec..51c089a45ffc 100644
--- a/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S
+++ b/ArmVirtPkg/Library/ArmPlatformLibQemu/AArch64/ArmPlatformHelper.S
@@ -38,7 +38,7 @@
  .set    SCTLR_EL1_ITD,       0x1 << 7=0D
  .set    SCTLR_EL1_RES1,      (0x1 << 11) | (0x1 << 20) | (0x1 << 22) | (0=
x1 << 28) | (0x1 << 29)=0D
  .set    sctlrval, SCTLR_ELx_M | SCTLR_ELx_C | SCTLR_ELx_SA | SCTLR_EL1_IT=
D | SCTLR_EL1_SED=0D
- .set    sctlrval, sctlrval | SCTLR_ELx_I | SCTLR_EL1_SPAN | SCTLR_EL1_RES=
1=0D
+ .set    sctlrval, sctlrval | SCTLR_ELx_I | SCTLR_EL1_SPAN | SCTLR_EL1_RES=
1 | SCTLR_EL1_WXN=0D
 =0D
 =0D
 ASM_FUNC(ArmPlatformPeiBootAction)=0D
--=20
2.39.1