From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web10.3284.1687768614910079058 for ; Mon, 26 Jun 2023 01:36:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=A4xyFzPN; spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 5E1F560D2E; Mon, 26 Jun 2023 08:36:54 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B882BC433C9; Mon, 26 Jun 2023 08:36:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1687768613; bh=5myjJROn6f66pprN8zeH1h13lmmBGyGD5b543qZxsJg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=A4xyFzPNJ6WRcXz6BAg2JW4XEob6xbyFCz+3uxKe+dKg+pOl3lNxGRYELQcE6QdSP zD8Cxox329nD+a8fj3tVkHPX5pTwxi+mypgDejd3nqfdbPhx0NmLXMn9P1qXPaisKm 7n+hLt/QrtieOGCTmHkD9nBgmhvPRN9+bClJ3pDh60cxZEyVaWPG6Ei1mWUrYd8MEH /7LWFvm1gluCh4bNom0KSvPycdMXTcbxtUKws90PxV+j6lw/2PKR7M4HWjbeDKwC7/ ths1Xh4cPGxHi0lbG8qc/C3SaOXu1Aryxu2IAEWnn1eECuQ6TjhNW2dQgillj861EI oWSMQWama5dPQ== From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Sami Mujawar , Leif Lindholm Subject: [PATCH 2/3] ArmPkg: Drop individual memory permission helpers Date: Mon, 26 Jun 2023 10:36:43 +0200 Message-Id: <20230626083644.1011698-3-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230626083644.1011698-1-ardb@kernel.org> References: <20230626083644.1011698-1-ardb@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Now that we have a sane API to set and clear memory permissions that works the same on ARM and AArch64, we no longer have a need for the individual set/clear no-access/read-only/no-exec helpers so let's drop them. Signed-off-by: Ard Biesheuvel --- ArmPkg/Drivers/CpuDxe/CpuDxe.c | 6 +- ArmPkg/Include/Library/ArmMmuLib.h | 62 --------- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 136 -------------------- ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c | 104 --------------- 4 files changed, 4 insertions(+), 304 deletions(-) diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.c b/ArmPkg/Drivers/CpuDxe/CpuDxe.c index f820f3f621891365..fc63e527846acba9 100644 --- a/ArmPkg/Drivers/CpuDxe/CpuDxe.c +++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.c @@ -288,9 +288,11 @@ RemapUnusedMemoryNx ( MemoryMapEnd =3D (EFI_MEMORY_DESCRIPTOR *)((UINT8 *)MemoryMap + Memory= MapSize);=0D while ((UINTN)MemoryMapEntry < (UINTN)MemoryMapEnd) {=0D if (MemoryMapEntry->Type =3D=3D EfiConventionalMemory) {=0D - ArmSetMemoryRegionNoExec (=0D + ArmSetMemoryAttributes (=0D MemoryMapEntry->PhysicalStart,=0D - EFI_PAGES_TO_SIZE (MemoryMapEntry->NumberOfPages)=0D + EFI_PAGES_TO_SIZE (MemoryMapEntry->NumberOfPages),=0D + EFI_MEMORY_XP,=0D + EFI_MEMORY_XP=0D );=0D }=0D =0D diff --git a/ArmPkg/Include/Library/ArmMmuLib.h b/ArmPkg/Include/Library/Ar= mMmuLib.h index 91d112314fdf4859..2ce948e8db1d34e5 100644 --- a/ArmPkg/Include/Library/ArmMmuLib.h +++ b/ArmPkg/Include/Library/ArmMmuLib.h @@ -21,68 +21,6 @@ ArmConfigureMmu ( OUT UINTN *TranslationTableSize OPTIONAL=0D );=0D =0D -/**=0D - Convert a region of memory to read-protected, by clearing the access fla= g.=0D -=0D - @param BaseAddress The start of the region.=0D - @param Length The size of the region.=0D -=0D - @retval EFI_SUCCESS The attributes were set successfully.=0D - @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -ArmSetMemoryRegionNoAccess (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - );=0D -=0D -/**=0D - Convert a region of memory to read-enabled, by setting the access flag.= =0D -=0D - @param BaseAddress The start of the region.=0D - @param Length The size of the region.=0D -=0D - @retval EFI_SUCCESS The attributes were set successfully.=0D - @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -ArmClearMemoryRegionNoAccess (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - );=0D -=0D -EFI_STATUS=0D -EFIAPI=0D -ArmSetMemoryRegionNoExec (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - );=0D -=0D -EFI_STATUS=0D -EFIAPI=0D -ArmClearMemoryRegionNoExec (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - );=0D -=0D -EFI_STATUS=0D -EFIAPI=0D -ArmSetMemoryRegionReadOnly (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - );=0D -=0D -EFI_STATUS=0D -EFIAPI=0D -ArmClearMemoryRegionReadOnly (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - );=0D -=0D VOID=0D EFIAPI=0D ArmReplaceLiveTranslationEntry (=0D diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Libr= ary/ArmMmuLib/AArch64/ArmMmuLibCore.c index 22623572b9cb931c..1e57e589977e6c39 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -552,142 +552,6 @@ ArmSetMemoryAttributes ( );=0D }=0D =0D -STATIC=0D -EFI_STATUS=0D -SetMemoryRegionAttribute (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length,=0D - IN UINT64 Attributes,=0D - IN UINT64 BlockEntryMask=0D - )=0D -{=0D - return UpdateRegionMapping (=0D - BaseAddress,=0D - Length,=0D - Attributes,=0D - BlockEntryMask,=0D - ArmGetTTBR0BaseAddress (),=0D - TRUE=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmSetMemoryRegionNoExec (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - UINT64 Val;=0D -=0D - if (ArmReadCurrentEL () =3D=3D AARCH64_EL1) {=0D - Val =3D TT_PXN_MASK | TT_UXN_MASK;=0D - } else {=0D - Val =3D TT_XN_MASK;=0D - }=0D -=0D - return SetMemoryRegionAttribute (=0D - BaseAddress,=0D - Length,=0D - Val,=0D - ~TT_ADDRESS_MASK_BLOCK_ENTRY=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmClearMemoryRegionNoExec (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - UINT64 Mask;=0D -=0D - // XN maps to UXN in the EL1&0 translation regime=0D - Mask =3D ~(TT_ADDRESS_MASK_BLOCK_ENTRY | TT_PXN_MASK | TT_XN_MASK);=0D -=0D - return SetMemoryRegionAttribute (=0D - BaseAddress,=0D - Length,=0D - 0,=0D - Mask=0D - );=0D -}=0D -=0D -/**=0D - Convert a region of memory to read-protected, by clearing the access fla= g.=0D -=0D - @param BaseAddress The start of the region.=0D - @param Length The size of the region.=0D -=0D - @retval EFI_SUCCESS The attributes were set successfully.=0D - @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory.=0D -=0D -**/=0D -EFI_STATUS=0D -ArmSetMemoryRegionNoAccess (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryRegionAttribute (=0D - BaseAddress,=0D - Length,=0D - 0,=0D - ~(TT_ADDRESS_MASK_BLOCK_ENTRY | TT_AF)=0D - );=0D -}=0D -=0D -/**=0D - Convert a region of memory to read-enabled, by setting the access flag.= =0D -=0D - @param BaseAddress The start of the region.=0D - @param Length The size of the region.=0D -=0D - @retval EFI_SUCCESS The attributes were set successfully.=0D - @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory.=0D -=0D -**/=0D -EFI_STATUS=0D -ArmClearMemoryRegionNoAccess (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryRegionAttribute (=0D - BaseAddress,=0D - Length,=0D - TT_AF,=0D - ~TT_ADDRESS_MASK_BLOCK_ENTRY=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmSetMemoryRegionReadOnly (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryRegionAttribute (=0D - BaseAddress,=0D - Length,=0D - TT_AP_NO_RO,=0D - ~TT_ADDRESS_MASK_BLOCK_ENTRY=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmClearMemoryRegionReadOnly (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryRegionAttribute (=0D - BaseAddress,=0D - Length,=0D - TT_AP_NO_RW,=0D - ~(TT_ADDRESS_MASK_BLOCK_ENTRY | TT_AP_MASK)=0D - );=0D -}=0D -=0D EFI_STATUS=0D EFIAPI=0D ArmConfigureMmu (=0D diff --git a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c b/ArmPkg/Librar= y/ArmMmuLib/Arm/ArmMmuLibUpdate.c index 61405965a73eaeb8..548ee1303870782a 100644 --- a/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c +++ b/ArmPkg/Library/ArmMmuLib/Arm/ArmMmuLibUpdate.c @@ -544,107 +544,3 @@ ArmSetMemoryAttributes ( TtEntryMask=0D );=0D }=0D -=0D -EFI_STATUS=0D -ArmSetMemoryRegionNoExec (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryAttributes (=0D - BaseAddress,=0D - Length,=0D - EFI_MEMORY_XP,=0D - TT_DESCRIPTOR_SECTION_XN_MASK=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmClearMemoryRegionNoExec (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryAttributes (=0D - BaseAddress,=0D - Length,=0D - 0,=0D - TT_DESCRIPTOR_SECTION_XN_MASK=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmSetMemoryRegionReadOnly (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryAttributes (=0D - BaseAddress,=0D - Length,=0D - EFI_MEMORY_RO,=0D - TT_DESCRIPTOR_SECTION_AP_MASK=0D - );=0D -}=0D -=0D -EFI_STATUS=0D -ArmClearMemoryRegionReadOnly (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryAttributes (=0D - BaseAddress,=0D - Length,=0D - 0,=0D - TT_DESCRIPTOR_SECTION_AP_MASK=0D - );=0D -}=0D -=0D -/**=0D - Convert a region of memory to read-protected, by clearing the access fla= g.=0D -=0D - @param BaseAddress The start of the region.=0D - @param Length The size of the region.=0D -=0D - @retval EFI_SUCCESS The attributes were set successfully.=0D - @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory.=0D -=0D -**/=0D -EFI_STATUS=0D -ArmSetMemoryRegionNoAccess (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryAttributes (=0D - BaseAddress,=0D - Length,=0D - EFI_MEMORY_RP,=0D - TT_DESCRIPTOR_SECTION_AF=0D - );=0D -}=0D -=0D -/**=0D - Convert a region of memory to read-enabled, by setting the access flag.= =0D -=0D - @param BaseAddress The start of the region.=0D - @param Length The size of the region.=0D -=0D - @retval EFI_SUCCESS The attributes were set successfully.=0D - @retval EFI_OUT_OF_RESOURCES The operation failed due to insufficient m= emory.=0D -=0D -**/=0D -EFI_STATUS=0D -ArmClearMemoryRegionNoAccess (=0D - IN EFI_PHYSICAL_ADDRESS BaseAddress,=0D - IN UINT64 Length=0D - )=0D -{=0D - return SetMemoryAttributes (=0D - BaseAddress,=0D - Length,=0D - 0,=0D - TT_DESCRIPTOR_SECTION_AF=0D - );=0D -}=0D --=20 2.39.2