From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by mx.groups.io with SMTP id smtpd.web10.25813.1678727910867828690 for ; Mon, 13 Mar 2023 10:18:31 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=nmHrLi2q; spf=pass (domain: kernel.org, ip: 145.40.68.75, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 6BB1DB811B1; Mon, 13 Mar 2023 17:18:29 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E379BC433D2; Mon, 13 Mar 2023 17:18:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1678727909; bh=2jOWVzSs/chxXhiUarADfsKK/32D4zVYrvQ1PDsb+Mw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nmHrLi2qiOqK+eiPPL4YgySi4hB6YaJRTw1WxGqQgwM3AWRvGUcURXruHbLrkHo9t e5aBcQ3kezuWaC+PF3ErpmjFH7LdTpjRr4nZ0pRObylzcyGHEHV8p6CdqUZkuQgLby oilG+oEAOa3IlUHvRYJC1MwZfFXEmTGRxxCI7YH8zuxnHATqq+cm//SBBaPxXugrEU mNF0KFrqMS0AcHv/Ry9cWFPqZPWQs0UBJArZ5MbyIa6B56nKmtxvS1Vf9fJlWDwa79 YIfln2Vrkjd6/6uW/Wiy5C5uKLqr4JQwEXKr2zkEcgTkmmteCT4a+DobTJYUj1YYWp TK0JiIRFiPRiw== From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael Kinney , Liming Gao , Jiewen Yao , Michael Kubacki , Sean Brogan , Rebecca Cran , Leif Lindholm , Sami Mujawar , Taylor Beebe Subject: [PATCH v5 21/38] ArmPkg: Implement ArmSetMemoryOverrideLib Date: Mon, 13 Mar 2023 18:16:57 +0100 Message-Id: <20230313171714.3866151-22-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230313171714.3866151-1-ardb@kernel.org> References: <20230313171714.3866151-1-ardb@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Implement the ARM version of a NULL class library that can be overlaid on top of the DXE core to equip it right from its launch with an implementation of the CPU arch protocol member that sets type and permission attributes on memory regions. This bridges the gap between dispatch of DXE core and dispatch of the DXE driver that implements the CPU arch protocol, removing the need to rely on memory mappings that are writable and executable at the same time. Signed-off-by: Ard Biesheuvel --- ArmPkg/ArmPkg.dsc | 1 + ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.c | 78 ++= ++++++++++++++++++ ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.inf | 28 ++= +++++ 3 files changed, 107 insertions(+) diff --git a/ArmPkg/ArmPkg.dsc b/ArmPkg/ArmPkg.dsc index 3fb95d1951a9..43eb0f4f463e 100644 --- a/ArmPkg/ArmPkg.dsc +++ b/ArmPkg/ArmPkg.dsc @@ -119,6 +119,7 @@ [Components.common] ArmPkg/Library/ArmPsciResetSystemLib/ArmPsciResetSystemLib.inf=0D ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.inf=0D ArmPkg/Library/ArmExceptionLib/ArmRelocateExceptionLib.inf=0D + ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.inf=0D =0D ArmPkg/Drivers/CpuDxe/CpuDxe.inf=0D ArmPkg/Drivers/CpuPei/CpuPei.inf=0D diff --git a/ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib= .c b/ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.c new file mode 100644 index 000000000000..866dbbdaa7d5 --- /dev/null +++ b/ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.c @@ -0,0 +1,78 @@ +/** @file=0D + Overlay implementation of DXE core gCpuSetMemoryAttributes for ARM.=0D +=0D + Copyright (c) 2023, Google LLC. All rights reserved.=0D +=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +**/=0D +=0D +#include =0D +=0D +#include =0D +#include =0D +#include =0D +=0D +extern EFI_CPU_SET_MEMORY_ATTRIBUTES gCpuSetMemoryAttributes;=0D +=0D +STATIC UINTN mRecursionLevel;=0D +=0D +/**=0D + Clone of CPU_ARCH_PROTOCOL::SetMemoryAttributes() which is made availabl= e to=0D + the DXE core by NULL library class resolution, so that it can manage pag= e=0D + permissions right from the start.=0D +=0D + @param This CPU arch protocol pointer, should be NULL.= =0D + @param BaseAddress Start address of the region.=0D + @param Length Size of the region, in bytes.=0D + @param Attributes Attributes to set on the region.=0D +=0D + @retval EFI_SUCCESS Operation completed successfully.=0D + @retval EFI_OUT_OF_RESOURCES Operation failed due to lack of memory.=0D +=0D +**/=0D +STATIC=0D +EFI_STATUS=0D +EFIAPI=0D +EarlyArmSetMemoryAttributes (=0D + IN EFI_CPU_ARCH_PROTOCOL *This,=0D + IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D + IN UINT64 Length,=0D + IN UINT64 Attributes=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + // There are cases where the use of strict memory permissions may trigge= r=0D + // unbounded recursion in the page table code. This happens when setting= =0D + // memory permissions results in a page table split and therefore a page= =0D + // allocation, which could trigger a recursive invocation of this functi= on.=0D + ASSERT (mRecursionLevel < 2);=0D +=0D + mRecursionLevel++;=0D +=0D + Status =3D ArmSetMemoryAttributes (=0D + BaseAddress,=0D + Length,=0D + Attributes=0D + );=0D +=0D + mRecursionLevel--;=0D + return Status;=0D +}=0D +=0D +/**=0D + Library constructor.=0D +=0D + @retval RETURN_SUCCESS Operation successful.=0D +=0D +**/=0D +RETURN_STATUS=0D +EFIAPI=0D +ArmSetMemoryOverrideLibConstructor (=0D + VOID=0D + )=0D +{=0D + gCpuSetMemoryAttributes =3D EarlyArmSetMemoryAttributes;=0D +=0D + return RETURN_SUCCESS;=0D +}=0D diff --git a/ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib= .inf b/ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.inf new file mode 100644 index 000000000000..2dc9d42d09bd --- /dev/null +++ b/ArmPkg/Library/ArmSetMemoryOverrideLib/ArmSetMemoryOverrideLib.inf @@ -0,0 +1,28 @@ +## @file=0D +# Overlay implementation of DXE core gCpuSetMemoryAttributes for ARM.=0D +#=0D +# Copyright (c) 2023, Google LLC. All rights reserved.=0D +#=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 1.29=0D + BASE_NAME =3D ArmSetMemoryOverrideLib=0D + FILE_GUID =3D 849a43c0-6ad9-428e-8a5a-e090f7853bd3= =0D + MODULE_TYPE =3D BASE=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D NULL|DXE_CORE=0D + CONSTRUCTOR =3D ArmSetMemoryOverrideLibConstructor=0D +=0D +[Sources.common]=0D + ArmSetMemoryOverrideLib.c=0D +=0D +[Packages]=0D + ArmPkg/ArmPkg.dec=0D + MdePkg/MdePkg.dec=0D +=0D +[LibraryClasses]=0D + ArmMmuLib=0D + DebugLib=0D --=20 2.39.2