From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Laszlo Ersek <lersek@redhat.com>
Cc: edk2-devel-01 <edk2-devel@lists.01.org>,
Michael Zimmermann <sigmaepsilon92@gmail.com>
Subject: Re: SetMemorySpaceAttributes with EFI_MEMORY_XP
Date: Mon, 20 Mar 2017 15:22:57 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A907502@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <CAKv+Gu9MRGzDYmGezP7fTYu0PkJ4aWcsFOHnw8QfKapbJ_6PPQ@mail.gmail.com>
We had some internal discussion on using gDS or using mCpu.
We decided to choose mCpu purposely at that moment, because we wanted to keep UEFI memory map unchanged to avoid any potential compatibility issue.
Thank you
Yao Jiewen
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ard Biesheuvel
Sent: Monday, March 20, 2017 10:09 PM
To: Laszlo Ersek <lersek@redhat.com>
Cc: edk2-devel-01 <edk2-devel@lists.01.org>; Michael Zimmermann <sigmaepsilon92@gmail.com>
Subject: Re: [edk2] SetMemorySpaceAttributes with EFI_MEMORY_XP
On 20 March 2017 at 11:38, Laszlo Ersek <lersek@redhat.com<mailto:lersek@redhat.com>> wrote:
> On 03/20/17 12:20, Ard Biesheuvel wrote:
>> On 20 March 2017 at 11:16, Michael Zimmermann <sigmaepsilon92@gmail.com<mailto:sigmaepsilon92@gmail.com>> wrote:
>>> Ard, why is SetMSetMemorySpaceAttributes being called in first place?
>>> (ignoring the recent NX patch)
>>> Looking at the initial GCD, it looks like unused memory usually
>>> doesn't have any attributes set anyway.
>>>
>>
>> Originally, we added the new memory with
>> EFI_MEMORY_WB|EFI_MEMORY_WT|EFI_MEMORY_WC|EFI_MEMORY_UC capabilities,
>> and selected the EFI_MEMORY_WB attribute with the call to
>> gDS->SetMemorySpaceAttributes. Later, we removed all capabilities
>> expect EFI_MEMORY_WB, since the other ones cannot be supported under
>> virtualization with KVM.
>>
>> Whether that makes the SetMemorySpaceAttributes redundant is not
>> entirely clear to me, but it does appear the adding the memory does
>> the right thing wrt non-exec permissions if the policy is enabled. So
>> perhaps we can simply drop this call?
>
> Won't that turn off caching for the memory just added?
>
I think it may not map the memory at all in this case, so we need to
do something. It looks like calling mCpu->SetMemoryAttributes() should
be sufficient here, and so I wonder whether we violate anything by
replacing gDS->SetMemorySpaceAttributes with mCpu->SetMemoryAttributes
here.
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
https://lists.01.org/mailman/listinfo/edk2-devel
next prev parent reply other threads:[~2017-03-20 15:23 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-20 10:32 SetMemorySpaceAttributes with EFI_MEMORY_XP Michael Zimmermann
2017-03-20 11:04 ` Ard Biesheuvel
2017-03-20 11:16 ` Michael Zimmermann
2017-03-20 11:20 ` Ard Biesheuvel
2017-03-20 11:38 ` Laszlo Ersek
2017-03-20 14:08 ` Ard Biesheuvel
2017-03-20 15:22 ` Yao, Jiewen [this message]
2017-03-20 15:24 ` Laszlo Ersek
2017-03-20 19:31 ` Ard Biesheuvel
2017-03-20 11:06 ` Laszlo Ersek
2017-03-20 11:10 ` Michael Zimmermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503A907502@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox