From mboxrd@z Thu Jan  1 00:00:00 1970
Subject: Re: [edk2-devel] [PATCH 2/5] UefiCpuPkg: Contiguous memory allocation and code clean-up.
To: Yuanhao Xie <yuanhao.xie@intel.com>,devel@edk2.groups.io
From: =?UTF-8?B?TWFydmluIEjDpHVzZXI=?= <mhaeuser@posteo.de>
X-Originating-Location: Berlin, Land Berlin, DE (104.28.45.25)
X-Originating-Platform: Mac Safari 16.3
User-Agent: GROUPS.IO Web Poster
MIME-Version: 1.0
Date: Tue, 07 Feb 2023 08:40:41 -0800
References: <20230207134939.273-3-yuanhao.xie@intel.com>
In-Reply-To: <20230207134939.273-3-yuanhao.xie@intel.com>
Message-ID: <32073.1675788041796635561@groups.io>
Content-Type: multipart/alternative; boundary="J7dQcgKZKLrOvgcBMfl5"

--J7dQcgKZKLrOvgcBMfl5
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi=C2=A0Yuanhao,

1) The code comments and copy code suggest that the stacks are located low =
and the function is located high (good). However, the SetMemorySpaceAttribu=
tes() call un-XP's Address, which is the low address. So, do I misunderstan=
d the changes, or are you un-XP'ing the first stack (and keep the function =
XP'd)?

2) The same SetMemorySpaceAttributes() call, you now pass ApLoopFuncSize ov=
er ApSafeBufferSize. The latter was explicitly page-aligned, while the form=
er is not. How is it guaranteed it is indeed aligned? If it is not, I don't=
 think this is supported, at least universally.

3) Similar to 2), the stack size is much smaller than the page size, no? Ho=
w do you guarantee the function is on a page boundary for memory protection=
?

4) A proper W^X flow should be to wait with un-XP till the CopyMem() for th=
e function code has returned. Right before that, the copied code should be =
marked read-only.

Best regards,
Marvin

--J7dQcgKZKLrOvgcBMfl5
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi&nbsp;Yuanhao,<br /><br />1) The code comments and copy code suggest that=
 the stacks are located low and the function is located high (good). Howeve=
r, the&nbsp;<span style=3D"white-space: pre-wrap;">SetMemorySpaceAttributes=
() call un-XP's Address, which is the low address. So, do I misunderstand t=
he changes, or are you un-XP'ing the first stack (and keep the function XP'=
d)?<br /><br />2) The same </span><span style=3D"white-space: pre-wrap;">Se=
tMemorySpaceAttributes() call, you now pass </span><span style=3D"white-spa=
ce: pre-wrap;">ApLoopFuncSize over</span><span style=3D"white-space: pre-wr=
ap;"> </span><span style=3D"white-space: pre-wrap;">ApSafeBufferSize. The l=
atter was explicitly page-aligned, while the former is not. How is it guara=
nteed it is indeed aligned? If it is not, I don't think this is supported, =
at least universally.<br /><br />3) Similar to 2), the stack size is much s=
maller than the page size, no? How do you guarantee the function is on a pa=
ge boundary for memory protection?<br /><br />4) A proper W^X flow should b=
e to wait with un-XP till the CopyMem() for the </span><span style=3D"white=
-space: pre-wrap;">function code has returned. Right before that, the copie=
d code should be marked read-only.<br /><br />Best regards,<br />Marvin</sp=
an>

--J7dQcgKZKLrOvgcBMfl5--