From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-vk0-x243.google.com (mail-vk0-x243.google.com [IPv6:2607:f8b0:400c:c05::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id BEF468038D for ; Mon, 13 Mar 2017 01:43:11 -0700 (PDT) Received: by mail-vk0-x243.google.com with SMTP id t8so4538307vke.0 for ; Mon, 13 Mar 2017 01:43:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=/zIXF8HsMwyICQV3uvFVxx7yFzAQoMHd7/4bxbaOHQY=; b=g3A5ynQ+oMh8FJ2Uini0+5rugtpf/qDkfxb8oFaTB0f6SrszRgK1HqUH574ILMVQJQ 0p13NHoVzQDLNm6wKFQ3nZ/QjOz7k0Hhkl4Zu4ju6Db1QLDkakWSDql7qg3Kc8YEzQQS brH3FnkdqU2fymaOAApUTYUCywNgOWBuEUBvv8RU8z8dH+OePQyPXjusOD2QsZ/Jkhqx CQkJ7To30OOuAkxlc0lNefXNe6Q1qKWoJoe+sta+vMiv3i+gXKHSwDc2eiZGNX5o/hn8 GRlpF00Asz56qAYueSl3h5LBy5fx8S3EJMJt0HT8t09DbKAu0Jv7+tMKxH8bhmA3aBlC HUzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=/zIXF8HsMwyICQV3uvFVxx7yFzAQoMHd7/4bxbaOHQY=; b=kAWy9RAWmGAfXGza4IPzAtLsqBkZO5auJgX+Fwfp2IWhWtkAe+O4zTv0vJ1fTicQ4+ 5ZdYTMn9VYFLjL5wJtw5fWx9f8m+bQMUXnyEPiIvFxwXIt1m352jdYAgRQOWExkV/qRf mgh7Wqvgx/oKy8iJH046YeYJY2YI8Krg/G6oU63TMBwILyujJ4XUls2GiKNOm8HQNn3T RssSiZjihPSzxqN5o225FSZzQ9KLb0wjsgH5TA0F5AxmL4Qn59CDPShd8SHxbLymrFA0 8WWiVhgOS7H73tQYEpWkOHGpfk6rBXKs38jnZC6p8IUaF7j7bRJ818eTrNjIZ018JpaQ x7ig== X-Gm-Message-State: AMke39lXiJxmSOQ02SDNf25BHJ7gYRV/od9J7tFEFLDsE/gdCHLRHS6gncoVvUZLOIBk/CSPOmAHrjFx+XTM9A== X-Received: by 10.31.89.197 with SMTP id n188mr11694715vkb.58.1489394590672; Mon, 13 Mar 2017 01:43:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.31.151.68 with HTTP; Mon, 13 Mar 2017 01:43:10 -0700 (PDT) In-Reply-To: <9677ecfd-ab2a-71ea-54e8-b30e6510b202@redhat.com> References: <1488206291-25768-1-git-send-email-ard.biesheuvel@linaro.org> <9677ecfd-ab2a-71ea-54e8-b30e6510b202@redhat.com> From: Michael Zimmermann Date: Mon, 13 Mar 2017 09:43:10 +0100 Message-ID: To: Laszlo Ersek Cc: Ard Biesheuvel , Leif Lindholm , "Tian, Feng" , "edk2-devel@lists.01.org" , "afish@apple.com" , "Gao, Liming" , "Yao, Jiewen" , "Kinney, Michael D" , "Zeng, Star" Subject: Re: [PATCH v4 0/7] MdeModulePkg/DxeCore: increased memory protection X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2017 08:43:12 -0000 Content-Type: text/plain; charset=UTF-8 I fail to get this working on my target. I've enabled the following Pcd's like in ArmVirt: gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1 gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE but apparently, DxeCore removes the executable permission from it's own code. after the BL instruction of the call to gCpu->SetMemoryAttributes I get an instruction permission fault: InitializeDxeNxMemoryProtectionPolicy: applying strict permissions to active memory regions SetUefiImageMemoryAttributes - 0x0000000080200000 - 0x0000000008C00000 (0x0000000000004000) SetUefiImageMemoryAttributes - 0x0000000089000000 - 0x0000000004A00000 (0x0000000000004000) SetUefiImageMemoryAttributes - 0x000000008EC00000 - 0x0000000000400000 (0x0000000000004000) SetUefiImageMemoryAttributes - 0x000000008F700000 - 0x0000000000700000 (0x0000000000004000) SetUefiImageMemoryAttributes - 0x000000008FF00000 - 0x000000006E095000 (0x0000000000004000) SetUefiImageMemoryAttributes - 0x00000000FDFB9000 - 0x0000000000047000 (0x0000000000004000) SetUefiImageMemoryAttributes - 0x00000000FE400000 - 0x0000000001C00000 (0x0000000000004000) Prefetch Abort Exception PC at 0xFEEA630E CPSR 0x20000033 nzCveaifT_svc Build/LittleKernelPkg/DEBUG_GCC5/ARM/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll loaded at 0xFEEA4000 (PE/COFF offset) 0x230E (ELF or Mach-O offset) 0x130E 0xBF00 IT EQ R0 0x00000000 R1 0x01C00000 R2 0x00000000 R3 0x00000000 R4 0x00000000 R5 0x00026000 R6 0x00000000 R7 0xFE000214 R8 0x80000000 R9 0xFE400000 R10 0xFFFEF000 R11 0x00000004 R12 0x00000002 SP 0xFFFFEBA0 LR 0xFDF98B4D PC 0xFEEA630E DFSR 0x00000000 DFAR 0x00000000 IFSR 0x0000000D IFAR 0xFEEA630E Instruction Permission fault on Section at 0xFEEA630E ASSERT [ArmCpuDxe] ArmPkg/Library/DefaultExceptionHandlerLib/Arm/DefaultExceptionHandler.c(268): ((BOOLEAN)(0==1)) ---- so did I miss anything? Thanks Michael On Wed, Mar 1, 2017 at 12:46 AM, Laszlo Ersek wrote: > On 02/28/17 11:59, Ard Biesheuvel wrote: >> On 28 February 2017 at 10:52, Ard Biesheuvel wrote: >>> On 28 February 2017 at 10:46, Laszlo Ersek wrote: > >>>> I regression-tested this series for x86 / OVMF as under v3, with the zero PCD default, and experienced no issues. >>>> >>>> However, v4 breaks booting Fedora 24 on my Mustang (aarch64/KVM): > >>> Hmm, that is disappointing. This is probably due to GRUB's modular >>> nature, which means it allocates memory and loads executable code into >>> it, under the assumption that memory is always executable in UEFI. >>> >>> The short term fix is to remove the NX bit from LoaderData regions, >>> but in the mean time, I will work with Leif to get this fixed properly >>> (assuming there is a proper way to fix this) >>> >> >> Care to have a quick go at using 0xC000000000007FD1 instead? (if you >> are not already doing so) > > > With the following patch on top: > >> commit ef6be33275e45045a15201a15a2be26e6fbabcaa >> Author: Laszlo Ersek >> Date: Wed Mar 1 00:06:37 2017 +0100 >> >> ArmVirtPkg: remove the NX bit from LoaderData regions >> >> msgid >> >> Suggested-by: Ard Biesheuvel >> Contributed-under: TianoCore Contribution Agreement 1.0 >> Signed-off-by: Laszlo Ersek >> >> diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc >> index 23b601a199ed..4d3ae5d0bc80 100644 >> --- a/ArmVirtPkg/ArmVirt.dsc.inc >> +++ b/ArmVirtPkg/ArmVirt.dsc.inc >> @@ -386,7 +386,7 @@ [PcdsFixedAtBuild.AARCH64] >> # Enable NX memory protection for all non-code regions, including OEM and OS >> # reserved ones. >> # >> - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5 >> + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1 >> >> [Components.common] >> # > > all three guests mentioned previously boot okay. > > (I also made sure that the "applying strict permissions..." messages showed up in the firmware log for each.) > > Thanks > Laszlo > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel