From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CF7AC81EC8 for ; Thu, 9 Feb 2017 22:35:11 -0800 (PST) Received: by mail-wm0-x22e.google.com with SMTP id v77so39546126wmv.0 for ; Thu, 09 Feb 2017 22:35:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=oQlWYlUD4SNpA7vktwKDPDoogBrSj4lEAx0++6sJWS4=; b=SQUJT0A6xm98w9eE+bbBuHqoM8Mju10lGBUCvBuW02nAQinzTvPhVvvsktRxp9FjyW 2mPt50mWydQixCvACoXFGsMHEGZLp3yLuXHlfeCXPx5pl7inZOmgP9ezpd5ue9kWqwEH tKbB6JmTXWceCijvIXlkzKbg2c4xljVaehTZk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=oQlWYlUD4SNpA7vktwKDPDoogBrSj4lEAx0++6sJWS4=; b=Rapf5Ms+ZWEpANog3jwXQBASv9oNVDg3QhgRzOZPx4A/bcvQN0m8dQmQYE4esiQV+l 7DB1AktZJqCnMMKo1SeUOOM60aol0tJYxGAd+iqIUd9lxK5RcwmsPPn6jzi2W0f2wz4a aRbH72RncdyVC6f+Pzw7aThmjGSD4AxvWPyXUtI1RZEd2qu5BL/3M+dfSANRCf3E7imo yAslpBVdrP7TknRybX4T1V50LRngeupDX1m/cxJmeIBcrmhCo3J/737JLC3dE13R4Oi7 EQ6oLJRQMeFtoKWgQkQO+3U4+dvnrgQ8DCdmkwFjRmdTOluxNgL5sJt1n66FpT55KkUa qOdg== X-Gm-Message-State: AMke39lBOWS2FvVZ4F+Ahdpbl0yYqc+lxwIflLAjPBGk1Lq82xwAqK1EgRw0+/53ws1jkn/f X-Received: by 10.28.68.6 with SMTP id r6mr24465536wma.57.1486708509871; Thu, 09 Feb 2017 22:35:09 -0800 (PST) Received: from [105.138.117.86] ([105.138.117.86]) by smtp.gmail.com with ESMTPSA id i189sm2094464wmg.7.2017.02.09.22.35.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Feb 2017 22:35:08 -0800 (PST) From: Ard Biesheuvel Mime-Version: 1.0 (1.0) Date: Fri, 10 Feb 2017 06:34:02 +0000 Message-Id: <4F3E8C94-BFF2-42A5-8E12-C03F955627F8@linaro.org> References: <1486624832-15736-1-git-send-email-jiewen.yao@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8EBD52@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8EBEC3@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8EBF20@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8EC023@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8EC093@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8EC562@shsmsx102.ccr.corp.intel.com> Cc: "Tian, Feng" , "edk2-devel@lists.01.org" , Leif Lindholm , "Kinney, Michael D" , "Fan, Jeff" , "Zeng, Star" In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A8EC562@shsmsx102.ccr.corp.intel.com> To: "Yao, Jiewen" X-Mailer: iPhone Mail (14D27) X-Content-Filtered-By: Mailman/MimeDel 2.1.21 Subject: Re: [PATCH V3 0/4] DXE Memory Protection X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Feb 2017 06:35:12 -0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable > On 10 Feb 2017, at 02:26, Yao, Jiewen wrote: >=20 > Very good question. > =20 > 1) Yes, I did test UEFI OS boot, which is mentioned in V1 summary: > =3D=3D=3D=3D=3D=3D > Tested OS: UEFI Win10, UEFI Ubuntu 16.04. > =3D=3D=3D=3D=3D=3D > =20 > 2) Star helps double confirm that OS already takes over the control o= f page table on SetVirtualAddressMap(). > See below log on UEFI Win10. > =3D=3D=3D=3D=3D=3D > DXEIPL CR3 0x88140000 > RUNTIMEDXE CR3 0x1AB000 > =3D=3D=3D=3D=3D=3D > =20 Not on AArch64/ARM linux, and the spec does not mandate it, so we need to de= al with this imo > Thank you > Yao Jiewen > =20 > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ard= Biesheuvel > Sent: Thursday, February 9, 2017 8:48 AM > To: Yao, Jiewen > Cc: Tian, Feng ; edk2-devel@lists.01.org; Leif Lindho= lm ; Kinney, Michael D ; Fan, Jeff ; Zeng, Star > Subject: Re: [edk2] [PATCH V3 0/4] DXE Memory Protection > =20 > On 9 February 2017 at 16:30, Ard Biesheuvel wr= ote: > > On 9 February 2017 at 16:29, Yao, Jiewen wrote: > >> Very good point. > >> > >> Can ARCH64 set 4K paging for 64K aligned runtime memory? > >> > > > > UEFI always uses 4 KB, but the OS may use 64 KB, so to create the > > virtual address map it needs the runtime regions to be 64 KB aligned. > > > >> > >> > >> If yes, how about we use > >> > >> =E2=80=9CImageRecord->ImageSize =3D ALIGN_VALUE(LoadedImage->ImageSize,= > >> EFI_PAGE_SIZE);=E2=80=9D > >> > > >=20 > Another question: did you try SetVirtualAddressMap()? It looks like we > need to lift read-only permissions to allow the runtime PE/COFF > relocation to apply the fixups > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel