From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web10.176.1682006327108162877
 for <devel@edk2.groups.io>;
 Thu, 20 Apr 2023 08:58:47 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BObh24N9;
 spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 31BA864A5E
	for <devel@edk2.groups.io>; Thu, 20 Apr 2023 15:58:46 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9C4F1C4339E
	for <devel@edk2.groups.io>; Thu, 20 Apr 2023 15:58:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1682006325;
	bh=eYr7INcPBVTPJIeheqpxC+ebHjsS+Vn0O3Vd4vgq6cY=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=BObh24N9dIaiHVXD0GYgRDn7pInE9e/J6Dza9PcRSjbL10XTQyzWdjASXHwF3l0Mf
	 5MwQZ2UTvTE5onjGtEz23ACYiizyHaYivHZI8Pg9gs+qds1mN8W/ZngVuxf08LX4iZ
	 rakNYAB+fDaB89gWAOtSEm1ccl/GVQkLriSpHGk02q34ExHL5bwb/3HOwMpwmQaR+E
	 AuIbO/P+6yxUcOWjJQC6gX8ZrY4VNE4JXVi76gdcABQQDamTK803z5WAuz6cq8jFU6
	 jMNXSHPMFiora6iSEe2uEsYzyfuTr+G+w3/A8JP9kJrdwcadYFARj4GXACCG9OHQFE
	 aU3pjOWrHffGg==
Received: by mail-lj1-f169.google.com with SMTP id j11so3305582ljq.10
        for <devel@edk2.groups.io>; Thu, 20 Apr 2023 08:58:45 -0700 (PDT)
X-Gm-Message-State: AAQBX9eWhsv5R8WvTjWhSA8QrGu9hgSMtv1bEJLfex0hmd1iH+GIjAR5
	plXEgHr8C7txesbJLi5QC0YV9kC6DoVKMmrOZFk=
X-Google-Smtp-Source: AKy350YAgE4KxjTeCgOfmyYgX6St5k69fPuhATyY8kqrnI0v3vHH3s56RezXGzZBP1ejw3SXqKT2A/b3UxnSNARh3gs=
X-Received: by 2002:a2e:88d9:0:b0:2a7:a5a4:b878 with SMTP id
 a25-20020a2e88d9000000b002a7a5a4b878mr511940ljk.50.1682006323631; Thu, 20 Apr
 2023 08:58:43 -0700 (PDT)
MIME-Version: 1.0
References: <20230420152415.25480-1-mhaeuser@posteo.de> <20230420152415.25480-2-mhaeuser@posteo.de>
In-Reply-To: <20230420152415.25480-2-mhaeuser@posteo.de>
From: "Ard Biesheuvel" <ardb@kernel.org>
Date: Thu, 20 Apr 2023 17:58:32 +0200
X-Gmail-Original-Message-ID: <CAMj1kXH_NK=KY5DQ4kGRgMJ4e-Vwdb5YviXJCyw1w9OcANW6TA@mail.gmail.com>
Message-ID: <CAMj1kXH_NK=KY5DQ4kGRgMJ4e-Vwdb5YviXJCyw1w9OcANW6TA@mail.gmail.com>
Subject: Re: [PATCH v3 2/2] ArmPkg/ArmMmuLib: Fix ArmReplaceLiveTranslationEntry() alignment
To: =?UTF-8?Q?Marvin_Ha=CC=88user?= <mhaeuser@posteo.de>
Cc: devel@edk2.groups.io, Leif Lindholm <quic_llindhol@quicinc.com>, 
	Ard Biesheuvel <ardb+tianocore@kernel.org>, Sami Mujawar <sami.mujawar@arm.com>, 
	Vitaly Cheptsov <vit9696@protonmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Thu, 20 Apr 2023 at 17:24, Marvin Ha=CC=88user <mhaeuser@posteo.de> wrot=
e:
>
> As the ASM_FUNC() macro performs a section switch, the preceding
> .balign directive applies the alignment constraint to the current
> location in the previous section. As the linker may not merge the
> sections in-order, ArmReplaceLiveTranslationEntry() may be left
> unaligned.
>
> Replace the explicit invocation of .balign with the ASM_FUNC_ALIGN()
> macro, which guarantees the alignment constraint is applied correctly.
> To make sure related issues are reliably caught in the future, align the
> end of the function before checking the total occupied size. This
> ensures crossing a 0x200 boundary will cause a compilation error.
>
> Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
> Signed-off-by: Marvin H=C3=A4user <mhaeuser@posteo.de>
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Vitaly Cheptsov <vit9696@protonmail.com>

Thanks. I've queued these up as #4291


> ---
>  .../ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S      | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S b/A=
rmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S
> index e936a5be4e11..887439bc042f 100644
> --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S
> +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S
> @@ -69,17 +69,16 @@
>  .L2_\@:
>    .endm
>
> -  // Align this routine to a log2 upper bound of its size, so that it is
> -  // guaranteed not to cross a page or block boundary.
> -  .balign 0x200
> -
>  //VOID
>  //ArmReplaceLiveTranslationEntry (
>  //  IN  UINT64  *Entry,
>  //  IN  UINT64  Value,
>  //  IN  UINT64  Address
>  //  )
> -ASM_FUNC(ArmReplaceLiveTranslationEntry)
> +//
> +// Align this routine to a log2 upper bound of its size, so that it is
> +// guaranteed not to cross a page or block boundary.
> +ASM_FUNC_ALIGN(ArmReplaceLiveTranslationEntry, 0x200)
>
>    // disable interrupts
>    mrs   x4, daif
> @@ -101,5 +100,8 @@ ASM_GLOBAL ASM_PFX(ArmReplaceLiveTranslationEntrySize=
)
>  ASM_PFX(ArmReplaceLiveTranslationEntrySize):
>    .long   . - ArmReplaceLiveTranslationEntry
>
> -  // Double check that we did not overrun the assumed maximum size
> +  // Double check that we did not overrun the assumed maximum size or cr=
oss a
> +  // 0x200 boundary (and thus implicitly not any larger power of two, in=
cluding
> +  // the page size).
> +  .balign 0x200
>    .org    ArmReplaceLiveTranslationEntry + 0x200
> --
> 2.40.0
>