From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from nat-hk.nvidia.com (nat-hk.nvidia.com [203.18.50.4]) by mx.groups.io with SMTP id smtpd.web10.14731.1585151313658604590 for ; Wed, 25 Mar 2020 08:48:34 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@nvidia.com header.s=n1 header.b=ntclU5t9; spf=pass (domain: nvidia.com, ip: 203.18.50.4, mailfrom: ashishsingha@nvidia.com) Received: from hkpgpgate102.nvidia.com (Not Verified[10.18.92.100]) by nat-hk.nvidia.com (using TLS: TLSv1.2, DES-CBC3-SHA) id ; Wed, 25 Mar 2020 23:48:31 +0800 Received: from HKMAIL104.nvidia.com ([10.18.16.13]) by hkpgpgate102.nvidia.com (PGP Universal service); Wed, 25 Mar 2020 08:48:31 -0700 X-PGP-Universal: processed; by hkpgpgate102.nvidia.com on Wed, 25 Mar 2020 08:48:31 -0700 Received: from HKMAIL104.nvidia.com (10.18.16.13) by HKMAIL104.nvidia.com (10.18.16.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 25 Mar 2020 15:48:31 +0000 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.170) by HKMAIL104.nvidia.com (10.18.16.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 25 Mar 2020 15:48:30 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IlcLZvgJQ2x/6N+suLxjcfZqBIU2sjxcQTHlGDRhBYM2li+18bH4ak3Wy5VTvTMXVFXOHRL/SvnGJk35nwEF0M5LdclqDOYR5JkaISdSUgkTqxHu81QvU3JIj0dELM3p3bOCmHK+q+5qF+eB8CaeBw9IoBnbBHh3MWTAPVFApvqEFhGdEIS7dF9M6JxIU0hzQTEhJ2l0skv7q5AbAWimrlIrTVSTznz3eKCccR49SIOgjQO4M7pf44r9s1p7JhqG0QHssZIBt2c2LH5HDs4eBCffvV0tL17HKlFsbrDlvw0czZYWrZGGOd+sOhWPOAaAYq35rQYlEdUImEhzIiDxdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dRHYH86rD7l16v+ToBIRDJHHXOEtP1TroCivA1KG7ec=; b=g1MFHK3YS7aF/44yR2bcxQuDS2hmcfOTwlV4XSldkHqpMwxg2HnsaiHrRjARsp/FMnEYhsujhiBVYM4M8k/kWCg+CJCJYnr5AUwwQ8GGdZvzZK65LkiGTKVW63BE9LFzuajCwKJxQ1AOFOnKTb44R2guQfP0RfbNZ4uQdyY/yATB2o9umwQXY1N4jkoRdMRzXi9+0DU7yM2T4q7SojtNC42rEJCKBRUO9aZHjO4G4lPntXJJrLzlj340f2BpqTlTQaftciJ7033l1O0m5UgUis/1e3h5mi/sTg53eSsNImNcV1Xj4fxrAtE9TJUwBnc1WIZwUlHkXzZiRwx+4Kn0xQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none Received: from MW3PR12MB4457.namprd12.prod.outlook.com (2603:10b6:303:2e::20) by MW3SPR01MB0001.namprd12.prod.outlook.com (2603:10b6:303:40::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2856.18; Wed, 25 Mar 2020 15:48:26 +0000 Received: from MW3PR12MB4457.namprd12.prod.outlook.com ([fe80::d477:5c8e:2e4e:5481]) by MW3PR12MB4457.namprd12.prod.outlook.com ([fe80::d477:5c8e:2e4e:5481%4]) with mapi id 15.20.2835.023; Wed, 25 Mar 2020 15:48:26 +0000 From: "Ashish Singhal" To: Ard Biesheuvel , "devel@edk2.groups.io" CC: Laszlo Ersek , Leif Lindholm Subject: Re: [PATCH v3 0/3] ArmPkg/ArmMmuLib AARCH64: correctness fix Thread-Topic: [PATCH v3 0/3] ArmPkg/ArmMmuLib AARCH64: correctness fix Thread-Index: AQHWArpc3y3E9OzwfEuAwfRMYW/WdKhZdAoA Date: Wed, 25 Mar 2020 15:48:26 +0000 Message-ID: References: <20200325152940.1492-1-ard.biesheuvel@linaro.org> In-Reply-To: <20200325152940.1492-1-ard.biesheuvel@linaro.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=ashishsingha@nvidia.com; x-originating-ip: [216.228.112.22] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f0fe8ea6-521f-46d7-7b77-08d7d0d3f526 x-ms-traffictypediagnostic: MW3SPR01MB0001: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 0353563E2B x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(39860400002)(396003)(136003)(346002)(376002)(366004)(71200400001)(76116006)(26005)(66446008)(52536014)(66476007)(19627405001)(5660300002)(64756008)(186003)(86362001)(66556008)(316002)(66946007)(4326008)(110136005)(54906003)(81156014)(81166006)(9686003)(8936002)(478600001)(33656002)(55016002)(2906002)(53546011)(8676002)(6506007)(7696005);DIR:OUT;SFP:1101;SCL:1;SRVR:MW3SPR01MB0001;H:MW3PR12MB4457.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords; received-spf: None (protection.outlook.com: nvidia.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 0/Uaxh4JPQ3PUfi89VOwSctoE7A5oOnaU7DNTFhFXqKVZfc7fBwLxQ6Dr8SCQrrHX3WvvELWpRRLWfgXTvdGfBgjw5FLgzT56OFYZwTIbFnaqCjykdRv0sJG7lXOddvKxixZkdqInLTm4nj+W5lHb7VzINIftyIyooRazMbw1CjZbTMSgrnekhahRHyrC/BXSEPPc/kDK4i8O2vvhKjhNcVJ339s6O0V4rJF3INRr9hCZT3tqLyUTJgrH2tRFNyb5QNBcPZKi2NzBidpP+Dxl2D2zlb4cYZcGpV1/3VUIF+j7y3TL+8XBZT2VlBRPRhmWwAvcVMp27/24fs9GwopRM/vFLZRIbndy7d+Afr/ELnCppAGPWwla7kaQUpbEsvAMdXLAsmLKmskWnAeXmEW/CV4nO4arpnJ3Eeo5XovF7G3qDpg2bR4mPommU6xwyml x-ms-exchange-antispam-messagedata: TjnOmjy8qFE+bMnapS8lLWTfkTUVQSCpM3CuKJMB51gSOexoQOyCydJmxhklZ5BpD/BPuKci9D2oAk/uzexMU1MIMcyYqHGBCaBsE23zNbz3PQAJ2K8HI4aRvbv9P9ODGXgllHsxLHtdjDIoMdYnRQ== x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: f0fe8ea6-521f-46d7-7b77-08d7d0d3f526 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2020 15:48:26.4596 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BUOXynWbC/sl1CJKzsOGYGZauNzwX3SU+xGzZ8YZJM3WdBlthkiBCp4P4xro9zIubzU8tjIByJ9W4tXOLYmwtA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3SPR01MB0001 Return-Path: ashishsingha@nvidia.com X-OriginatorOrg: Nvidia.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nvidia.com; s=n1; t=1585151311; bh=S8zBpZ/y4tttDz7oO1CLnRILMV2f5UMv/lZlh3miGcU=; h=X-PGP-Universal:ARC-Seal:ARC-Message-Signature: ARC-Authentication-Results:From:To:CC:Subject:Thread-Topic: Thread-Index:Date:Message-ID:References:In-Reply-To: Accept-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: authentication-results:x-originating-ip:x-ms-publictraffictype: x-ms-office365-filtering-correlation-id:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-ms-oob-tlc-oobclassifiers: x-forefront-prvs:x-forefront-antispam-report:received-spf: x-ms-exchange-senderadcheck:x-microsoft-antispam: x-microsoft-antispam-message-info: x-ms-exchange-antispam-messagedata:x-ms-exchange-transport-forked: MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-CrossTenant-userprincipalname: X-MS-Exchange-Transport-CrossTenantHeadersStamped:X-OriginatorOrg: Content-Language:Content-Type; b=ntclU5t99gCNs4bQG42xfb9uJVhTPVD+CydVWvw43xy5P1cXcJFYwsquo5rKGwWkd GQ67uNVGszZx5u5fa11OjCIm8teZxan+VSHFWMUPCM7vr1e1gQ3kNl0eTmA39aCAbI VygZLqrDnILcPB0jtnvmkWDUMTaCQ1/f7hJbxHuuhWHM4PCDmatcfyL2Xd4XHF7xIJ VVFcMD9dM0/SgM14fPhY6ZH3M9TVoRGyzID24bLh/qGqG3GJ22z9LV1UUPLfeo8Ebl +bpu8Jo3CLkti+9L+At7af8Tx+55IO/cDQPZWk/iZkCXNa5JiqGfpCjnG60buL4g9+ Y/D6pJnbXyvTA== Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MW3PR12MB4457146698CD2CC5A884A82CBACE0MW3PR12MB4457namp_" --_000_MW3PR12MB4457146698CD2CC5A884A82CBACE0MW3PR12MB4457namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Patch set version 3 looks good to me. I have reviewed and tested the chan= ges locally. Reviewed-by: Ashish Singhal Tested-by: Ashish Singhal Thanks Ashish ________________________________ From: Ard Biesheuvel Sent: Wednesday, March 25, 2020 9:29 AM To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Laszlo Ersek ; Leif Lindholm ; Ashish Singhal Subject: [PATCH v3 0/3] ArmPkg/ArmMmuLib AARCH64: correctness fix External email: Use caution opening links or attachments The new ArmMmuLib code is easier to reason about, so that is what I did: currently, when we create mappings that cover existing table entries, we may end up overwriting those with block entries without taking the mappin= g attributes of the original table entries into account. So let's fix this.= I honestly don't know whether the original code was better at dealing wit= h this: I do remember some changes from Heyi that may have been related, bu= t the old code is not easy to follow. In any case, I didn't manage to hit t= his case in practice, given that we typically start out with large mappings, = and break them down later (to set permissions), rather than the other way aro= und. Patch #1 adds some helpers to hide the insane way the type bits change meaning when you change to level 3. Patch #2 ensures that we only replace (and free) table entries with block= entries if it is guaranteed that doing so will not lose any attribute information. Changes since v2: - add patch to limit recursion to levels < 3 in FreePageTablesRecursive()= Changes since v1: - zero newly allocated pages before splitting a block entry into a table =20 entry, to avoid garbage in that page being misidentified as entry typ= e =20 attributes - this should fix the crash observed by Laszlo Cc: Laszlo Ersek Cc: Leif Lindholm Cc: Ashish Singhal Ard Biesheuvel (3): =20 ArmPkg/ArmMmuLib AARCH64: limit recursion when freeing page tables =20 ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry types =20 ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a table =20 entry =20.../Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 83 +++++++++++++++----= =201 file changed, 68 insertions(+), 15 deletions(-) -- 2.17.1 -------------------------------------------------------------------------= ---------- This email message is for the sole use of the intended recipient(s) and m= ay contain confidential information. Any unauthorized review, use, disclosure or di= stribution is prohibited. If you are not the intended recipient, please contact the= =20sender by reply email and destroy all copies of the original message. -------------------------------------------------------------------------= ---------- --_000_MW3PR12MB4457146698CD2CC5A884A82CBACE0MW3PR12MB4457namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Patch set version 3 looks good to me. I have reviewed and tested the chan= ges locally.

Reviewed-by: =20Ashish Singhal <ashishsingha@nvidia.com>
Tested-by: =20Ashish Singhal <ashishsingha@nvidia.com>

Thanks
Ashish
From: Ard Biesheuvel &l= t;ard.biesheuvel@linaro.org>
Sent: Wednesday, March 25, 2020 9:29 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek= =20<lersek@redhat.com>; Leif Lindholm <leif@nuviainc.com>; As= hish Singhal <ashishsingha@nvidia.com>
Subject: [PATCH v3 0/3] ArmPkg/ArmMmuLib AARCH64: correctness fix<= /font>
 
External email: Use caution opening links or att= achments


The new ArmMmuLib code is easier to reason about, so that is what I did:<= br> currently, when we create mappings that cover existing table entries, we<= br> may end up overwriting those with block entries without taking the mappin= g
attributes of the original table entries into account. So let's fix this.=

I honestly don't know whether the original code was better at dealing wit= h
this: I do remember some changes from Heyi that may have been related, bu= t
the old code is not easy to follow. In any case, I didn't manage to hit t= his
case in practice, given that we typically start out with large mappings, = and
break them down later (to set permissions), rather than the other way aro= und.

Patch #1 adds some helpers to hide the insane way the type bits change meaning when you change to level 3.

Patch #2 ensures that we only replace (and free) table entries with block=
entries if it is guaranteed that doing so will not lose any attribute
= information.

Changes since v2:
- add patch to limit recursion to levels < 3 in FreePageTablesRecursiv= e()

Changes since v1:
- zero newly allocated pages before splitting a block entry into a table<= br>   entry, to avoid garbage in that page being misidentified as entry = type
  attributes - this should fix the crash observed by Laszlo

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ashish Singhal <ashishsingha@nvidia.com>

Ard Biesheuvel (3):
  ArmPkg/ArmMmuLib AARCH64: limit recursion when freeing page tables=
  ArmPkg/ArmMmuLib AARCH64: use helpers to determine table entry typ= es
  ArmPkg/ArmMmuLib AARCH64: preserve attributes when replacing a tab= le
    entry

 .../Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 83 +++&= #43;+++++++++++----
 1 file changed, 68 insertions(+), 15 deletions(-)

--
2.17.1

This email message is for the sole use of the intended recipient(s) = and may=20 contain confidential information.  Any unauthorized review, use, dis= closure=20 or distribution is prohibited.  If you are not the intended recipien= t,=20 please contact the sender by reply email and destroy all copies of the or= iginal=20 message.
--_000_MW3PR12MB4457146698CD2CC5A884A82CBACE0MW3PR12MB4457namp_--