From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 070CFD8080A for ; Mon, 9 Oct 2023 08:29:59 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=moLKtPA7EpfLNb9eHYJQg69ZFnJ84ohPgVZ16A/72q0=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1696840198; v=1; b=XQJP8qQ/mQaxW2F6BRUGHdl0nXvu8Wt0GugjeiZeZJOShQmb+MEbn1XCuFkwvBZlDlW1ZCJV 65+Hhj1BytCByDzhV+dmGvrPGrj4ogawjSZa+Fa6rsiXpPHQHcX+NT4itmOeZE8/WYyX6kdRt+1 m2MMLgk3NUXFcMEHGrlLno7w= X-Received: by 127.0.0.2 with SMTP id J4yXYY7687511xzPnxM85TKM; Mon, 09 Oct 2023 01:29:58 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.56865.1696840197865378570 for ; Mon, 09 Oct 2023 01:29:58 -0700 X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-397-pD-UyMJpOL-7mcRdLnutaA-1; Mon, 09 Oct 2023 04:29:50 -0400 X-MC-Unique: pD-UyMJpOL-7mcRdLnutaA-1 X-Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6FD053816C8A; Mon, 9 Oct 2023 08:29:50 +0000 (UTC) X-Received: from [10.39.192.114] (unknown [10.39.192.114]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0702F2027045; Mon, 9 Oct 2023 08:29:48 +0000 (UTC) Message-ID: <24d444be-ac3f-2bac-925b-081556801163@redhat.com> Date: Mon, 9 Oct 2023 10:29:47 +0200 MIME-Version: 1.0 Subject: Re: [edk2-devel] [PATCH v5 17/28] OvmfPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs To: devel@edk2.groups.io, taylor.d.beebe@gmail.com Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Leif Lindholm , Abner Chang References: <20231009000742.1792-1-taylor.d.beebe@gmail.com> <20231009000742.1792-18-taylor.d.beebe@gmail.com> From: "Laszlo Ersek" In-Reply-To: <20231009000742.1792-18-taylor.d.beebe@gmail.com> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: z5tqklDH6hSoJIc0Om4phxVax7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b="XQJP8qQ/"; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none) On 10/9/23 02:07, Taylor Beebe wrote: > Replace references to the memory protection PCDs to instead > check the platform protections via GetMemoryProtectionsLib. > > Because the protection profile is equivalent to the PCD settings, > this updated does not cause a torn state. > > Signed-off-by: Taylor Beebe > Cc: Ard Biesheuvel > Cc: Jiewen Yao > Cc: Jordan Justen > Cc: Gerd Hoffmann > Cc: Leif Lindholm > Cc: Abner Chang > --- > OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c | 5 ++--- > OvmfPkg/QemuVideoDxe/VbeShim.c | 3 ++- > OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf | 4 +--- > OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf | 2 +- > 4 files changed, 6 insertions(+), 8 deletions(-) Should be two patches. Now I need to quote out of order. > > diff --git a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c b/OvmfPkg/Fdt/HighMemDxe= /HighMemDxe.c > index 779bf5c827f5..2bef34427341 100644 > --- a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c > +++ b/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.c > @@ -13,6 +13,7 @@ > #include > #include > #include > +#include > > #include > #include > @@ -148,9 +149,7 @@ InitializeHighMemDxe ( > // on the page table mappings by going through the cpu arch prot= ocol. > // > Attributes =3D EFI_MEMORY_WB; > - if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & > - (1U << (UINT32)EfiConventionalMemory)) !=3D 0) > - { > + if (gMps.Dxe.ExecutionProtection.EnabledForType[EfiConventionalM= emory]) { > Attributes |=3D EFI_MEMORY_XP; > } > > diff --git a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf b/OvmfPkg/Fdt/HighMemD= xe/HighMemDxe.inf > index c7dde9f455f2..40cbbe1c39af 100644 > --- a/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf > +++ b/OvmfPkg/Fdt/HighMemDxe/HighMemDxe.inf > @@ -33,13 +33,11 @@ [LibraryClasses] > PcdLib > UefiBootServicesTableLib > UefiDriverEntryPoint > + GetMemoryProtectionsLib > > [Protocols] > gEfiCpuArchProtocolGuid ## CONSUMES > gFdtClientProtocolGuid ## CONSUMES > > -[Pcd] > - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy > - > [Depex] > gEfiCpuArchProtocolGuid AND gFdtClientProtocolGuid Thus, with this, HighMemDxe loses its only PcdGet call -- I think you should remove the PcdLib.h #include directive from the C file, and the PcdLib dependency from [LibraryClasses] in the INF file. > diff --git a/OvmfPkg/QemuVideoDxe/VbeShim.c b/OvmfPkg/QemuVideoDxe/VbeShi= m.c > index 8f151b96f9a5..a60e409f50de 100644 > --- a/OvmfPkg/QemuVideoDxe/VbeShim.c > +++ b/OvmfPkg/QemuVideoDxe/VbeShim.c > @@ -19,6 +19,7 @@ > #include > #include > #include > +#include > #include > > #include "Qemu.h" > @@ -69,7 +70,7 @@ InstallVbeShim ( > UINTN Printed; > VBE_MODE_INFO *VbeModeInfo; > > - if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7)) =3D= =3D BIT0) { > + if (gMps.Dxe.NullPointerDetection.Enabled && !gMps.Dxe.NullPointerDete= ction.DisableEndOfDxe) { > DEBUG (( > DEBUG_WARN, > "%a: page 0 protected, not installing VBE shim\n", The conversion looks right, at the surface, but could you also test it? (See commit 90f3922b018e, "OvmfPkg/QemuVideoDxe: Bypass NULL pointer detection during VBE SHIM installing", 2017-10-11. You'll need a Windows 7 or Windows Server 2008 R2 guest for triggering the debug message.) > diff --git a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf b/OvmfPkg/QemuVideoDxe= /QemuVideoDxe.inf > index 43a6e07faa88..15693ce85674 100644 > --- a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf > +++ b/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf > @@ -55,6 +55,7 @@ [LibraryClasses] > UefiBootServicesTableLib > UefiDriverEntryPoint > UefiLib > + GetMemoryProtectionsLib > > [Protocols] > gEfiGraphicsOutputProtocolGuid # PROTOCOL BY_START Please keep [LibraryClasses] sections, and all other sections in INF files, alphabetically sorted -- assuming the section is already sorted pre-patch. (Unfortunately, in this case, the section is already in disorder; I failed to catch the original mistake when reviewing the patch that would become commit 5b2291f9567a, "OvmfPkg: QemuVideoDxe uses MdeModulePkg/FrameBufferLib", 2016-10-12.) > @@ -64,6 +65,5 @@ [Protocols] > [Pcd] > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId > gUefiOvmfPkgTokenSpaceGuid.PcdVideoResolutionSource > - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask > gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution > gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution Laszlo -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109444): https://edk2.groups.io/g/devel/message/109444 Mute This Topic: https://groups.io/mt/101843361/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/19134562= 12/xyzzy [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-